From 4bf6440d5676bd7e120091f0a253a01e0b2fa7a3 Mon Sep 17 00:00:00 2001 From: mo khan Date: Mon, 5 Oct 2020 17:22:14 -0600 Subject: Parse composite license expressions * docs: Add changelog entry * fix: update spec to match expected behaviour --- spec/fixtures/expected/js/yarn/v1.0.json | 47 +++++++----- spec/fixtures/expected/js/yarn/v1.1.json | 101 ++++++++++++++++++-------- spec/fixtures/expected/js/yarn/v2.0.json | 86 +++++++++------------- spec/fixtures/expected/js/yarn/v2.1.json | 74 ++++++++----------- spec/fixtures/expected/ruby/bundler/v1.0.json | 2 +- spec/fixtures/expected/ruby/bundler/v1.1.json | 2 +- spec/fixtures/expected/ruby/bundler/v2.0.json | 2 +- spec/integration/rust/cargo_spec.rb | 4 +- spec/unit/license_finder/dependency_spec.rb | 45 ++++++++++++ 9 files changed, 213 insertions(+), 150 deletions(-) create mode 100644 spec/unit/license_finder/dependency_spec.rb (limited to 'spec') diff --git a/spec/fixtures/expected/js/yarn/v1.0.json b/spec/fixtures/expected/js/yarn/v1.0.json index f944b03..9b5a2fb 100644 --- a/spec/fixtures/expected/js/yarn/v1.0.json +++ b/spec/fixtures/expected/js/yarn/v1.0.json @@ -42,51 +42,51 @@ }, { "count": 1, - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)" + "name": "BSD*" }, { "count": 1, - "name": "(GPL-2.0 OR MIT)" + "name": "LIL" }, { "count": 1, - "name": "(MIT AND BSD-3-Clause)" + "name": "MIT, Apache 2.0" }, { "count": 1, - "name": "(MIT AND Zlib)" + "name": "MIT, CC0-1.0" }, { "count": 1, - "name": "(MIT OR Apache-2.0)" + "name": "MIT, GPL-2.0" }, { "count": 1, - "name": "(MIT OR CC0-1.0)" + "name": "Mozilla Public License 2.0" }, { "count": 1, - "name": "(WTFPL OR MIT)" + "name": "New BSD, MIT" }, { "count": 1, - "name": "BSD*" + "name": "Public Domain" }, { "count": 1, - "name": "LIL" + "name": "Simplified BSD, MIT, Apache 2.0" }, { "count": 1, - "name": "Mozilla Public License 2.0" + "name": "UNKNOWN" }, { "count": 1, - "name": "Public Domain" + "name": "WTFPL, MIT" }, { "count": 1, - "name": "UNKNOWN" + "name": "Zlib, MIT" } ], "dependencies": [ @@ -2582,7 +2582,8 @@ }, { "license": { - "name": "(MIT OR Apache-2.0)" + "name": "MIT, Apache 2.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "atob", @@ -10210,7 +10211,8 @@ }, { "license": { - "name": "(WTFPL OR MIT)" + "name": "WTFPL, MIT", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "opener", @@ -10349,7 +10351,8 @@ }, { "license": { - "name": "(MIT AND Zlib)" + "name": "Zlib, MIT", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "pako", @@ -12670,7 +12673,8 @@ }, { "license": { - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)" + "name": "Simplified BSD, MIT, Apache 2.0", + "url": "http://opensource.org/licenses/bsd-license" }, "dependency": { "name": "rc", @@ -13453,7 +13457,8 @@ }, { "license": { - "name": "(MIT AND BSD-3-Clause)" + "name": "New BSD, MIT", + "url": "http://opensource.org/licenses/BSD-3-Clause" }, "dependency": { "name": "sha.js", @@ -14683,7 +14688,8 @@ }, { "license": { - "name": "(MIT OR CC0-1.0)" + "name": "MIT, CC0-1.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "type-fest", @@ -14724,7 +14730,8 @@ }, { "license": { - "name": "(GPL-2.0 OR MIT)" + "name": "MIT, GPL-2.