diff options
| -rw-r--r-- | CHANGELOG.md | 4 | ||||
| -rw-r--r-- | Gemfile.lock | 6 | ||||
| -rw-r--r-- | lib/license/finder/ext/bower.rb | 2 | ||||
| -rw-r--r-- | lib/license/finder/ext/bundler.rb | 9 | ||||
| -rw-r--r-- | lib/license/finder/ext/cargo.rb | 2 | ||||
| -rw-r--r-- | lib/license/finder/ext/composer.rb | 2 | ||||
| -rw-r--r-- | lib/license/finder/ext/conan.rb | 4 | ||||
| -rw-r--r-- | lib/license/finder/ext/dotnet.rb | 2 | ||||
| -rw-r--r-- | lib/license/finder/ext/go_modules.rb | 2 | ||||
| -rw-r--r-- | lib/license/finder/ext/npm.rb | 4 | ||||
| -rw-r--r-- | lib/license/finder/ext/nuget.rb | 4 | ||||
| -rw-r--r-- | lib/license/finder/ext/package_manager.rb | 4 | ||||
| -rw-r--r-- | lib/license/finder/ext/pipenv.rb | 4 | ||||
| -rw-r--r-- | lib/license/finder/ext/yarn.rb | 2 | ||||
| -rw-r--r-- | lib/license/management/shell.rb | 11 | ||||
| -rw-r--r-- | lib/license/management/tool_box.rb | 18 | ||||
| -rw-r--r-- | lib/license/management/version.rb | 2 |
17 files changed, 42 insertions, 40 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 4eb614e..095fc71 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # GitLab License management changelog +## v3.28.3 + +- Stream `npm ci` output to log. (https://gitlab.com/gitlab-org/security-products/analyzers/license-finder/-/merge_requests/16) + ## v3.28.2 - Detect maven wrapper in nested directories. (https://gitlab.com/gitlab-org/security-products/analyzers/license-finder/-/merge_requests/15) diff --git a/Gemfile.lock b/Gemfile.lock index 42a271e..142e72f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,7 +8,7 @@ GIT PATH remote: . specs: - license-management (3.28.2) + license-management (3.28.3) license_finder (~> 6.7) spandx (~> 0.13) @@ -104,7 +104,7 @@ GEM plist (~> 3.1) systemu (~> 2.6.4) wmi-lite (~> 1.0) - oj (3.10.14) + oj (3.10.15) omnibus (7.0.13) aws-sdk-s3 (~> 1) chef-cleanroom (~> 1.0) @@ -202,7 +202,7 @@ GEM with_env (1.1.0) wmi-lite (1.0.5) xml-simple (1.1.5) - zeitwerk (2.4.0) + zeitwerk (2.4.1) zhexdump (0.0.2) PLATFORMS diff --git a/lib/license/finder/ext/bower.rb b/lib/license/finder/ext/bower.rb index 7013369..52e6a16 100644 --- a/lib/license/finder/ext/bower.rb +++ b/lib/license/finder/ext/bower.rb @@ -17,7 +17,7 @@ module LicenseFinder '--verbose', '--loglevel', :debug - ], env: default_env) + ], env: default_env, capture: false) end end diff --git a/lib/license/finder/ext/bundler.rb b/lib/license/finder/ext/bundler.rb index b8c755b..9c9c045 100644 --- a/lib/license/finder/ext/bundler.rb +++ b/lib/license/finder/ext/bundler.rb @@ -11,16 +11,15 @@ module LicenseFinder shell.execute([ :gem, :install, gem, '--no-document', - '--verbose', '--no-update-sources', '--ignore-dependencies', '--no-suggestions', '--local' - ], env: default_env) + ], env: default_env, capture: false) end - shell.execute([:asdf, :reshim], env: default_env) - shell.execute([:bundle, :config, '--local', :path, vendor_path], env: default_env) - shell.execute([:bundle, :install, '--verbose'], env: default_env) + shell.execute([:asdf, :reshim], env: default_env, capture: false) + shell.execute([:bundle, :config, '--local', :path, vendor_path], env: default_env, capture: false) + shell.execute([:bundle, :install], env: default_env, capture: false) end end diff --git a/lib/license/finder/ext/cargo.rb b/lib/license/finder/ext/cargo.rb index c957e0e..cc24c21 100644 --- a/lib/license/finder/ext/cargo.rb +++ b/lib/license/finder/ext/cargo.rb @@ -13,7 +13,7 @@ module LicenseFinder within_project_path do tool_box.install(tool: :rust) - shell.execute([:cargo, :fetch, '-vv'], env: default_env) + shell.execute([:cargo, :fetch, '-vv'], env: default_env, capture: false) end end diff --git a/lib/license/finder/ext/composer.rb b/lib/license/finder/ext/composer.rb index 993119c..6f00edb 100644 --- a/lib/license/finder/ext/composer.rb +++ b/lib/license/finder/ext/composer.rb @@ -17,7 +17,7 @@ module LicenseFinder '--no-progress', '--no-scripts', '--verbose' - ], env: default_env) + ], env: default_env, capture: false) end end diff --git a/lib/license/finder/ext/conan.rb b/lib/license/finder/ext/conan.rb index 780b205..90e7d9b 