6 files changed, 94 insertions, 12 deletions

diff --git a/lib/spandx.rb b/lib/spandx.rb
index 3567d75..0acaccb 100644
--- a/lib/spandx.rb
+++ b/lib/spandx.rb
@@ -11,6 +11,7 @@ require 'nokogiri'
 require 'oj'
 require 'parslet'
 require 'pathname'
+require 'sorted_set'
 require 'yaml'
 require 'zeitwerk'
 require 'spandx/spandx'
diff --git a/lib/spandx/cli/commands/build.rb b/lib/spandx/cli/commands/build.rb
index 0989745..c2ac624 100644
--- a/lib/spandx/cli/commands/build.rb
+++ b/lib/spandx/cli/commands/build.rb
@@ -5,10 +5,11 @@ module Spandx
     module Commands
       class Build
         INDEXES = {
+          dotnet: Spandx::Dotnet::Index,
           maven: Spandx::Java::Index,
           nuget: Spandx::Dotnet::Index,
-          dotnet: Spandx::Dotnet::Index,
           pypi: Spandx::Python::Index,
+          rubygems: Spandx::Ruby::Index,
         }.freeze
 
         def initialize(options)
diff --git a/lib/spandx/cli/main.rb b/lib/spandx/cli/main.rb
index bb27f83..fad102c 100644
--- a/lib/spandx/cli/main.rb
+++ b/lib/spandx/cli/main.rb
@@ -12,15 +12,11 @@ module Spandx
       method_option :pull, aliases: '-p', type: :boolean, desc: 'Pull the latest cache before the scan', default: false
       method_option :require, aliases: '-r', type: :string, desc: 'Causes spandx to load the library using require.', default: nil
       def scan(lockfile = Pathname.pwd)
-        if options[:help]
-          invoke :help, ['scan']
-        else
-          Oj.default_options = { mode: :strict }
-          Spandx.airgap = options[:airgap]
-          Spandx.logger = Logger.new(options[:logfile])
-          pull if options[:pull]
-          Spandx::Cli::Commands::Scan.new(lockfile, options).execute
-        end
+        return invoke :help, ['scan'] if options[:help]
+
+        prepare(options)
+        pull if options[:pull]
+        Spandx::Cli::Commands::Scan.new(lockfile, options).execute
       end
 
       desc 'pull', 'Pull the latest offline cache'
@@ -52,6 +48,14 @@ module Spandx
         puts "v#{Spandx::VERSION}"
       end
       map %w[--version -v] => :version
+
+      private
+
+      def prepare(options)
+        Oj.default_options = { mode: :strict }
+        Spandx.airgap = options[:airgap]
+        Spandx.logger = Logger.new(options[:logfile])
+      end
     end
   end
 end
diff --git a/lib/spandx/ruby/gateway.rb b/lib/spandx/ruby/gateway.rb
index 208eb9e..6ab6313 100644
--- a/lib/spandx/ruby/gateway.rb
+++ b/lib/spandx/ruby/gateway.rb
@@ -8,8 +8,21 @@ module Spandx
         @http = http
       end
 
+      def each
+        response = http.get('https://index.rubygems.org/versions')
+        return unless http.ok?(response)
+
+        parse_each_from(StringIO.new(response.body)) do |item|
+          yield item
+        end
+      end
+
       def licenses_for(dependency)
-        details_on(dependency.name, dependency.version)['licenses'] || []
+        licenses(dependency.name, dependency.version)
+      end
+
+      def licenses(name, version)
+        details_on(name, version)['licenses'] || []
       end
 
       def matches?(dependency)
@@ -20,6 +33,17 @@ module Spandx
 
       attr_reader :http
 
+      def parse_each_from(io)
+        _created_at = io.readline
+        _triple_dash = io.readline
+        until io.eof?
+          name, versions, _digest = io.readline.split(' ')
+          versions.split(',').each do |version|
+            yield({ name: name, version: version })
+          end
+        end
+      end
+
       def details_on(name, version)
         url = "https://rubygems.org/api/v2/rubygems/#{name}/versions/#{version}.json"
         response = http.get(url, default: {})
diff --git a/lib/spandx/ruby/index.rb b/lib/spandx/ruby/index.rb
new file mode 100644
index 0000000..01152a5
--- /dev/null
+++ b/lib/spandx/ruby/index.rb
@@ -0,0 +1,52 @@
+# frozen_string_literal: true
+
+module Spandx
+  module Ruby
+    class Index
+      include Enumerable
+
+      attr_reader :directory, :name, :rubygems
+
+      def initialize(directory:)
+        @directory = directory
+        @name = 'rubygems'
+        @cache = ::Spandx::Core::Cache.new(@name, root: directory)
+        @rubygems = ::Spandx::Ruby::Gateway.new
+      end
+
+      def update!(*)
+        queue = Queue.new
+        [fetch(queue), save(queue)].each(&:join)
+        cache.rebuild_index
+      end
+
+      private
+
+      attr_reader :cache
+
+      def fetch(queue)
+        Thread.new do
+          rubygems.each do |item|
+            queue.enq(
+              item.merge(
+                licenses: rubygems.licenses(item[:name], item[:version])
+              )
+            )
+          end
+          queue.enq(:stop)
+        end
+      end
+
+      def save(queue)
+        Thread.new do
+          loop do
+            item = queue.deq
+            break if item == :stop
+
+            cache.insert(item[:name], item[:version], item[:licenses])
+          end
+        end
+      end
+    end
+  end
+end
diff --git a/lib/spandx/version.rb b/lib/spandx/version.rb
index 67b2980..6070948 100644
--- a/lib/spandx/version.rb
+++ b/lib/spandx/version.rb
@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Spandx
-  VERSION = '0.16.1'
+  VERSION = '0.17.0'
 end