From 4bf6440d5676bd7e120091f0a253a01e0b2fa7a3 Mon Sep 17 00:00:00 2001 From: mo khan Date: Mon, 5 Oct 2020 17:22:14 -0600 Subject: Parse composite license expressions * docs: Add changelog entry * fix: update spec to match expected behaviour --- CHANGELOG.md | 4 + Gemfile.lock | 28 ++++++- lib/license/finder/ext/dependency.rb | 17 +++++ lib/license/management.rb | 1 + lib/license/management/version.rb | 2 +- license-management.gemspec | 1 + spec/fixtures/expected/js/yarn/v1.0.json | 47 +++++++----- spec/fixtures/expected/js/yarn/v1.1.json | 101 ++++++++++++++++++-------- spec/fixtures/expected/js/yarn/v2.0.json | 86 +++++++++------------- spec/fixtures/expected/js/yarn/v2.1.json | 74 ++++++++----------- spec/fixtures/expected/ruby/bundler/v1.0.json | 2 +- spec/fixtures/expected/ruby/bundler/v1.1.json | 2 +- spec/fixtures/expected/ruby/bundler/v2.0.json | 2 +- spec/integration/rust/cargo_spec.rb | 4 +- spec/unit/license_finder/dependency_spec.rb | 45 ++++++++++++ 15 files changed, 263 insertions(+), 153 deletions(-) create mode 100644 spec/unit/license_finder/dependency_spec.rb diff --git a/CHANGELOG.md b/CHANGELOG.md index af958d6..2875e8b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,9 @@ # GitLab License management changelog +## v3.27.0 + +- Parse SPDX License expressions. !228 + ## v3.26.1 - Switch to working directory that contains the `go.mod` file. !222 diff --git a/Gemfile.lock b/Gemfile.lock index a34329a..78e794e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,8 +8,9 @@ GIT PATH remote: . specs: - license-management (3.26.1) + license-management (3.27.0) license_finder (~> 6.7) + spandx (~> 0.13) GEM remote: https://rubygems.org/ @@ -68,7 +69,7 @@ GEM json-schema (2.8.1) addressable (>= 2.4) libyajl2 (1.2.0) - license_finder (6.8.2) + license_finder (6.9.0) bundler rubyzip (>= 1, < 3) thor (~> 1.0.1) @@ -79,6 +80,7 @@ GEM ffi-yajl (~> 2.2) mixlib-shellout (>= 2.2, < 4.0) toml-rb (>= 1, < 3) + mini_portile2 (2.4.0) mixlib-cli (2.1.6) mixlib-config (3.0.6) tomlrb @@ -86,6 +88,9 @@ GEM mixlib-shellout (3.0.9) mixlib-versioning (1.2.12) multipart-post (2.1.1) + net-hippie (0.3.2) + nokogiri (1.10.10) + mini_portile2 (~> 2.4.0) ohai (16.2.1) chef-config (>= 12.8, < 17) chef-utils (>= 16.0, < 17) @@ -99,6 +104,7 @@ GEM plist (~> 3.1) systemu (~> 2.6.4) wmi-lite (~> 1.0) + oj (3.10.14) omnibus (7.0.13) aws-sdk-s3 (~> 1) chef-cleanroom (~> 1.0) @@ -114,6 +120,7 @@ GEM parallel (1.19.1) parser (2.7.0.4) ast (~> 2.4.0) + parslet (2.0.0) pedump (0.5.4) awesome_print iostruct (>= 0.0.4) @@ -170,15 +177,32 @@ GEM simplecov-cobertura (1.3.1) simplecov (~> 0.8) simplecov-html (0.12.2) + spandx (0.13.5) + addressable (~> 2.7) + bundler (>= 1.16, < 3.0.0) + net-hippie (~> 0.3) + nokogiri (~> 1.10) + oj (~> 3.10) + parslet (~> 2.0) + terminal-table (~> 1.8) + thor + tty-spinner (~> 0.9) + zeitwerk (~> 2.3) systemu (2.6.5) + terminal-table (1.8.0) + unicode-display_width (~> 1.1, >= 1.1.1) thor (1.0.1) toml-rb (2.0.1) citrus (~> 3.0, > 3.0) tomlrb (1.3.0) + tty-cursor (0.7.1) + tty-spinner (0.9.3) + tty-cursor (~> 0.7) unicode-display_width (1.6.1) with_env (1.1.0) wmi-lite (1.0.5) xml-simple (1.1.5) + zeitwerk (2.4.0) zhexdump (0.0.2) PLATFORMS diff --git a/lib/license/finder/ext/dependency.rb b/lib/license/finder/ext/dependency.rb index 48939bf..6e4aff6 100644 --- a/lib/license/finder/ext/dependency.rb +++ b/lib/license/finder/ext/dependency.rb @@ -7,6 +7,7 @@ module LicenseFinder def initialize(package_manager, name, version, options = {}) @package_manager = package_manager @detection_path = options[:detection_path] || Pathname.pwd + options[:spec_licenses] = split_licenses_from(options[:spec_licenses]) if options[:spec_licenses] super(name, version, options) end @@ -23,5 +24,21 @@ module LicenseFinder summary: other.summary ) end + + private + + def split_licenses_from(declared_licenses) + declared_licenses.map do |declared| + license_for(::Spandx::Spdx::Expression.new.parse(declared)[0]) + rescue StandardError + declared + end.flatten.compact + end + + def license_for(node) + return [node&.to_s] unless node.is_a?(Hash) + + [license_for(node[:left]), license_for(node[:right])] + end end end diff --git a/lib/license/management.rb b/lib/license/management.rb index 0b418e7..8cf5b56 100644 --- a/lib/license/management.rb +++ b/lib/license/management.rb @@ -3,6 +3,7 @@ require 'json' require 'logger' require 'pathname' +require 'spandx' require 'yaml' require 'license_finder' diff --git a/lib/license/management/version.rb b/lib/license/management/version.rb index 8ffd30d..3c28192 100644 --- a/lib/license/management/version.rb +++ b/lib/license/management/version.rb @@ -2,6 +2,6 @@ module License module Management - VERSION = '3.26.1' + VERSION = '3.27.0' end end diff --git a/license-management.gemspec b/license-management.gemspec index fcdb84d..de62d28 100644 --- a/license-management.gemspec +++ b/license-management.gemspec @@ -28,6 +28,7 @@ Gem::Specification.new do |spec| spec.require_paths = ['lib'] spec.add_dependency 'license_finder', '~> 6.7' + spec.add_dependency 'spandx', '~> 0.13' spec.add_development_dependency 'byebug', '~> 11.1' spec.add_development_dependency 'gitlab-styles', '~> 3.1' spec.add_development_dependency 'json-schema', '~> 2.8' diff --git a/spec/fixtures/expected/js/yarn/v1.0.json b/spec/fixtures/expected/js/yarn/v1.0.json index f944b03..9b5a2fb 100644 --- a/spec/fixtures/expected/js/yarn/v1.0.json +++ b/spec/fixtures/expected/js/yarn/v1.0.json @@ -42,51 +42,51 @@ }, { "count": 1, - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)" + "name": "BSD*" }, { "count": 1, - "name": "(GPL-2.0 OR MIT)" + "name": "LIL" }, { "count": 1, - "name": "(MIT AND BSD-3-Clause)" + "name": "MIT, Apache 2.0" }, { "count": 1, - "name": "(MIT AND Zlib)" + "name": "MIT, CC0-1.0" }, { "count": 1, - "name": "(MIT OR Apache-2.0)" + "name": "MIT, GPL-2.0" }, { "count": 1, - "name": "(MIT OR CC0-1.0)" + "name": "Mozilla Public License 2.0" }, { "count": 1, - "name": "(WTFPL OR MIT)" + "name": "New BSD, MIT" }, { "count": 1, - "name": "BSD*" + "name": "Public Domain" }, { "count": 1, - "name": "LIL" + "name": "Simplified BSD, MIT, Apache 2.0" }, { "count": 1, - "name": "Mozilla Public License 2.0" + "name": "UNKNOWN" }, { "count": 1, - "name": "Public Domain" + "name": "WTFPL, MIT" }, { "count": 1, - "name": "UNKNOWN" + "name": "Zlib, MIT" } ], "dependencies": [ @@ -2582,7 +2582,8 @@ }, { "license": { - "name": "(MIT OR Apache-2.0)" + "name": "MIT, Apache 2.