Sha256: 095098395d716a7093d5bef40f0c29843faf18362248fa155d39d7045e453364
Contents?: true
Size: 1.84 KB
Versions: 2
Compression:
Stored size: 1.84 KB
Contents
# frozen_string_literal: true
module Spandx
module Core
class LicensePlugin < Spandx::Core::Plugin
def initialize(catalogue: Spdx::Catalogue.default)
@guess = Guess.new(catalogue)
end
def enhance(dependency)
package_manager = package_manager_for(dependency)
return dependency unless known?(package_manager)
return enhance_from_metadata(dependency) if available_in?(dependency.meta)
licenses_for(dependency).each do |text|
dependency.licenses << @guess.license_for(text)
end
dependency
end
private
def licenses_for(dependency)
results = cache_for(dependency).licenses_for(dependency.name, dependency.version)
results && !results.empty? ? results : gateway_for(dependency).licenses_for(dependency)
end
def cache_for(dependency, git: Spandx.git)
package_manager = package_manager_for(dependency)
git = git[package_manager.to_sym] || git[:cache]
key = key_for(package_manager)
Spandx::Core::Cache.new(key, root: "#{git.root}/.index")
end
def known?(package_manager)
%i[nuget maven rubygems npm yarn pypi composer].include?(package_manager)
end
def gateway_for(dependency)
::Spandx::Core::Gateway.find do |gateway|
gateway.matches?(dependency)
end
end
def available_in?(metadata)
metadata.respond_to?(:[]) && metadata['license']
end
def enhance_from_metadata(dependency)
dependency.meta['license'].each do |x|
dependency.licenses << @guess.license_for(x)
end
dependency
end
def key_for(package_manager)
package_manager == :yarn ? :npm : package_manager
end
def package_manager_for(dependency)
dependency.package_manager
end
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| spandx-0.13.5 | lib/spandx/core/license_plugin.rb |
| spandx-0.13.4 | lib/spandx/core/license_plugin.rb |