diff options
Diffstat (limited to 'lib/license')
| -rw-r--r-- | lib/license/finder/ext/pip.rb | 4 | ||||
| -rw-r--r-- | lib/license/finder/ext/pipenv.rb | 14 | ||||
| -rw-r--r-- | lib/license/finder/ext/yarn.rb | 89 | ||||
| -rw-r--r-- | lib/license/management.rb | 1 | ||||
| -rw-r--r-- | lib/license/management/version.rb | 2 |
5 files changed, 90 insertions, 20 deletions
diff --git a/lib/license/finder/ext/pip.rb b/lib/license/finder/ext/pip.rb index 51e2039..596cd4c 100644 --- a/lib/license/finder/ext/pip.rb +++ b/lib/license/finder/ext/pip.rb @@ -56,10 +56,8 @@ module LicenseFinder end def legacy_results - sources = [Spandx::Python::Source.new({ 'name' => 'pypi', 'url' => python.pip_index_url, 'verify_ssl' => true })] - pypi = Spandx::Python::PyPI.new pip_output.map do |name, version, _children, _location| - spec = pypi.definition_for(name, version, sources: sources) + spec = PyPI.definition(name, version) Package.new( name, version, diff --git a/lib/license/finder/ext/pipenv.rb b/lib/license/finder/ext/pipenv.rb index ebe8cad..17b7391 100644 --- a/lib/license/finder/ext/pipenv.rb +++ b/lib/license/finder/ext/pipenv.rb @@ -30,25 +30,13 @@ module LicenseFinder each_dependency(groups: allowed_groups) do |name, data, group| version = canonicalize(data['version']) package = packages.fetch(key_for(name, version)) do |key| - packages[key] = build_package_for(name, version) + packages[key] = PipPackage.new(name, version, PyPI.definition(name, version)) end package.groups << group end packages.values end - def build_package_for(name, version) - PipPackage.new(name, version, pypi.definition_for(name, version, sources: sources)) - end - - def sources - @sources ||= ::Spandx::Python::Source.sources_from(lockfile_hash) - end - - def pypi - @pypi ||= ::Spandx::Python::Pypi.new - end - def lockfile_hash @lockfile_hash ||= JSON.parse(IO.read(detected_package_path)) end diff --git a/lib/license/finder/ext/yarn.rb b/lib/license/finder/ext/yarn.rb index cc2c029..dba096b 100644 --- a/lib/license/finder/ext/yarn.rb +++ b/lib/license/finder/ext/yarn.rb @@ -2,8 +2,93 @@ module LicenseFinder class Yarn - def prepare_command - 'yarn install --ignore-engines --ignore-scripts' + INCOMPATIBLE_PACKAGE_REGEX = /(?<name>[\w,\-]+)@(?<version>(\d+\.?)+)/.freeze + PHANTOM_PACKAGE_REGEX = /workspace-aggregator-[a-zA-Z0-9]{8}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{4}-[a-zA-Z0-9]{12}/.freeze + + def possible_package_paths + [project_path.join('yarn.lock')] + end + + def current_packages + stdout, _stderr, status = Dir.chdir(project_path) do + shell.execute(list_licenses_command) + end + return [] unless status.success? + + stdout.each_line.flat_map do |line| + dependencies_from(JSON.parse(line)) + end + end + + def prepare + Dir.chdir(project_path) do + shell.execute([ + :yarn, :install, + '--ignore-engines', '--ignore-scripts', + '--production' + ]) + end + end + + private + + def list_licenses_command + [ + :yarn, + :licenses, + :list, + '--no-progress', + '--json', + '--production', + '--cwd', + project_path || Pathname.pwd + ] + end + + def install_path_for(name) + if project_path + project_path.join('node_modules', name) + else + Pathname.pwd.join('node_modules', name) + end + end + + def map_from(hash) + name = hash['Name'] + + YarnPackage.new( + name, + hash['Version'], + spec_licenses: [hash['License']], + install_path: install_path_for(name).to_s, + homepage: hash['VendorUrl'] + ) + end + + def dependencies_from(json) + case json['type'] + when 'table' + from_json_table(json) + when 'info' + from_json_info(json) + else + [] + end + end + + def from_json_table(json) + head = json['data']['head'] + json['data']['body'].map do |array| + hash = Hash[head.zip(array)] + map_from(hash) unless PHANTOM_PACKAGE_REGEX.match(hash['Name']) + end.compact + end + + def from_json_info(json) + matches = json['data'].to_s.match(INCOMPATIBLE_PACKAGE_REGEX) + return [] unless matches + + [YarnPackage.new(matches['name'], matches['version'], spec_licenses: ['unknown'])] end end end diff --git a/lib/license/management.rb b/lib/license/management.rb index 4be002d..6306faf 100644 --- a/lib/license/management.rb +++ b/lib/license/management.rb @@ -3,7 +3,6 @@ require 'json' require 'logger' require 'pathname' -require 'spandx' require 'yaml' require 'license_finder' diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index 881fa37..22818e9 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '3.8.0' + VERSION = '3.8.1' end end |