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "atob", @@ -10210,7 +10211,8 @@ }, { "license": { - "name": "(WTFPL OR MIT)" + "name": "WTFPL, MIT", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "opener", @@ -10349,7 +10351,8 @@ }, { "license": { - "name": "(MIT AND Zlib)" + "name": "Zlib, MIT", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "pako", @@ -12670,7 +12673,8 @@ }, { "license": { - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)" + "name": "Simplified BSD, MIT, Apache 2.0", + "url": "http://opensource.org/licenses/bsd-license" }, "dependency": { "name": "rc", @@ -13453,7 +13457,8 @@ }, { "license": { - "name": "(MIT AND BSD-3-Clause)" + "name": "New BSD, MIT", + "url": "http://opensource.org/licenses/BSD-3-Clause" }, "dependency": { "name": "sha.js", @@ -14683,7 +14688,8 @@ }, { "license": { - "name": "(MIT OR CC0-1.0)" + "name": "MIT, CC0-1.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "type-fest", @@ -14724,7 +14730,8 @@ }, { "license": { - "name": "(GPL-2.0 OR MIT)" + "name": "MIT, GPL-2.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "ua-parser-js", @@ -15953,4 +15960,4 @@ } } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/js/yarn/v1.1.json b/spec/fixtures/expected/js/yarn/v1.1.json index ddb581f..a8b760d 100644 --- a/spec/fixtures/expected/js/yarn/v1.1.json +++ b/spec/fixtures/expected/js/yarn/v1.1.json @@ -43,51 +43,51 @@ }, { "count": 1, - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)" + "name": "BSD*" }, { "count": 1, - "name": "(GPL-2.0 OR MIT)" + "name": "LIL" }, { "count": 1, - "name": "(MIT AND BSD-3-Clause)" + "name": "MIT, Apache 2.0" }, { "count": 1, - "name": "(MIT AND Zlib)" + "name": "MIT, CC0-1.0" }, { "count": 1, - "name": "(MIT OR Apache-2.0)" + "name": "MIT, GPL-2.0" }, { "count": 1, - "name": "(MIT OR CC0-1.0)" + "name": "Mozilla Public License 2.0" }, { "count": 1, - "name": "(WTFPL OR MIT)" + "name": "New BSD, MIT" }, { "count": 1, - "name": "BSD*" + "name": "Public Domain" }, { "count": 1, - "name": "LIL" + "name": "Simplified BSD, MIT, Apache 2.0" }, { "count": 1, - "name": "Mozilla Public License 2.0" + "name": "UNKNOWN" }, { "count": 1, - "name": "Public Domain" + "name": "WTFPL, MIT" }, { "count": 1, - "name": "UNKNOWN" + "name": "Zlib, MIT" } ], "dependencies": [ @@ -3652,12 +3652,17 @@ { "licenses": [ { - "name": "(MIT OR Apache-2.0)", - "url": "" + "name": "Apache 2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + }, + { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" } ], "license": { - "name": "(MIT OR Apache-2.0)" + "name": "MIT, Apache 2.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "atob", @@ -14556,12 +14561,17 @@ { "licenses": [ { - "name": "(WTFPL OR MIT)", - "url": "" + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + { + "name": "WTFPL", + "url": "http://www.wtfpl.net/" } ], "license": { - "name": "(WTFPL OR MIT)" + "name": "WTFPL, MIT", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "opener", @@ -14755,12 +14765,17 @@ { "licenses": [ { - "name": "(MIT AND Zlib)", + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + { + "name": "Zlib", "url": "" } ], "license": { - "name": "(MIT AND Zlib)" + "name": "Zlib, MIT", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "pako", @@ -18078,12 +18093,21 @@ { "licenses": [ { - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)", - "url": "" + "name": "Apache 2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + }, + { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + { + "name": "Simplified BSD", + "url": "http://opensource.org/licenses/bsd-license" } ], "license": { - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)" + "name": "Simplified