Merge branch '273155-recursive' into 'main'v3.28.2

Detect maven/gradle wrapper in sub directory See merge request gitlab-org/security-products/analyzers/license-finder!15
author: mo khan <mo.khan@gmail.com> 2020-11-10 01:30:35 +0000
committer: mo khan <mo.khan@gmail.com> 2020-11-10 01:30:35 +0000
commit: 1bc270fea3b352b44dfcef3fe16e97a2bbd4d7a5 (patch)
tree: 8f61c9dccbd468de456e516113e9d6f289a7a157 /lib
parent: f8200b265f63173c9b8d0b26470b449f512dbd17 (diff)
parent: 82338d974f42149e70f9163567940453f8f18b79 (diff)
7 files changed, 30 insertions, 24 deletions
diff --git a/lib/license/finder/ext/gradle.rb b/lib/license/finder/ext/gradle.rb
index a683207..9b992ce 100644
--- a/lib/license/finder/ext/gradle.rb
+++ b/lib/license/finder/ext/gradle.rb
@@ -18,7 +18,7 @@ module LicenseFinder
     end
 
     def package_management_command
-      wrapper? ? './gradlew' : :gradle
+      wrapper? ? project_path.join('gradlew') : :gradle
     end
 
     private
diff --git a/lib/license/finder/ext/maven.rb b/lib/license/finder/ext/maven.rb
index ae8c9a2..ed78f07 100644
--- a/lib/license/finder/ext/maven.rb
+++ b/lib/license/finder/ext/maven.rb
@@ -10,6 +10,10 @@ module LicenseFinder
       }
     }.freeze
 
+    def active?
+      project_path.join('pom.xml').exist?
+    end
+
     def prepare
       within_project_path do
         tool_box.install(tool: :java, version: java_version, env: default_env)
@@ -38,9 +42,8 @@ module LicenseFinder
     end
 
     def detect_licenses_command
-      mvn_wrapper = project_path.join('mvnw')
       [
-        mvn_wrapper.exist? ? mvn_wrapper : :mvn,
+        package_management_command,
         "-e",
         "org.codehaus.mojo:license-maven-plugin:aggregate-download-licenses",
         "-Dlicense.excludedScopes=#{@ignored_groups.to_a.join(',')}",
@@ -59,5 +62,13 @@ module LicenseFinder
         .xml_in(xml, XML_PARSE_OPTIONS)['dependencies']
         .map { |dependency| Dependency.from(MavenPackage.new(dependency), detected_package_path) }
     end
+
+    def package_management_command
+      wrapper? ? project_path.join('mvnw') : :mvn
+    end
+
+    def wrapper?
+      project_path.join('mvnw').exist?
+    end
   end
 end
diff --git a/lib/license/finder/ext/npm.rb b/lib/license/finder/ext/npm.rb
index e245d72..18af4a7 100644
--- a/lib/license/finder/ext/npm.rb
+++ b/lib/license/finder/ext/npm.rb
@@ -11,7 +11,7 @@ module LicenseFinder
         tool_box.install(tool: :nodejs, env: default_env)
 
         if lockfile?
-          shell.execute([:npm, :ci, "--production"], env: default_env)
+          shell.execute([:npm, :ci, "--production"], env: default_env, capture: false)
         else
           shell.execute([:npm, :install, '--no-save', "--production"], env: default_env)
         end
diff --git a/lib/license/finder/ext/pip.rb b/lib/license/finder/ext/pip.rb
index 7ab8d4d..b47080e 100644
--- a/lib/license/finder/ext/pip.rb
+++ b/lib/license/finder/ext/pip.rb
@@ -54,7 +54,7 @@ module LicenseFinder
       within_project_path do
         tool_box.install(tool: :python, version: python_version, env: default_env)
 
