10 files changed, 150 insertions, 17 deletions
diff --git a/.github/licensed/bundler/async.dep.yml b/.github/licensed/bundler/async.dep.yml
new file mode 100644
index 0000000..c660492
--- /dev/null
+++ b/.github/licensed/bundler/async.dep.yml
@@ -0,0 +1,30 @@
+---
+name: async
+version: 1.26.2
+type: bundler
+summary: A concurrency framework for Ruby.
+homepage: https://github.com/socketry/async
+license: mit
+licenses:
+- sources: Auto-generated MIT license text
+  text: |
+    MIT License
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+notices: []
diff --git a/.github/licensed/bundler/console.dep.yml b/.github/licensed/bundler/console.dep.yml
new file mode 100644
index 0000000..aeebf95
--- /dev/null
+++ b/.github/licensed/bundler/console.dep.yml
@@ -0,0 +1,32 @@
+---
+name: console
+version: 1.8.2
+type: bundler
+summary: Beautiful logging for Ruby.
+homepage: https://github.com/socketry/console
+license: mit
+licenses:
+- sources: README.md
+  text: |-
+    Released under the MIT license.
+
+    Copyright, 2019, by [Samuel Williams](https://www.codeotaku.com).
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+    THE SOFTWARE.
+notices: []
diff --git a/.github/licensed/bundler/nio4r.dep.yml b/.github/licensed/bundler/nio4r.dep.yml
new file mode 100644
index 0000000..c9852b5
--- /dev/null
+++ b/.github/licensed/bundler/nio4r.dep.yml
@@ -0,0 +1,25 @@
+---
+name: nio4r
+version: 2.5.2
+type: bundler
+summary: New IO for Ruby
+homepage: https://github.com/socketry/nio4r
+license: mit
+licenses:
+- sources: README.md
+  text: "Released under the MIT license.\n\nCopyright, 2019, by Tony Arcieri.  \nCopyright,
+    2019, by [Samuel G. D. Williams](http://www.codeotaku.com/samuel-williams).\n\nPermission
+    is hereby granted, free of charge, to any person obtaining a copy\nof this software
+    and associated documentation files (the \"Software\"), to deal\nin the Software
+    without restriction, including without limitation the rights\nto use, copy, modify,
+    merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and
+    to permit persons to whom the Software is\nfurnished to do so, subject to the
+    following conditions:\n\nThe above copyright notice and this permission notice
+    shall be included in\nall copies or substantial portions of the Software.\n\nTHE
+    SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED,
+    INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A
+    PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT
+    HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION
+    OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE
+    SOFTWARE OR THE USE OR OTHER DEALINGS IN\nTHE SOFTWARE."
+notices: []
diff --git a/.github/licensed/bundler/thor.dep.yml b/.github/licensed/bundler/thor.dep.yml
index 3f5dbc4..0fd74e6 100644
--- a/.github/licensed/bundler/thor.dep.yml
+++ b/.github/licensed/bundler/thor.dep.yml
@@ -1,6 +1,6 @@
 ---
 name: thor
-version: 0.20.3
+version: 1.0.1
 type: bundler
 summary: Thor is a toolkit for building powerful command-line interfaces.
 homepage: http://whatisthor.com/
diff --git a/.github/licensed/bundler/timers.dep.yml b/.github/licensed/bundler/timers.dep.yml
new file mode 100644
index 0000000..fae490f
--- /dev/null
+++ b/.github/licensed/bundler/timers.dep.yml
@@ -0,0 +1,30 @@
+---
+name: timers
+version: 4.3.0
+type: bundler
+summary: Pure Ruby one-shot and periodic timers
+homepage: https://github.com/socketry/timers
+license: mit
+licenses:
+- sources: README.md
+  text: "Released under the MIT license.\n\nCopyright, 2018, by [Samuel G. D. Williams](http://www.codeotaku.com/samuel-williams).
+    \ \nCopyright, 2016, by [Tony Arcieri](bascule@gmail.com).  \nCopyright, 2016,
+    by Jeremy Hinegardner.  \nCopyright, 2016, by Sean Gregory.  \nCopyright, 2016,
+    by Chuck Remes.  \nCopyright, 2016, by Utenmiki.  \nCopyright, 2016, by Ron Evans.