100644 --- a/lib/license/finder/ext/conan.rb +++ b/lib/license/finder/ext/conan.rb @@ -9,8 +9,8 @@ module LicenseFinder def prepare within_project_path do tool_box.install(tool: :python) - shell.execute([:conan, :install, '--build=missing', '.'], env: default_env) - shell.execute([:conan, :inspect, '.'], env: default_env) + shell.execute([:conan, :install, '--build=missing', '.'], env: default_env, capture: false) + shell.execute([:conan, :inspect, '.'], env: default_env, capture: false) end end diff --git a/lib/license/finder/ext/dotnet.rb b/lib/license/finder/ext/dotnet.rb index eebbbbd..e530ba4 100644 --- a/lib/license/finder/ext/dotnet.rb +++ b/lib/license/finder/ext/dotnet.rb @@ -24,7 +24,7 @@ module LicenseFinder '--no-cache', '--packages', vendor_path, '--verbosity', :normal - ]) + ], capture: false) end def current_packages diff --git a/lib/license/finder/ext/go_modules.rb b/lib/license/finder/ext/go_modules.rb index a0fcb96..8927f2c 100644 --- a/lib/license/finder/ext/go_modules.rb +++ b/lib/license/finder/ext/go_modules.rb @@ -10,7 +10,7 @@ module LicenseFinder within_project_path do tool_box.install(tool: :golang) - shell.execute([:go, :mod, :download, '-json']) + shell.execute([:go, :mod, :download, '-json'], capture: false) end end diff --git a/lib/license/finder/ext/npm.rb b/lib/license/finder/ext/npm.rb index 18af4a7..59244c9 100644 --- a/lib/license/finder/ext/npm.rb +++ b/lib/license/finder/ext/npm.rb @@ -13,7 +13,7 @@ module LicenseFinder if lockfile? shell.execute([:npm, :ci, "--production"], env: default_env, capture: false) else - shell.execute([:npm, :install, '--no-save', "--production"], env: default_env) + shell.execute([:npm, :install, '--no-save', "--production"], env: default_env, capture: false) end end end @@ -32,7 +32,7 @@ module LicenseFinder def npm_json stdout, _stderr, status = within_project_path do - shell.execute("npm list --json --long --production") + shell.execute([:npm, "list", "--json", "--long", "--production"]) end status.success? ? JSON.parse(stdout) : {} end diff --git a/lib/license/finder/ext/nuget.rb b/lib/license/finder/ext/nuget.rb index f292392..53fb32e 100644 --- a/lib/license/finder/ext/nuget.rb +++ b/lib/license/finder/ext/nuget.rb @@ -7,7 +7,7 @@ module LicenseFinder within_project_path do tool_box.install(tool: :mono) - shell.execute([:cert_sync, shell.default_certificate_path]) + shell.execute([:cert_sync, shell.default_certificate_path], capture: false) shell.execute([ :mono, :nuget, @@ -16,7 +16,7 @@ module LicenseFinder '-NoCache', '-PackagesDirectory', vendor_path, '-Verbosity', :normal - ]) + ], capture: false) end end diff --git a/lib/license/finder/ext/package_manager.rb b/lib/license/finder/ext/package_manager.rb index f90a8eb..837c805 100644 --- a/lib/license/finder/ext/package_manager.rb +++ b/lib/license/finder/ext/package_manager.rb @@ -19,7 +19,7 @@ module LicenseFinder return unless prepare_command within_project_path do - shell.execute(prepare_command) + shell.execute(prepare_command, capture: false) end end @@ -39,7 +39,7 @@ module LicenseFinder end def create_vendor_path - shell.execute([:mkdir, '-p', vendor_path]) unless vendor_path.exist? + shell.execute([:mkdir, '-p', vendor_path], capture: false) unless vendor_path.exist? end def within_project_path diff --git a/lib/license/finder/ext/pipenv.rb b/lib/license/finder/ext/pipenv.rb index 2dfad64..4641614 100644 --- a/lib/license/finder/ext/pipenv.rb +++ b/lib/license/finder/ext/pipenv.rb @@ -8,8 +8,8 @@ module LicenseFinder return unless pipfile? tool_box.install(tool: :python, version: python_version, env: default_env) - shell.execute([:asdf, :exec, :pipenv, '--python', python_version], env: default_env) - shell.execute([:asdf, :exec, :pipenv, :sync], env: default_env) + shell.execute([:asdf, :exec, :pipenv, '--python', python_version], env: default_env, capture: false) + shell.execute([:asdf, :exec, :pipenv, :sync], env: default_env, capture: false) end end diff --git a/lib/license/finder/ext/yarn.rb b/lib/license/finder/ext/yarn.rb index e56f7d1..7a18e35 100644 --- a/lib/license/finder/ext/yarn.rb +++ b/lib/license/finder/ext/yarn.rb @@ -16,7 +16,7 @@ module LicenseFinder :yarn, :install, '--ignore-engines', '--ignore-scripts', '--production' - ], env: default_env) + ], env: default_env, capture: false) end end diff --git a/lib/license/management/shell.rb b/lib/license/management/shell.rb index 6a6f0b6..c947a5c 100644 --- a/lib/license/management/shell.rb +++ b/lib/license/management/shell.rb @@ -16,6 +16,7 @@ module License keytool: '/opt/asdf/bin/asdf exec keytool', mono: '/opt/asdf/installs/mono/6.8.0.123/bin/mono', mvn: '/opt/asdf/bin/asdf exec mvn', + npm: '/opt/asdf/bin/asdf exec npm', nuget: '/opt/asdf/installs/mono/6.8.0.123/bin/nuget.exe', pip: '/opt/asdf/bin/asdf exec pip', ruby: '/opt/asdf/bin/asdf exec ruby', @@ -64,15 +65,15 @@ module License def trust!(certificate) custom_certificate_path.write(certificate) Dir.chdir custom_certificate_path.dirname do - execute([:awk, SPLIT_SCRIPT, '<', custom_certificate_path]) - execute('update-ca-certificates -v') + execute([:awk, SPLIT_SCRIPT, '<', custom_certificate_path], capture: false) + execute('update-ca-certificates -v', capture: false) Dir.glob('custom.*.crt').each do |path| - execute([:openssl, :x509, '-in', File.expand_path(path), '-text', '-noout']) + execute([:openssl, :x509, '-in', File.expand_path(path), '-text', '-noout'], capture: false) end end - execute([:cp, custom_certificate_path.to_s, "/usr/lib/ssl/certs/"]) - execute([:c_rehash, '-v']) + execute([:cp, custom_certificate_path.to_s, "/usr/lib/ssl/certs/"], capture: false) + execute([:c_rehash, '-v'], capture: false) end def present?(item) diff --git a/lib/license/management/tool_box.rb b/lib/license/management/tool_box.rb index 6906cb5..dc63f0e 100644 --- a/lib/license/management/tool_box.rb +++ b/lib/license/management/tool_box.rb @@ -16,17 +16,15 @@ module License Dir.chdir(project_path) do deb = deb_for(tool, version) if deb&.exist? - ::License::Management.logger.error("Installing #{deb} ...") shell.execute([:dpkg, '-i', deb], capture: false) else - ::License::Management.logger.error("Installing #{version} via asdf ...") - shell.execute([:asdf, "plugin-update", tool.to_s], env: env) - shell.execute(['/opt/asdf/plugins/nodejs/bin/import-release-team-keyring']) if tool == :nodejs + shell.execute([:asdf, "plugin-update", tool.to_s], env: env, capture: false) + shell.execute(['/opt/asdf/plugins/nodejs/bin/import-release-team-keyring'], capture: false) if tool == :nodejs end install_common_libraries(env: env) if C_BASED_TOOLS.include?(tool.to_sym) shell.execute([:asdf, :install, tool.to_s, version], env: env, capture: false) - shell.execute([:asdf, :local, tool.to_s, version], env: env) - shell.execute([:asdf, :reshim], env: env) + shell.execute([:asdf, :local, tool.to_s, version], env: env, capture: false) + shell.execute([:asdf, :reshim], env: env, capture: false) end install_certificates_into_java_keystore(env, version) if tool == :java end @@ -56,8 +54,8 @@ module License Dir.chdir(project_path) do return unless deb_for(tool, version)&.exist? - shell.execute([:dpkg, '-r', "#{tool}-#{version}"]) - shell.execute([:asdf, :reshim]) + shell.execute([:dpkg, '-r', "#{tool}-#{version}"], capture: false) + shell.execute([:asdf, :reshim], capture: false) end end @@ -124,8 +122,8 @@ module License Dir.chdir shell.custom_certificate_path.dirname do Dir.glob('custom.*.crt').each do |path| - shell.execute([:keytool, '-importcert', '-alias', Time.now.to_i, '-file', File.expand_path(path), '-trustcacerts', '-noprompt', '-storepass', 'changeit', '-keystore', keystore_path], env: env) - shell.execute([:keytool, '-list', '-v', '-storepass changeit', '-keystore', keystore_path], env: env) + shell.execute([:keytool, '-importcert', '-alias', Time.now.to_i, '-file', File.expand_path(path), '-trustcacerts', '-noprompt', '-storepass', 'changeit', '-keystore', keystore_path], env: env, capture: false) + shell.execute([:keytool, '-list', '-v', '-storepass changeit', '-keystore', keystore_path], env: env, capture: false) end end end diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index 1645717..7bd04dd 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '3.28.2' + VERSION = '3.28.3' end end |