-        shell.execute(["/opt/asdf/installs/python/#{python_version}/bin/virtualenv", '-p', 'python', '--activators=bash --seeder=app-data .venv'])
+        shell.execute([:virtualenv, '-p', 'python', '--activators=bash', '--seeder=app-data', '.venv'], capture: false)
         shell.sh([". .venv/bin/activate", "&&", 'pip', 'install', '-v', '-r', @requirements_path], env: default_env)
       end
     end
diff --git a/lib/license/management/shell.rb b/lib/license/management/shell.rb
index e4fd35a..6a6f0b6 100644
--- a/lib/license/management/shell.rb
+++ b/lib/license/management/shell.rb
@@ -17,7 +17,9 @@ module License
         mono: '/opt/asdf/installs/mono/6.8.0.123/bin/mono',
         mvn: '/opt/asdf/bin/asdf exec mvn',
         nuget: '/opt/asdf/installs/mono/6.8.0.123/bin/nuget.exe',
+        pip: '/opt/asdf/bin/asdf exec pip',
         ruby: '/opt/asdf/bin/asdf exec ruby',
+        virtualenv: '/opt/asdf/bin/asdf exec virtualenv',
         yarn: '/opt/asdf/bin/asdf exec yarn'
       }.freeze
 
@@ -31,14 +33,15 @@ module License
         trust!(certificate) if present?(certificate)
       end
 
-      def execute(command, env: {})
+      def execute(command, env: {}, capture: true)
         expanded_command = expand(command)
-        collapsible_section(expanded_command) do
-          logger.debug(expanded_command)
-          stdout, stderr, status = Open3.capture3(default_env.merge(env), expanded_command)
-          record(stdout, stderr, status)
-          [stdout, stderr, status]
-        end
+        expanded_env = default_env.merge(env)
+        return system(expanded_env, expanded_command) unless capture
+
+        logger.debug(expanded_command)
+        stdout, stderr, status = Open3.capture3(expanded_env, expanded_command)
+        record(stdout, stderr, status)
+        [stdout, stderr, status]
       end
 
       def sh(command, env: {})
@@ -85,14 +88,6 @@ module License
       def flush(message, severity)
         logger.add(severity, message) if present?(message)
       end
-
-      def collapsible_section(header)
-        id = header.downcase.gsub(/[[:space:]]/, '_').gsub(/[^0-9a-z ]/i, '_')
-        logger.debug("\nsection_start:#{Time.now.to_i}:#{id}\r\e[0K#{header}")
-        yield
-      ensure
-        logger.debug("\nsection_end:#{Time.now.to_i}:#{id}\r\e[0K")
-      end
     end
   end
 end
diff --git a/lib/license/management/tool_box.rb b/lib/license/management/tool_box.rb
index ddfd222..6906cb5 100644
--- a/lib/license/management/tool_box.rb
+++ b/lib/license/management/tool_box.rb
@@ -17,17 +17,17 @@ module License
           deb = deb_for(tool, version)
           if deb&.exist?
             ::License::Management.logger.error("Installing #{deb} ...")
-            shell.execute([:dpkg, '-i', deb])
+            shell.execute([:dpkg, '-i', deb], capture: false)
           else
             ::License::Management.logger.error("Installing #{version} via asdf ...")
             shell.execute([:asdf, "plugin-update", tool.to_s], env: env)
             shell.execute(['/opt/asdf/plugins/nodejs/bin/import-release-team-keyring']) if tool == :nodejs
           end
-          shell.execute([:asdf, :install, tool.to_s, version], env: env)
+          install_common_libraries(env: env) if C_BASED_TOOLS.include?(tool.to_sym)
+          shell.execute([:asdf, :install, tool.to_s, version], env: env, capture: false)
           shell.execute([:asdf, :local, tool.to_s, version], env: env)
           shell.execute([:asdf, :reshim], env: env)
         end
-        install_common_libraries(env: env) if C_BASED_TOOLS.include?(tool.to_sym)
         install_certificates_into_java_keystore(env, version) if tool == :java
       end
 
diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb
index 2965174..1645717 100644
--- a/lib/license/management/version.rb
+++ b/lib/license/management/version.rb
@@ -2,6 +2,6 @@
 
 module License
   module Management
-    VERSION = '3.28.1'
+    VERSION = '3.28.2'
   end
 end
author	mo khan <mo.khan@gmail.com>	2020-11-10 01:30:35 +0000
committer	mo khan <mo.khan@gmail.com>	2020-11-10 01:30:35 +0000
commit	1bc270fea3b352b44dfcef3fe16e97a2bbd4d7a5 (patch)
tree	8f61c9dccbd468de456e516113e9d6f289a7a157 /lib
parent	f8200b265f63173c9b8d0b26470b449f512dbd17 (diff)
parent	82338d974f42149e70f9163567940453f8f18b79 (diff)