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "ua-parser-js", @@ -15953,4 +15960,4 @@ } } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/js/yarn/v1.1.json b/spec/fixtures/expected/js/yarn/v1.1.json index ddb581f..a8b760d 100644 --- a/spec/fixtures/expected/js/yarn/v1.1.json +++ b/spec/fixtures/expected/js/yarn/v1.1.json @@ -43,51 +43,51 @@ }, { "count": 1, - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)" + "name": "BSD*" }, { "count": 1, - "name": "(GPL-2.0 OR MIT)" + "name": "LIL" }, { "count": 1, - "name": "(MIT AND BSD-3-Clause)" + "name": "MIT, Apache 2.0" }, { "count": 1, - "name": "(MIT AND Zlib)" + "name": "MIT, CC0-1.0" }, { "count": 1, - "name": "(MIT OR Apache-2.0)" + "name": "MIT, GPL-2.0" }, { "count": 1, - "name": "(MIT OR CC0-1.0)" + "name": "Mozilla Public License 2.0" }, { "count": 1, - "name": "(WTFPL OR MIT)" + "name": "New BSD, MIT" }, { "count": 1, - "name": "BSD*" + "name": "Public Domain" }, { "count": 1, - "name": "LIL" + "name": "Simplified BSD, MIT, Apache 2.0" }, { "count": 1, - "name": "Mozilla Public License 2.0" + "name": "UNKNOWN" }, { "count": 1, - "name": "Public Domain" + "name": "WTFPL, MIT" }, { "count": 1, - "name": "UNKNOWN" + "name": "Zlib, MIT" } ], "dependencies": [ @@ -3652,12 +3652,17 @@ { "licenses": [ { - "name": "(MIT OR Apache-2.0)", - "url": "" + "name": "Apache 2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + }, + { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" } ], "license": { - "name": "(MIT OR Apache-2.0)" + "name": "MIT, Apache 2.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "atob", @@ -14556,12 +14561,17 @@ { "licenses": [ { - "name": "(WTFPL OR MIT)", - "url": "" + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + { + "name": "WTFPL", + "url": "http://www.wtfpl.net/" } ], "license": { - "name": "(WTFPL OR MIT)" + "name": "WTFPL, MIT", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "opener", @@ -14755,12 +14765,17 @@ { "licenses": [ { - "name": "(MIT AND Zlib)", + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + { + "name": "Zlib", "url": "" } ], "license": { - "name": "(MIT AND Zlib)" + "name": "Zlib, MIT", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "pako", @@ -18078,12 +18093,21 @@ { "licenses": [ { - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)", - "url": "" + "name": "Apache 2.0", + "url": "http://www.apache.org/licenses/LICENSE-2.0.txt" + }, + { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + { + "name": "Simplified BSD", + "url": "http://opensource.org/licenses/bsd-license" } ], "license": { - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)" + "name": "Simplified BSD, MIT, Apache 2.0", + "url": "http://opensource.org/licenses/bsd-license" }, "dependency": { "name": "rc", @@ -19197,12 +19221,17 @@ { "licenses": [ { - "name": "(MIT AND BSD-3-Clause)", - "url": "" + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" + }, + { + "name": "New BSD", + "url": "http://opensource.org/licenses/BSD-3-Clause" } ], "license": { - "name": "(MIT AND BSD-3-Clause)" + "name": "New BSD, MIT", + "url": "http://opensource.org/licenses/BSD-3-Clause" }, "dependency": { "name": "sha.js", @@ -20955,12 +20984,17 @@ { "licenses": [ { - "name": "(MIT OR CC0-1.0)", + "name": "CC0-1.0", "url": "" + }, + { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" } ], "license": { - "name": "(MIT OR CC0-1.0)" + "name": "MIT, CC0-1.