9 files changed, 131 insertions, 1 deletions
diff --git a/.github/licensed/bundler/rbtree3.dep.yml b/.github/licensed/bundler/rbtree3.dep.yml
new file mode 100644
index 0000000..9a7fd3b
--- /dev/null
+++ b/.github/licensed/bundler/rbtree3.dep.yml
@@ -0,0 +1,42 @@
+---
+name: rbtree3
+version: 0.6.0
+type: bundler
+summary: A RBTree is a sorted associative collection that is implemented with a Red-Black
+  Tree.
+homepage: https://github.com/kyrylo/rbtree3
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    Copyright (c) 2002-2004, 2007, 2009 OZAWA Takuma
+
+    Permission is hereby granted, free of charge, to any person
+    obtaining a copy of this software and associated documentation
+    files (the "Software"), to deal in the Software without
+    restriction, including without limitation the rights to use,
+    copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the
+    Software is furnished to do so, subject to the following
+    conditions:
+
+    The above copyright notice and this permission notice shall be
+    included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+    EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
+    OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+    NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
+    HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+    WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+    FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+    OTHER DEALINGS IN THE SOFTWARE.
+- sources: README
+  text: |-
+    MIT License. Copyright (c) 2002-2004, 2007, 2009 OZAWA Takuma.
+
+    dict.c and dict.h are modified copies that are originally in Kazlib
+    written by Kaz Kylheku. Copyright is held by Kaz Kylheku, see dict.c
+    and dict.h for the license. The web page of Kazlib is at
+    ((<URL:http://users.footprints.net/~kaz/kazlib.html>)).
+notices: []
diff --git a/.github/licensed/bundler/set.dep.yml b/.github/licensed/bundler/set.dep.yml
new file mode 100644
index 0000000..994d103
--- /dev/null
+++ b/.github/licensed/bundler/set.dep.yml
@@ -0,0 +1,35 @@
+---
+name: set
+version: 1.0.1
+type: bundler
+summary: Provides a class to deal with collections of unordered, unique values
+homepage: https://github.com/ruby/set
+license: bsd-2-clause
+licenses:
+- sources: Auto-generated BSD-2-Clause license text
+  text: |
+    BSD 2-Clause License
+
+    All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions are met:
+
+    1. Redistributions of source code must retain the above copyright notice, this
+       list of conditions and the following disclaimer.
+
+    2. Redistributions in binary form must reproduce the above copyright notice,
+       this list of conditions and the following disclaimer in the documentation
+       and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+    AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+    DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+    FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+    DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+    SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+    CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+    OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+notices: []
diff --git a/.github/licensed/bundler/sorted_set.dep.yml b/.github/licensed/bundler/sorted_set.dep.yml
new file mode 100644
index 0000000..24fc3a7
--- /dev/null
+++ b/.github/licensed/bundler/sorted_set.dep.yml
@@ -0,0 +1,38 @@
+---
+name: sorted_set
+version: 1.0.2
+type: bundler
+summary: Implements a variant of Set whose elements are sorted in ascending order
+homepage: https://github.com/knu/sorted_set
+license: other
+licenses:
+- sources: LICENSE.txt
+  text: |
+    Copyright (c) 2002-2020 Akinori MUSHA
+
+    All rights reserved.
+
+    Redistribution and use in source and binary forms, with or without
+    modification, are permitted provided that the following conditions
+    are met:
+    1. Redistributions of source code must retain the above copyright
+       notice, this list of conditions and the following disclaimer.
+    2. Redistributions in binary form must reproduce the above copyright
+       notice, this list of conditions and the following disclaimer in the
+       documentation and/or other materials provided with the distribution.
+
+    THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+    ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+    IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+    ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+    FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+    DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+    OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+    HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+    LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+    OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+    SUCH DAMAGE.
+- sources: README.md
+  text: The gem is available as open source under either the terms of the [2-Clause
+    BSD License](https://opensource.org/licenses/BSD-2-Clause).