BSD, MIT, Apache 2.0", + "url": "http://opensource.org/licenses/bsd-license" }, "dependency": { "name": "rc", @@ -19197,12 +19221,17 @@ { "licenses": [ { - "name": "(MIT AND BSD-3-Clause)", - "url": "" + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + { + "name": "New BSD", + "url": "http://opensource.org/licenses/BSD-3-Clause" } ], "license": { - "name": "(MIT AND BSD-3-Clause)" + "name": "New BSD, MIT", + "url": "http://opensource.org/licenses/BSD-3-Clause" }, "dependency": { "name": "sha.js", @@ -20955,12 +20984,17 @@ { "licenses": [ { - "name": "(MIT OR CC0-1.0)", + "name": "CC0-1.0", "url": "" + }, + { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" } ], "license": { - "name": "(MIT OR CC0-1.0)" + "name": "MIT, CC0-1.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "type-fest", @@ -21014,12 +21048,17 @@ { "licenses": [ { - "name": "(GPL-2.0 OR MIT)", + "name": "GPL-2.0", "url": "" + }, + { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" } ], "license": { - "name": "(GPL-2.0 OR MIT)" + "name": "MIT, GPL-2.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "ua-parser-js", @@ -22770,4 +22809,4 @@ } } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/js/yarn/v2.0.json b/spec/fixtures/expected/js/yarn/v2.0.json index 5819cd3..abdd19e 100644 --- a/spec/fixtures/expected/js/yarn/v2.0.json +++ b/spec/fixtures/expected/js/yarn/v2.0.json @@ -5,7 +5,7 @@ "id": "MIT", "name": "MIT License", "url": "https://opensource.org/licenses/MIT", - "count": 949 + "count": 956 }, { "id": "ISC", @@ -17,25 +17,25 @@ "id": "BSD-2-Clause", "name": "BSD 2-Clause \"Simplified\" License", "url": "https://opensource.org/licenses/BSD-2-Clause", - "count": 23 + "count": 24 }, { "id": "BSD-3-Clause", "name": "BSD 3-Clause \"New\" or \"Revised\" License", "url": "https://opensource.org/licenses/BSD-3-Clause", - "count": 22 + "count": 23 }, { "id": "CC0-1.0", "name": "Creative Commons Zero v1.0 Universal", "url": "https://creativecommons.org/publicdomain/zero/1.0/legalcode", - "count": 21 + "count": 22 }, { "id": "Apache-2.0", "name": "Apache License 2.0", "url": "https://opensource.org/licenses/Apache-2.0", - "count": 14 + "count": 16 }, { "id": "CC-BY-4.0", @@ -62,51 +62,21 @@ "count": 2 }, { - "id": "(bsd-2-clause or mit or apache-2.0)", - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)", - "url": "", - "count": 1 - }, - { - "id": "(gpl-2.0 or mit)", - "name": "(GPL-2.0 OR MIT)", - "url": "", - "count": 1 - }, - { - "id": "(mit and bsd-3-clause)", - "name": "(MIT AND BSD-3-Clause)", - "url": "", - "count": 1 - }, - { - "id": "(mit and zlib)", - "name": "(MIT AND Zlib)", - "url": "", - "count": 1 - }, - { - "id": "(mit or apache-2.0)", - "name": "(MIT OR Apache-2.0)", + "id": "bsd*", + "name": "BSD*", "url": "", "count": 1 }, { - "id": "(mit or cc0-1.0)", - "name": "(MIT OR CC0-1.0)", - "url": "", + "id": "WTFPL", + "name": "Do What The F*ck You Want To Public License", + "url": "http://sam.zoy.org/wtfpl/COPYING", "count": 1 }, { - "id": "(wtfpl or mit)", - "name": "(WTFPL OR MIT)", - "url": "", - "count": 1 - }, - { - "id": "bsd*", - "name": "BSD*", - "url": "", + "id": "GPL-2.0-only", + "name": "GNU General Public License v2.0 only", + "url": "https://opensource.org/licenses/GPL-2.0", "count": 1 }, { @@ -132,6 +102,12 @@ "name": "UNKNOWN", "url": "", "count": 