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "type-fest", @@ -21014,12 +21048,17 @@ { "licenses": [ { - "name": "(GPL-2.0 OR MIT)", + "name": "GPL-2.0", "url": "" + }, + { + "name": "MIT", + "url": "http://opensource.org/licenses/mit-license" } ], "license": { - "name": "(GPL-2.0 OR MIT)" + "name": "MIT, GPL-2.0", + "url": "http://opensource.org/licenses/mit-license" }, "dependency": { "name": "ua-parser-js", @@ -22770,4 +22809,4 @@ } } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/js/yarn/v2.0.json b/spec/fixtures/expected/js/yarn/v2.0.json index 5819cd3..abdd19e 100644 --- a/spec/fixtures/expected/js/yarn/v2.0.json +++ b/spec/fixtures/expected/js/yarn/v2.0.json @@ -5,7 +5,7 @@ "id": "MIT", "name": "MIT License", "url": "https://opensource.org/licenses/MIT", - "count": 949 + "count": 956 }, { "id": "ISC", @@ -17,25 +17,25 @@ "id": "BSD-2-Clause", "name": "BSD 2-Clause \"Simplified\" License", "url": "https://opensource.org/licenses/BSD-2-Clause", - "count": 23 + "count": 24 }, { "id": "BSD-3-Clause", "name": "BSD 3-Clause \"New\" or \"Revised\" License", "url": "https://opensource.org/licenses/BSD-3-Clause", - "count": 22 + "count": 23 }, { "id": "CC0-1.0", "name": "Creative Commons Zero v1.0 Universal", "url": "https://creativecommons.org/publicdomain/zero/1.0/legalcode", - "count": 21 + "count": 22 }, { "id": "Apache-2.0", "name": "Apache License 2.0", "url": "https://opensource.org/licenses/Apache-2.0", - "count": 14 + "count": 16 }, { "id": "CC-BY-4.0", @@ -62,51 +62,21 @@ "count": 2 }, { - "id": "(bsd-2-clause or mit or apache-2.0)", - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)", - "url": "", - "count": 1 - }, - { - "id": "(gpl-2.0 or mit)", - "name": "(GPL-2.0 OR MIT)", - "url": "", - "count": 1 - }, - { - "id": "(mit and bsd-3-clause)", - "name": "(MIT AND BSD-3-Clause)", - "url": "", - "count": 1 - }, - { - "id": "(mit and zlib)", - "name": "(MIT AND Zlib)", - "url": "", - "count": 1 - }, - { - "id": "(mit or apache-2.0)", - "name": "(MIT OR Apache-2.0)", + "id": "bsd*", + "name": "BSD*", "url": "", "count": 1 }, { - "id": "(mit or cc0-1.0)", - "name": "(MIT OR CC0-1.0)", - "url": "", + "id": "WTFPL", + "name": "Do What The F*ck You Want To Public License", + "url": "http://sam.zoy.org/wtfpl/COPYING", "count": 1 }, { - "id": "(wtfpl or mit)", - "name": "(WTFPL OR MIT)", - "url": "", - "count": 1 - }, - { - "id": "bsd*", - "name": "BSD*", - "url": "", + "id": "GPL-2.0-only", + "name": "GNU General Public License v2.0 only", + "url": "https://opensource.org/licenses/GPL-2.0", "count": 1 }, { @@ -132,6 +102,12 @@ "name": "UNKNOWN", "url": "", "count": 1 + }, + { + "id": "Zlib", + "name": "zlib License", + "url": "https://opensource.org/licenses/Zlib", + "count": 1 } ], "dependencies": [ @@ -2101,7 +2077,8 @@ "." ], "licenses": [ - "(mit or apache-2.0)" + "Apache-2.0", + "MIT" ] }, { @@ -8107,7 +8084,8 @@ "." ], "licenses": [ - "(wtfpl or mit)" + "MIT", + "WTFPL" ] }, { @@ -8217,7 +8195,8 @@ "." ], "licenses": [ - "(mit and zlib)" + "MIT", + "Zlib" ] }, { @@ -10054,7 +10033,9 @@ "." ], "licenses": [ - "(bsd-2-clause or mit or apache-2.0)" + "Apache-2.0", + "BSD-2-Clause", + "MIT" ] }, { @@ -10670,7 +10651,8 @@ "." ], "licenses": [ - "(mit and bsd-3-clause)" + "BSD-3-Clause", + "MIT" ] }, { @@ -11638,7 +11620,8 @@ "." ], "licenses": [ - "(mit or cc0-1.0)" + "CC0-1.0", + "MIT" ] }, { @@ -11671,7 +11654,8 @@ "." ], "licenses": [ - "(gpl-2.0 or mit)" + "GPL-2.0-only", + "MIT" ] }, { @@ -12632,4 +12616,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/js/yarn/v2.1.json b/spec/fixtures/expected/js/yarn/v2.1.json index 8a801a2..35eb00f 100644 --- a/spec/fixtures/expected/js/yarn/v2.1.json +++ b/spec/fixtures/expected/js/yarn/v2.1.json @@ -1,41 +1,6 @@ { "version": "2.1", "licenses": [ - { - "id": "(bsd-2-clause or mit or apache-2.0)", - "name": "(BSD-2-Clause OR MIT OR Apache-2.0)", - "url": "" - }, - { - "id": "(gpl-2.0 or mit)", - "name": "(GPL-2.0 OR MIT)", - "url": "" - }, - { - "id": "(mit and bsd-3-clause)", - "name": "(MIT AND BSD-3-Clause)", - "url": "" - }, - { - "id": "(mit and zlib)", - "name": "(MIT AND Zlib)", - "url": "" - }, - { - "id": "(mit or apache-2.0)", - "name": "(MIT OR Apache-2.0)", - "url": "" - }, - { - "id": "(mit or cc0-1.0)", - "name": "(MIT OR CC0-1.0)", - "url": "" - }, - { - "id": "(wtfpl or mit)", - "name": "(WTFPL OR MIT)", - "url": "" - }, { "id": "Apache-2.0", "name": "Apache License 2.0", @@ -61,6 +26,11 @@ "name": "Creative Commons Zero v1.0 Universal", "url": "https://creativecommons.org/publicdomain/zero/1.0/legalcode" }, + { + "id": "GPL-2.0-only", + "name": "GNU General Public License v2.0 only", + "url": "https://opensource.org/licenses/GPL-2.0" + }, { "id": "ISC", "name": "ISC License", @@ -81,6 +51,16 @@ "name": "The Unlicense", "url": "https://unlicense.org/" }, + { + "id": "WTFPL", + "name": "Do What The F*ck You Want To Public License", + "url": "http://sam.zoy.org/wtfpl/COPYING" + }, + { + "id": "Zlib", + "name": "zlib License", + "url": "https://opensource.org/licenses/Zlib" + }, { "id": "bsd*", "name": "BSD*", @@ -1716,7 +1696,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(mit or apache-2.0)" + "Apache-2.0", + "MIT" ] }, { @@ -6630,7 +6611,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(wtfpl or mit)" + "MIT", + "WTFPL" ] }, { @@ -6720,7 +6702,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(mit and zlib)" + "MIT", + "Zlib" ] }, { @@ -8223,7 +8206,9 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(bsd-2-clause or mit or apache-2.0)" + "Apache-2.0", + "BSD-2-Clause", + "MIT" ] }, { @@ -8727,7 +8712,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(mit and bsd-3-clause)" + "BSD-3-Clause", + "MIT" ] }, { @@ -9519,7 +9505,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(mit or cc0-1.0)" + "CC0-1.0", + "MIT" ] }, { @@ -9546,7 +9533,8 @@ "package_manager": "yarn", "path": "yarn.lock", "licenses": [ - "(gpl-2.0 or mit)" + "GPL-2.0-only", + "MIT" ] }, { @@ -10333,4 +10321,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/ruby/bundler/v1.0.json b/spec/fixtures/expected/ruby/bundler/v1.0.json index c66a9a3..6297700 100644 --- a/spec/fixtures/expected/ruby/bundler/v1.0.json +++ b/spec/fixtures/expected/ruby/bundler/v1.0.json @@ -239,4 +239,4 @@ } } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/ruby/bundler/v1.1.json b/spec/fixtures/expected/ruby/bundler/v1.1.json index 7bfd775..a0f9868 100644 --- a/spec/fixtures/expected/ruby/bundler/v1.1.json +++ b/spec/fixtures/expected/ruby/bundler/v1.1.json @@ -336,4 +336,4 @@ } } ] -} +} \ No newline at end of file diff --git a/spec/fixtures/expected/ruby/bundler/v2.0.json b/spec/fixtures/expected/ruby/bundler/v2.0.json index 230bd2c..28812f7 100644 --- a/spec/fixtures/expected/ruby/bundler/v2.0.json +++ b/spec/fixtures/expected/ruby/bundler/v2.0.json @@ -198,4 +198,4 @@ ] } ] -} +} \ No newline at end of file diff --git a/spec/integration/rust/cargo_spec.rb b/spec/integration/rust/cargo_spec.rb index c8794f8..7b2b606 100644 --- a/spec/integration/rust/cargo_spec.rb +++ b/spec/integration/rust/cargo_spec.rb @@ -23,7 +23,7 @@ RSpec.describe "cargo" do expect(subject.dependency_names).to match_array(%w[libc time]) end - specify { expect(subject.licenses_for('libc')).to match_array(['mit or apache-2.0']) } + specify { expect(subject.licenses_for('libc')).to match_array(['MIT', 'Apache-2.0']) } specify { expect(subject.licenses_for('time')).to match_array(['Apache-2.0', 'MIT']) } end @@ -38,7 +38,7 @@ RSpec.describe "cargo" do specify do expect(subject).to match_schema expect(subject.dependency_names).to match_array(['libc']) - expect(subject.licenses_for('libc')).to match_array(['mit or apache-2.0']) + expect(subject.licenses_for('libc')).to match_array(['MIT', 'Apache-2.0']) end end diff --git a/spec/unit/license_finder/dependency_spec.rb b/spec/unit/license_finder/dependency_spec.rb new file mode 100644 index 0000000..d4642d4 --- /dev/null +++ b/spec/unit/license_finder/dependency_spec.rb @@ -0,0 +1,45 @@ +# frozen_string_literal: true + +require 'spec_helper' + +RSpec.describe LicenseFinder::Dependency do + describe "#licenses" do + subject { described_class.new('bundler', 'example', '0.1.0', { spec_licenses: declared_licenses }).licenses } + + context "when the declared licenses is a single known license" do + let(:declared_licenses) { ['MIT'] } + + specify { expect(subject.map(&:short_name)).to match_array(['MIT']) } + end + + context "when the declared licenses is a many known licenses" do + let(:declared_licenses) { ['MIT', 'Apache-2.0'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[MIT Apache2]) } + end + + context "when the declared licenses is x OR y" do + let(:declared_licenses) { ['MIT OR Apache-2.0'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[MIT Apache2]) } + end + + context "when the declared licenses is x OR y OR z" do + let(:declared_licenses) { ['(BSD-2-Clause OR MIT OR Apache-2.0)'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[SimplifiedBSD MIT Apache2]) } + end + + context "when the declared licenses is x AND y" do + let(:declared_licenses) { ['MIT AND Apache-2.0'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[MIT Apache2]) } + end + + context "when the declared licenses is x WITH exception" do + let(:declared_licenses) { ['Apache-2.0 WITH LLVM-exception'] } + + specify { expect(subject.map(&:short_name)).to match_array(%w[Apache2 LLVM-exception]) } + end + end +end -- cgit v1.2.3