+    \ \nCopyright, 2016, by Larry Lv.  \nCopyright, 2016, by Bruno Enten.  \nCopyright,
+    2016, by Jesse Cooke.  \nCopyright, 2016, by Nicholas Evans.  \nCopyright, 2016,
+    by Dimitrij Denissenko.  \nCopyright, 2016, by Ryan LeCompte.  \n\nPermission
+    is hereby granted, free of charge, to any person obtaining a copy\nof this software
+    and associated documentation files (the \"Software\"), to deal\nin the Software
+    without restriction, including without limitation the rights\nto use, copy, modify,
+    merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and
+    to permit persons to whom the Software is\nfurnished to do so, subject to the
+    following conditions:\n\nThe above copyright notice and this permission notice
+    shall be included in\nall copies or substantial portions of the Software.\n\nTHE
+    SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED,
+    INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A
+    PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT
+    HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION
+    OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE
+    SOFTWARE OR THE USE OR OTHER DEALINGS IN\nTHE SOFTWARE."
+notices: []
diff --git a/Gemfile.lock b/Gemfile.lock
index a9dc845..3ce0057 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -3,6 +3,7 @@ PATH
   specs:
     spandx (0.13.4)
       addressable (~> 2.7)
+      async (~> 1.26)
       bundler (>= 1.16, < 3.0.0)
       net-hippie (~> 0.3)
       nokogiri (~> 1.10)
@@ -19,14 +20,19 @@ GEM
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     ast (2.4.1)
+    async (1.26.2)
+      console (~> 1.0)
+      nio4r (~> 2.3)
+      timers (~> 4.1)
     benchmark-ips (2.8.2)
     benchmark-malloc (0.2.0)
     benchmark-perf (0.6.0)
     benchmark-trend (0.4.0)
-    bundler-audit (0.6.1)
+    bundler-audit (0.7.0.1)
       bundler (>= 1.2.0, < 3)
-      thor (~> 0.18)
+      thor (>= 0.18, < 2)
     byebug (11.1.3)
+    console (1.8.2)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
     diff-lcs (1.3)
@@ -34,7 +40,7 @@ GEM
     faraday (1.0.1)
       multipart-post (>= 1.2, < 3)
     hashdiff (1.0.1)
-    licensed (2.11.1)
+    licensed (2.12.0)
       bundler (>= 1.10)
       licensee (>= 9.14.0, < 10.0.0)
       parallel (>= 0.18.0)
@@ -52,15 +58,16 @@ GEM
     mini_portile2 (2.4.0)
     multipart-post (2.1.1)
     net-hippie (0.3.2)
+    nio4r (2.5.2)
     nokogiri (1.10.9)
       mini_portile2 (~> 2.4.0)
     octokit (4.18.0)
       faraday (>= 0.9)
       sawyer (~> 0.8.0, >= 0.5.3)
     oj (3.10.6)
-    parallel (1.19.1)
-    parser (2.7.1.3)
-      ast (~> 2.4.0)
+    parallel (1.19.2)
+    parser (2.7.1.4)
+      ast (~> 2.4.1)
     parslet (2.0.0)
     pathname-common_prefix (0.0.1)
     public_suffix (4.0.5)
@@ -90,13 +97,13 @@ GEM
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
     rspec-support (3.9.3)
-    rubocop (0.85.1)
+    rubocop (0.86.0)
       parallel (~> 1.10)
       parser (>= 2.7.0.1)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.7)
       rexml
-      rubocop-ast (>= 0.0.3)
+      rubocop-ast (>= 0.0.3, < 1.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 1.4.0, < 2.0)
     rubocop-ast (0.0.3)
@@ -113,7 +120,8 @@ GEM
       faraday (> 0.8, < 2.0)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
-    thor (0.20.3)
+    thor (1.0.1)
+    timers (4.3.0)
     tomlrb (1.3.0)
     tty-cursor (0.7.1)
     tty-spinner (0.9.3)
diff --git a/lib/spandx.rb b/lib/spandx.rb
index 78fbdcb..9bd81f5 100644
--- a/lib/spandx.rb
+++ b/lib/spandx.rb
@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require 'async'
 require 'addressable/uri'
 require 'bundler'
 require 'csv'
diff --git a/lib/spandx/cli/commands/scan.rb b/lib/spandx/cli/commands/scan.rb