1 + }, + { + "id": "Zlib", + "name": "zlib License", + "url": "https://opensource.org/licenses/Zlib", + "count": 1 } ], "dependencies": [ @@ -2101,7 +2077,8 @@ "." ], "licenses": [ - "(mit or apache-2.0)" + "Apache-2.0", + "MIT" ] }, { @@ -8107,7 +8084,8 @@ "." ], "licenses": [ - "(wtfpl or mit)" + "MIT", + "WTFPL" ] }, { @@ -8217,7 +8195,8 @@ "." ], "licenses": [ - "(mit and zlib)" + "MIT", + "Zlib" ] }, { @@ -10054,7 +10033,9 @@ "." ], "licenses": [ - "(bsd-2-clause or mit or apache-2.0)" + "Apache-2.0", + "BSD-2-Clause", + "MIT" ] }, { @@ -10670,7 +10651,8 @@ "." ], "licenses": [ - "(mit and bsd-3-clause)" + "BSD-3-Clause", + "MIT" ] }, { @@ -11638,7 +11620,8 @@ "." ], "licenses": [ - "(mit or cc0-1.0)" + "CC0-1.0", + "MIT" ] }, { @@ -11671,7 +11654,8 @@ "." ], "licenses": [ - "(gpl-2.0 or mit)" + "GPL-2.0-only", + "MIT" ] }, { @@ -12632,4 +12616,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/js/yarn/v2.1.json b/spec/fixtures/expected/js/yarn/v2.1.json index 8a801a2..35eb00f 100644 --- a/spec/fixtures/expected/js/yarn/v2.1.json +++ b/spec/fixtures/expected/js/yarn/v2.1.json @@ -1,41 +1,6 @@ { "version": "2.1", "licenses": [ - { - "id": "(bsd-2-clause or mit or apache-2.0)", - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)", - "url": "" - }, - { - "id": "(gpl-2.0 or mit)", - "name": "(GPL-2.0 OR MIT)", - "url": "" - }, - { - "id": "(mit and bsd-3-clause)", - "name": "(MIT AND BSD-3-Clause)", - "url": "" - }, - { - "id": "(mit and zlib)", - "name": "(MIT AND Zlib)", - "url": "" - }, - { - "id": "(mit or apache-2.0)", - "name": "(MIT OR Apache-2.0)", - "url": "" - }, - { - "id": "(mit or cc0-1.0)", - "name": "(MIT OR CC0-1.0)", - "url": "" - }, - { - "id": "(wtfpl or mit)", - "name": "(WTFPL OR MIT)", - "url": "" - }, { "id": "Apache-2.0", "name": "Apache License 2.0", @@ -61,6 +26,11 @@ "name": "Creative Commons Zero v1.0 Universal", "url": "https://creativecommons.org/publicdomain/zero/1.0/legalcode" }, + { + "id": "GPL-2.0-only", + "name": "GNU General Public License v2.0 only", + "url": "https://opensource.org/licenses/GPL-2.0" + }, { "id": "ISC", "name": "ISC License", @@ -81,6 +51,16 @@ "name": "The Unlicense", "url": "https://unlicense.org/" }, + { + "id": "WTFPL", + "name": "Do What The F*ck You Want To Public License", + "url": "http://sam.zoy.org/wtfpl/COPYING" + }, + { + "id": "Zlib", + "name": "zlib License", + "url": "https://opensource.org/licenses/Zlib" + }, { "id": "bsd*", "name": "BSD*", @@ -1716,7 +1696,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(mit or apache-2.0)" + "Apache-2.0", + "MIT" ] }, { @@ -6630,7 +6611,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(wtfpl or mit)" + "MIT", + "WTFPL" ] }, { @@ -6720,7 +6702,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(mit and zlib)" + "MIT", + "Zlib" ] }, { @@ -8223,7 +8206,9 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(bsd-2-clause or mit or apache-2.0)" + "Apache-2.0", + "BSD-2-Clause", + "MIT" ] }, { @@ -8727,7 +8712,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(mit and bsd-3-clause)" + "BSD-3-Clause", + "MIT" ] }, { @@ -9519,7 +9505,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(mit or cc0-1.0)" + "CC0-1.0", + "MIT" ] }, { @@ -9546,7 +9533,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(gpl-2.0 or mit)" + "GPL-2.0-only", + "MIT" ] }, { @@ -10333,4 +10321,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/ruby/bundler/v1.0.json b/spec/fixtures/expected/ruby/bundler/v1.0.json index c66a9a3..6297700 100644 --- a/spec/fixtures/expected/ruby/bundler/v1.0.json +++ b/spec/fixtures/expected/ruby/bundler/v1.0.json @@ -239,4 +239,4 @@ } } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/ruby/bundler/v1.1.json b/spec/fixtures/expected/ruby/bundler/v1.1.json index 7bfd775..a0f9868 100644 --- a/spec/fixtures/expected/ruby/bundler/v1.1.json +++ b/spec/fixtures/expected/ruby/bundler/v1.1.json @@ -336,4 +336,4 @@ } } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/ruby/bundler/v2.0.json b/spec/fixtures/expected/ruby/bundler/v2.0.json index 230bd2c..28812f7 100644 --- a/spec/fixtures/expected/ruby/bundler/v2.0.json +++ b/spec/fixtures/expected/ruby/bundler/v2.0.json @@ -198,4 +198,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/spec/integration/rust/cargo_spec.rb b/spec/integration/rust/cargo_spec.rb index c8794f8..7b2b606 100644 --- a/spec/integration/rust/cargo_spec.rb +++ b/spec/integration/rust/cargo_spec.rb @@ -23,7 +23,7 @@ RSpec.describe "cargo" do expect(subject.dependency_names).to match_array(%w[libc time]) end - specify { expect(subject.licenses_for('libc')).to match_array(['mit or apache-2.0']) } + specify { expect(subject.licenses_for('libc')).to match_array(['MIT', 'Apache-2.0']) } specify { expect(subject.licenses_for('time')).to match_array(['Apache-2.0', 'MIT']) } end @@ -38,7 +38,7 @@ RSpec.describe "cargo" do specify do expect(subject).to match_schema expect(subject.dependency_names).to match_array(['libc']) - expect(subject.licenses_for('libc')).to match_array(['mit or apache-2.0']) + expect(subject.licenses_for('libc')).to match_array(['MIT', 'Apache-2.0']) end end diff --git a/spec/unit/license_finder/dependency_spec.rb b/spec/unit/license_finder/dependency_spec.rb new file mode 100644 index 0000000..d4642d4 --- /dev/null +++ b/spec/unit/license_finder/dependency_spec.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe LicenseFinder::Dependency do + describe "#licenses" do + subject { described_class.new('bundler', 'example', '0.1.0', { spec_licenses: declared_licenses }).licenses } + + context "when the declared licenses is a single known license" do + let(:declared_licenses) { ['MIT'] } + + specify { expect(subject.map(&:short_name)).to match_array(['MIT']) } + end + + context "when the declared licenses is a many known licenses" do + let(:declared_licenses) { ['MIT', 'Apache-2.0'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[MIT Apache2]) } + end + + context "when the declared licenses is x OR y" do + let(:declared_licenses) { ['MIT OR Apache-2.0'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[MIT Apache2]) } + end + + context "when the declared licenses is x OR y OR z" do + let(:declared_licenses) { ['(BSD-2-Clause OR MIT OR Apache-2.0)'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[SimplifiedBSD MIT Apache2]) } + end + + context "when the declared licenses is x AND y" do + let(:declared_licenses) { ['MIT AND Apache-2.0'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[MIT Apache2]) } + end + + context "when the declared licenses is x WITH exception" do + let(:declared_licenses) { ['Apache-2.0 WITH LLVM-exception'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[Apache2 LLVM-exception]) } + end + end +end -- cgit v1.2.3