diff options
| -rw-r--r-- | CHANGELOG.md | 4 | ||||
| -rw-r--r-- | Gemfile.lock | 2 | ||||
| -rw-r--r-- | lib/license/finder/ext/composer.rb | 14 | ||||
| -rw-r--r-- | lib/license/management/version.rb | 2 | ||||
| -rw-r--r-- | spec/fixtures/php/composer/unreachable-network/composer.json | 5 | ||||
| -rw-r--r-- | spec/fixtures/php/composer/unreachable-network/composer.lock | 62 | ||||
| -rw-r--r-- | spec/integration/php/composer_spec.rb | 12 |
7 files changed, 97 insertions, 4 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 9b34dcb..0933d60 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # GitLab License management changelog +## v3.20.0 + +- Fallback to parsing the `composer.lock` file when it is present (!200) + ## v3.19.5 - Fix failing dotnet tests. (!199) diff --git a/Gemfile.lock b/Gemfile.lock index c3dda98..6290ce0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,7 +8,7 @@ GIT PATH remote: . specs: - license-management (3.19.5) + license-management (3.20.0) license_finder (~> 6.6.0) GEM diff --git a/lib/license/finder/ext/composer.rb b/lib/license/finder/ext/composer.rb index e6b0733..1be4e2b 100644 --- a/lib/license/finder/ext/composer.rb +++ b/lib/license/finder/ext/composer.rb @@ -45,9 +45,12 @@ module LicenseFinder :licenses, '--format=json' ], env: default_env) - return [] unless status.success? + return from_lockfile unless status.success? - JSON.parse(stdout).fetch('dependencies', {}).map do |name, data| + dependencies = JSON.parse(stdout).fetch('dependencies', {}) + return from_lockfile if dependencies.empty? + + dependencies.map do |name, data| data.merge('name' => name) if data.is_a?(Hash) end.compact end @@ -72,5 +75,12 @@ module LicenseFinder ], env: default_env) status.success? ? stdout.split(' ').last : '' end + + def from_lockfile + return [] unless lockfile_path.exist? + + json = JSON.parse(lockfile_path.read) + json.fetch('packages', []) + end end end diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index 851642e..ac8abbd 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '3.19.5' + VERSION = '3.20.0' end end diff --git a/spec/fixtures/php/composer/unreachable-network/composer.json b/spec/fixtures/php/composer/unreachable-network/composer.json new file mode 100644 index 0000000..4c5e225 --- /dev/null +++ b/spec/fixtures/php/composer/unreachable-network/composer.json @@ -0,0 +1,5 @@ +{ + "require": { + "monolog/monolog": "1.0.*" + } +} diff --git a/spec/fixtures/php/composer/unreachable-network/composer.lock b/spec/fixtures/php/composer/unreachable-network/composer.lock new file mode 100644 index 0000000..73a6647 --- /dev/null +++ b/spec/fixtures/php/composer/unreachable-network/composer.lock @@ -0,0 +1,62 @@ +{ + "_readme": [ + "This file locks the dependencies of your project to a known state", + "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", + "This file is @generated automatically" + ], + "content-hash": "bef20e1ca06eac6c027a5bc95193a923", + "packages": [ + { + "name": "monolog/monolog", + "version": "1.0.2", + "source": { + "type": "git", + "url": "https://example.com/Seldaek/monolog.git", + "reference": "b704c49a3051536f67f2d39f13568f74615b9922" + }, + "dist": { + "type": "zip", + "url": "https://api.example.com/repos/Seldaek/monolog/zipball/b704c49a3051536f67f2d39f13568f74615b9922", + "reference": "b704c49a3051536f67f2d39f13568f74615b9922", + "shasum": "" + }, + "require": { + "php": ">=5.3.0" + }, + "type": "library", + "autoload": { + "psr-0": { + "Monolog": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be", + "homepage": "http://seld.be", + "role": "Developer" + } + ], + "description": "Logging for PHP 5.3", + "homepage": "http://example.com/Seldaek/monolog", + "keywords": [ + "log", + "logging" + ], + "time": "2011-10-24T09:39:02+00:00" + } + ], + "packages-dev": [], + "aliases": [], + "minimum-stability": "stable", + "stability-flags": [], + "prefer-stable": false, + "prefer-lowest": false, + "platform": [], + "platform-dev": [], + "plugin-api-version": "1.1.0" +} diff --git a/spec/integration/php/composer_spec.rb b/spec/integration/php/composer_spec.rb index 0fb09ee..b5c2d15 100644 --- a/spec/integration/php/composer_spec.rb +++ b/spec/integration/php/composer_spec.rb @@ -118,4 +118,16 @@ RSpec.describe "composer" do expect(subject.licenses_for('monolog/monolog')).to match_array(['MIT']) end end + + context "when scanning a project with a lock file and sourced from an unreachable network location" do + before do + runner.mount(dir: fixture_file('php/composer/unreachable-network')) + end + + it 'parses the information from the lockfile' do + expect(subject).to match_schema + expect(subject.dependency_names).to match_array(['monolog/monolog']) + expect(subject.licenses_for('monolog/monolog')).to match_array(['MIT']) + end + end end |