index 22420fc..4807208 100644
--- a/lib/spandx/cli/commands/scan.rb
+++ b/lib/spandx/cli/commands/scan.rb
@@ -16,7 +16,9 @@ module Spandx
         def execute(output: $stdout)
           with_printer(output) do |printer|
             each_dependency do |dependency|
-              printer.print_line(Plugin.enhance(dependency), output)
+              Async do
+                printer.print_line(Plugin.enhance(dependency), output)
+              end
             end
           end
         end
diff --git a/spandx.gemspec b/spandx.gemspec
index 100db55..f55d514 100644
--- a/spandx.gemspec
+++ b/spandx.gemspec
@@ -33,6 +33,7 @@ Gem::Specification.new do |spec|
   spec.extensions    = ['ext/spandx/extconf.rb']
 
   spec.add_dependency 'addressable', '~> 2.7'
+  spec.add_dependency 'async', '~> 1.26'
   spec.add_dependency 'bundler', '>= 1.16', '< 3.0.0'
   spec.add_dependency 'net-hippie', '~> 0.3'
   spec.add_dependency 'nokogiri', '~> 1.10'
diff --git a/spec/unit/ruby/parsers/gemfile_lock_spec.rb b/spec/unit/ruby/parsers/gemfile_lock_spec.rb
index 321aeab..abdb16e 100644
--- a/spec/unit/ruby/parsers/gemfile_lock_spec.rb
+++ b/spec/unit/ruby/parsers/gemfile_lock_spec.rb
@@ -40,27 +40,30 @@ RSpec.describe Spandx::Ruby::Parsers::GemfileLock do
         expect(subject).to match_array([
           build('addressable', '2.7.0', path),
           build('ast', '2.4.1', path),
+          build('async', '1.26.2', path),
           build('benchmark-ips', '2.8.2', path),
           build('benchmark-malloc', '0.2.0', path),
           build('benchmark-perf', '0.6.0', path),
           build('benchmark-trend', '0.4.0', path),
-          build('bundler-audit', '0.6.1', path),
+          build('bundler-audit', '0.7.0.1', path),
           build('byebug', '11.1.3', path),
+          build('console', '1.8.2', path),
           build('crack', '0.4.3', path),
           build('diff-lcs', '1.3', path),
           build('dotenv', '2.7.5', path),
           build('faraday', '1.0.1', path),
           build('hashdiff', '1.0.1', path),
-          build('licensed', '2.11.1', path),
+          build('licensed', '2.12.0', path),
           build('licensee', '9.14.0', path),
           build('mini_portile2', '2.4.0', path),
           build('multipart-post', '2.1.1', path),
           build('net-hippie', '0.3.2', path),
+          build('nio4r', '2.5.2', path),
           build('nokogiri', '1.10.9', path),
           build('octokit', '4.18.0', path),
           build('oj', '3.10.6', path),
-          build('parallel', '1.19.1', path),
-          build('parser', '2.7.1.3', path),
+          build('parallel', '1.19.2', path),
+          build('parser', '2.7.1.4', path),
           build('parslet', '2.0.0', path),
           build('pathname-common_prefix', '0.0.1', path),
           build('public_suffix', '4.0.5', path),
@@ -76,7 +79,7 @@ RSpec.describe Spandx::Ruby::Parsers::GemfileLock do
           build('rspec-expectations', '3.9.2', path),
           build('rspec-mocks', '3.9.1', path),
           build('rspec-support', '3.9.3', path),
-          build('rubocop', '0.85.1', path),
+          build('rubocop', '0.86.0', path),
           build('rubocop-ast', '0.0.3', path),
           build('rubocop-rspec', '1.40.0', path),
           build('ruby-prof', '1.4.1', path),
@@ -87,7 +90,8 @@ RSpec.describe Spandx::Ruby::Parsers::GemfileLock do
           build('sawyer', '0.8.2', path),
           build('spandx', Spandx::VERSION, path),
           build('terminal-table', '1.8.0', path),
-          build('thor', '0.20.3', path),
+          build('thor', '1.0.1', path),
+          build('timers', '4.3.0', path),
           build('tomlrb', '1.3.0', path),
           build('tty-cursor', '0.7.1', path),
           build('tty-spinner', '0.9.3', path),