+notices: []
diff --git a/.licensed.yml b/.licensed.yml
index e73e662..9324834 100644
--- a/.licensed.yml
+++ b/.licensed.yml
@@ -4,7 +4,11 @@ sources:
 cache_path: '.github/licensed'
 allowed:
   - apache-2.0
+  - bsd-2-clause
   - mit
+reviewed:
+  bundler:
+    - sorted_set
 bundler:
   without:
     - development
diff --git a/Gemfile.lock b/Gemfile.lock
index ae6630f..43a000f 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -8,6 +8,7 @@ PATH
       nokogiri (~> 1.10)
       oj (~> 3.10)
       parslet (~> 2.0)
+      sorted_set (~> 1.0)
       terminal-table (~> 1.8)
       thor
       tty-spinner (~> 0.9)
@@ -68,6 +69,7 @@ GEM
     rake (13.0.3)
     rake-compiler (1.1.1)
       rake
+    rbtree3 (0.6.0)
     regexp_parser (2.0.2)
     reverse_markdown (1.4.0)
       nokogiri
@@ -112,6 +114,10 @@ GEM
     sawyer (0.8.2)
       addressable (>= 2.3.5)
       faraday (> 0.8, < 2.0)
+    set (1.0.1)
+    sorted_set (1.0.2)
+      rbtree3
+      set (~> 1.0)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
     thor (1.0.1)
diff --git a/lib/spandx.rb b/lib/spandx.rb
index 3567d75..5b5fe36 100644
--- a/lib/spandx.rb
+++ b/lib/spandx.rb
@@ -11,6 +11,7 @@ require 'nokogiri'
 require 'oj'
 require 'parslet'
 require 'pathname'
+require 'sorted_set' if RUBY_VERSION.match?(/^3\./)
 require 'yaml'
 require 'zeitwerk'
 require 'spandx/spandx'
diff --git a/lib/spandx/cli/commands/build.rb b/lib/spandx/cli/commands/build.rb
index 0989745..544706f 100644
--- a/lib/spandx/cli/commands/build.rb
+++ b/lib/spandx/cli/commands/build.rb
@@ -5,9 +5,9 @@ module Spandx
     module Commands
       class Build
         INDEXES = {
+          dotnet: Spandx::Dotnet::Index,
           maven: Spandx::Java::Index,
           nuget: Spandx::Dotnet::Index,
-          dotnet: Spandx::Dotnet::Index,
           pypi: Spandx::Python::Index,
         }.freeze
 
diff --git a/spandx.gemspec b/spandx.gemspec
index 853047b..adef45e 100644
--- a/spandx.gemspec
+++ b/spandx.gemspec
@@ -38,6 +38,7 @@ Gem::Specification.new do |spec|
   spec.add_dependency 'nokogiri', '~> 1.10'
   spec.add_dependency 'oj', '~> 3.10'
   spec.add_dependency 'parslet', '~> 2.0'
+  spec.add_dependency 'sorted_set', '~> 1.0'
   spec.add_dependency 'terminal-table', '~> 1.8'
   spec.add_dependency 'thor'
   spec.add_dependency 'tty-spinner', '~> 0.9'
diff --git a/spec/unit/ruby/parsers/gemfile_lock_spec.rb b/spec/unit/ruby/parsers/gemfile_lock_spec.rb
index 0c396f7..6140f88 100644
--- a/spec/unit/ruby/parsers/gemfile_lock_spec.rb
+++ b/spec/unit/ruby/parsers/gemfile_lock_spec.rb
@@ -67,6 +67,7 @@ RSpec.describe Spandx::Ruby::Parsers::GemfileLock do
           build('rainbow', '3.0.0', path),
           build('rake', '13.0.3', path),
           build('rake-compiler', '1.1.1', path),
+          build('rbtree3', '0.6.0', path),
           build('regexp_parser', '2.0.2', path),
           build('reverse_markdown', '1.4.0', path),
           build('rexml', '3.2.4', path),
@@ -85,6 +86,8 @@ RSpec.describe Spandx::Ruby::Parsers::GemfileLock do
           build('ruby2_keywords', '0.0.2', path),
           build('rugged', '1.1.0', path),
           build('sawyer', '0.8.2', path),
+          build('set', '1.0.1', path),
+          build('sorted_set', '1.0.2', path),
           build('spandx', Spandx::VERSION, path),
           build('terminal-table', '1.8.0', path),
           build('thor', '1.0.1', path),