Fix nuget specs

8 files changed, 57 insertions, 28 deletions

diff --git a/config/.config/NuGet/NuGet.Config b/config/.config/NuGet/NuGet.Config
index 5aacae8..449478c 100644
--- a/config/.config/NuGet/NuGet.Config
+++ b/config/.config/NuGet/NuGet.Config
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <configuration>
   <config>
-    <add key="repositoryPath" value="/root/.packages" />
+    <add key="repositoryPath" value="/root/.nuget/packages" />
   </config>
   <packageSources>
     <add key="nuget.org" value="https://api.nuget.org/v3/index.json" />
diff --git a/lib/license/management.rb b/lib/license/management.rb
index 37fe1a0..9003ab1 100644
--- a/lib/license/management.rb
+++ b/lib/license/management.rb
@@ -12,6 +12,36 @@ require 'license/management/version'
 
 # This applies a monkey patch to the JsonReport found in the `license_finder` gem.
 LicenseFinder::JsonReport.prepend(License::Management::Report)
+module LicenseFinder
+  class Nuget
+    def prepare_command
+      "mono /usr/local/bin/nuget.exe restore -Verbosity detailed"
+    end
+
+    def license_urls(dependency)
+      filename = "#{dependency.name}.#{dependency.version}.nupkg"
+      files = Dir["**/#{filename}"] +
+        Dir.glob(File.join(Dir.home, '.nuget', 'packages', '**', '**', filename.downcase))
+
+      return if files.empty?
+
+      Zip::File.open(files.first) do |zipfile|
+        Nuget.nuspec_license_urls(zipfile.read(dependency.name + '.nuspec'))
+      end
+    end
+  end
+
+  module SharedHelpers
+    class Cmd
+      def self.run(command)
+        stdout, stderr, status = Open3.capture3(command)
+        puts command
+        puts stdout
+        [stdout, stderr, status]
+      end
+    end
+  end
+end
 
 module License
   module Management
diff --git a/normalized-licenses.yml b/normalized-licenses.yml
index 5142e54..8b1c643 100644
--- a/normalized-licenses.yml
+++ b/normalized-licenses.yml
@@ -1,14 +1,14 @@
 ---
 ids:
+  AFLv2.1: AFL-2.1
   Apache1_1: Apache-1.1
   Apache 2.0: Apache-2.0
   Apache2: Apache-2.0
-  AFLv2.1: AFL-2.1
   Apache License v2.0: Apache-2.0
   ASL, version 2: Apache-2.0
   BSD: BSD-4-Clause
-  BSD style: BSD-3-Clause
   BSD-like: BSD-4-Clause
+  BSD style: BSD-3-Clause
   CC0 1.0 Universal: CC0-1.0
   CC01: CC0-1.0
   CDDL1: CDDL-1.0
@@ -21,6 +21,7 @@ ids:
   GPLv2: GPL-2.0
   GPLv3: GPL-3.0
   http://www.apache.org/licenses/LICENSE-2.0: Apache-2.0
+  http://www.opensource.org/licenses/mit-license.php: MIT
   ISC: ISC
   LGPL 2.1: LGPL-2.1
   LGPL2_1: LGPL-2.1
diff --git a/run.sh b/run.sh
index c919246..a3959cf 100755
--- a/run.sh
+++ b/run.sh
@@ -1,6 +1,7 @@
 #!/bin/bash -l
 
 set -euo pipefail
+cd "$2"
 
 BUNDLE_JOBS="$(nproc)"
 export BUNDLE_JOBS
@@ -10,7 +11,7 @@ export HISTFILESIZE=0
 export HISTSIZE=0
 export LICENSE_FINDER_CLI_OPTS=${LICENSE_FINDER_CLI_OPTS:-'--no-debug'}
 export LM_DEBUG=${LM_DEBUG:-}
-export LM_REPORT_FILE='gl-license-management-report.json'
+export LM_REPORT_FILE=${LM_REPORT_FILE:-'gl-license-management-report.json'}
 export PREPARE="--prepare-no-fail"
 export RUBY_GC_HEAP_INIT_SLOTS=800000
 export RUBY_GC_MALLOC_LIMIT=79000000
@@ -72,7 +73,6 @@ function prepare_dotnet() {
 }
 
 function prepare_project() {
-  cd "$1"
   if [[ -z ${SETUP_CMD:-} ]]; then
     asdf install
 
@@ -98,7 +98,7 @@ switch_to java "adopt-openjdk-${LM_JAVA_VERSION:-8}"
 # shellcheck source=/dev/null
 . "$ASDF_DATA_DIR/plugins/java/set-java-home.sh"
 
