diff options
| -rw-r--r-- | CHANGELOG.md | 4 | ||||
| -rw-r--r-- | Gemfile.lock | 6 | ||||
| -rwxr-xr-x | bin/docker-test | 1 | ||||
| -rw-r--r-- | lib/license/finder/ext.rb | 1 | ||||
| -rw-r--r-- | lib/license/finder/ext/gradle.rb | 17 | ||||
| -rw-r--r-- | lib/license/finder/ext/pip.rb | 14 | ||||
| -rw-r--r-- | lib/license/finder/ext/pipenv.rb | 8 | ||||
| -rw-r--r-- | lib/license/management/version.rb | 2 | ||||
| -rwxr-xr-x | run.sh | 6 | ||||
| -rw-r--r-- | spec/integration/java/gradle_spec.rb | 32 |
10 files changed, 69 insertions, 22 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 54a2fde..5def309 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # GitLab License management changelog +## v3.7.2 + +- Forward custom `GRADLE_CLI_OPTS` to `gradle downloadLicenses` and skip additional install step. (!121) + ## v3.7.1 - Export `PIP_CERT` when invoking `pip` when a custom root certificate is specified. (!133) diff --git a/Gemfile.lock b/Gemfile.lock index 3b282f0..ce54189 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - license-management (3.7.1) + license-management (3.7.2) license_finder (~> 6.0.0) spandx (~> 0.1) @@ -72,18 +72,20 @@ GEM rubocop (>= 0.68.1) ruby-progressbar (1.10.1) rubyzip (2.3.0) - spandx (0.11.0) + spandx (0.12.0) addressable (~> 2.7) bundler (>= 1.16, < 3.0.0) net-hippie (~> 0.3) nokogiri (~> 1.10) thor + zeitwerk (~> 2.3) thor (1.0.1) toml (0.2.0) parslet (~> 1.8.0) unicode-display_width (1.6.1) with_env (1.1.0) xml-simple (1.1.5) + zeitwerk (2.3.0) PLATFORMS ruby diff --git a/bin/docker-test b/bin/docker-test index 5a4436d..c7df9b9 100755 --- a/bin/docker-test +++ b/bin/docker-test @@ -14,6 +14,7 @@ else export IMAGE_NAME=${IMAGE_NAME:-$(basename "$PWD"):latest} docker run --rm \ + --env GRADLE_CLI_OPTS \ --env LICENSE_FINDER_CLI_OPTS \ --env LM_JAVA_VERSION \ --env LM_PYTHON_VERSION \ diff --git a/lib/license/finder/ext.rb b/lib/license/finder/ext.rb index 24afd37..703afc5 100644 --- a/lib/license/finder/ext.rb +++ b/lib/license/finder/ext.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true require 'license/finder/ext/go_modules' +require 'license/finder/ext/gradle' require 'license/finder/ext/license' require 'license/finder/ext/maven' require 'license/finder/ext/nuget' diff --git a/lib/license/finder/ext/gradle.rb b/lib/license/finder/ext/gradle.rb new file mode 100644 index 0000000..64bcfbb --- /dev/null +++ b/lib/license/finder/ext/gradle.rb @@ -0,0 +1,17 @@ +# frozen_string_literal: true + +module LicenseFinder + class Gradle + def package_management_command + wrapper? ? './gradlew' : gradle_command + end + + def wrapper? + File.exist?(File.join(project_path, 'gradlew')) + end + + def gradle_command + ['gradle', ENV.fetch('GRADLE_CLI_OPTS', '-x test')].join(' ') + end + end +end diff --git a/lib/license/finder/ext/pip.rb b/lib/license/finder/ext/pip.rb index 084816c..51e2039 100644 --- a/lib/license/finder/ext/pip.rb +++ b/lib/license/finder/ext/pip.rb @@ -55,19 +55,11 @@ module LicenseFinder Dir.chdir(project_path) { yield } end - def pypi - @pypi ||= Spandx::Python::PyPI.new(sources: [ - Spandx::Python::Source.new({ - 'name' => 'pypi', - 'url' => python.pip_index_url, - 'verify_ssl' => true - }) - ]) - end - def legacy_results + sources = [Spandx::Python::Source.new({ 'name' => 'pypi', 'url' => python.pip_index_url, 'verify_ssl' => true })] + pypi = Spandx::Python::PyPI.new pip_output.map do |name, version, _children, _location| - spec = pypi.definition_for(name, version) + spec = pypi.definition_for(name, version, sources: sources) Package.new( name, version, diff --git a/lib/license/finder/ext/pipenv.rb b/lib/license/finder/ext/pipenv.rb index 056b81d..ebe8cad 100644 --- a/lib/license/finder/ext/pipenv.rb +++ b/lib/license/finder/ext/pipenv.rb @@ -38,11 +38,15 @@ module LicenseFinder end def build_package_for(name, version) - PipPackage.new(name, version, pypi.definition_for(name, version)) + PipPackage.new(name, version, pypi.definition_for(name, version, sources: sources)) + end + + def sources + @sources ||= ::Spandx::Python::Source.sources_from(lockfile_hash) end def pypi - @pypi ||= ::Spandx::Python::PyPI.new(sources: ::Spandx::Python::Source.sources_from(lockfile_hash)) + @pypi ||= ::Spandx::Python::Pypi.new end def lockfile_hash diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index fe617f9..46ec201 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '3.7.1' + VERSION = '3.7.2' end end @@ -63,11 +63,6 @@ function prepare_javascript() { fi } -function prepare_java() { - [[ -f build.gradle ]] && [[ ! -f gradlew ]] && \ - gradle build ${GRADLE_CLI_OPTS:+-x test} -} - function prepare_dotnet() { [[ $(ls ./*.sln 2> /dev/null) ]] && RECURSIVE="--recursive" } @@ -77,7 +72,6 @@ function prepare_project() { asdf install 1> /dev/null prepare_javascript || true - prepare_java || true prepare_dotnet || true else echo "Running '${SETUP_CMD}' to install project dependencies..." diff --git a/spec/integration/java/gradle_spec.rb b/spec/integration/java/gradle_spec.rb index 1b566bb..32e78c5 100644 --- a/spec/integration/java/gradle_spec.rb +++ b/spec/integration/java/gradle_spec.rb @@ -49,6 +49,38 @@ plugins { end end + context "when scanning a gradle projects that uses a custom repository" do + it 'detects the licenses' do + runner.add_file('build.gradle') do + <<~GRADLE +plugins { + id 'java-library' +} + +repositories { + mavenCentral() +} + +dependencies { + implementation 'org.hibernate:hibernate-core:3.6.7.Final' + api 'com.google.guava:guava:23.0' + testImplementation 'junit:junit:4.+' +} + GRADLE + end + runner.add_file('my-settings.gradle') do + <<~SETTINGS + rootProject.name = 'gradle-example' + SETTINGS + end + + report = runner.scan(env: { + 'GRADLE_CLI_OPTS' => '--settings-file my-settings.gradle' + }) + expect(report).to match_schema(version: '2.0') + end + end + [ '6.2', '5.6', |