-prepare_project "$2"
+prepare_project
 [[ -n $LM_DEBUG ]] && debug_env
 scan_project "$PREPARE" \
   --format=json \
diff --git a/spec/fixtures/expected/csharp/nuget-dotnetcore/v2.0.json b/spec/fixtures/expected/csharp/nuget-dotnetcore/v2.0.json
index 920f7de..070401e 100644
--- a/spec/fixtures/expected/csharp/nuget-dotnetcore/v2.0.json
+++ b/spec/fixtures/expected/csharp/nuget-dotnetcore/v2.0.json
@@ -14,6 +14,12 @@
       "count": 2
     },
     {
+      "id": "MIT",
+      "name": "MIT License",
+      "url": "https://opensource.org/licenses/MIT",
+      "count": 2
+    },
+    {
       "id": "https://github.com/dotnet/corefx/blob/master/license.txt",
       "name": "https://github.com/dotnet/corefx/blob/master/LICENSE.TXT",
       "url": "",
@@ -32,18 +38,6 @@
       "count": 1
     },
     {
-      "id": "MIT",
-      "name": "MIT License",
-      "url": "https://opensource.org/licenses/MIT",
-      "count": 1
-    },
-    {
-      "id": "http://www.opensource.org/licenses/mit-license.php",
-      "name": "http://www.opensource.org/licenses/mit-license.php",
-      "url": "",
-      "count": 1
-    },
-    {
       "id": "https://raw.githubusercontent.com/antlr/antlrcs/master/license.txt",
       "name": "https://raw.githubusercontent.com/antlr/antlrcs/master/LICENSE.txt",
       "url": "",
@@ -120,7 +114,7 @@
         "./src/web.api"
       ],
       "licenses": [
-        "http://www.opensource.org/licenses/mit-license.php"
+        "MIT"
       ]
     },
     {
diff --git a/spec/integration/dotnet/nuget_spec.rb b/spec/integration/dotnet/nuget_spec.rb
index 3dce774..456bef7 100644
--- a/spec/integration/dotnet/nuget_spec.rb
+++ b/spec/integration/dotnet/nuget_spec.rb
@@ -70,11 +70,8 @@ RSpec.describe "nuget" do
 
       expect(report).not_to be_empty
       expect(report).to match_schema(version: '2.0')
-      # expect(report[:licenses].map { |x| x[:id] }.uniq).to match_array(['MIT'])
-      expect(report[:dependencies].map { |x| x[:name] }).to match_array([
-        "jive",
-        "MvcMailer",
-      ])
+      expect(find_in(report, 'jive')[:licenses]).to match_array(['MIT'])
+      expect(find_in(report, 'MvcMailer')[:licenses]).to match_array(['MIT'])
     end
   end
 
diff --git a/spec/support/shared.rb b/spec/support/shared.rb
index 8a7590b..a6aac67 100644
--- a/spec/support/shared.rb
+++ b/spec/support/shared.rb
@@ -2,14 +2,14 @@ RSpec.shared_examples "each report version" do |language, package_manager, branc
   [ '1.0', '1.1', '2.0' ].each do |version|
     context "when generating a `#{version}` report" do
       let(:url) { "https://gitlab.com/gitlab-org/security-products/tests/#{language}-#{package_manager}.git" }
+      let(:expected_content) { JSON.parse(fixture_file_content("expected/#{language}/#{package_manager}/v#{version}.json")) }
 
       it 'matches the expected report' do
         runner.clone(url, branch: branch)
-        report = runner.scan(env: { 'LM_REPORT_VERSION' => version })
+        actual = runner.scan(env: { 'LM_REPORT_VERSION' => version })
 
-        content = fixture_file_content("expected/#{language}/#{package_manager}/v#{version}.json")
-        expect(report).to eq(JSON.parse(content, symbolize_names: true))
-        expect(report).to match_schema(version: version)
+        expect(JSON.pretty_generate(actual)).to eq(JSON.pretty_generate(expected_content))
+        expect(actual).to match_schema(version: version)
       end
     end
   end
diff --git a/spec/unit/license/management/repository_spec.rb b/spec/unit/license/management/repository_spec.rb
index 6ebc09e..5531934 100644
--- a/spec/unit/license/management/repository_spec.rb
+++ b/spec/unit/license/management/repository_spec.rb
@@ -11,6 +11,13 @@ RSpec.describe License::Management::Repository do
           expect(subject.item_for(license)['id']).to eql(spdx_id)
         end
       end
+
+      it 'recognizes `http://www.opensource.org/licenses/mit-license.php`' do
+        url = 'http://www.opensource.org/licenses/mit-license.php'
+        license = LicenseFinder::License.new(short_name: url, matcher: LicenseFinder::License::NoneMatcher.new, url: url)
+
+        expect(subject.item_for(license)['id']).to eql('MIT')
+      end
     end
 
     context "when mapping a license that refers to nuget.org" do