Sha256: 48af2a6cd745d5f9e2a8c06233c4bf564820026bf29f8fa9aa653b7243cf9e00
Contents?: true
Size: 1.53 KB
Versions: 4
Compression:
Stored size: 1.53 KB
Contents
# frozen_string_literal: true
module Spandx
module Core
class LicensePlugin < Spandx::Core::Plugin
def initialize(catalogue: Spdx::Catalogue.from_git)
@guess = Guess.new(catalogue)
end
def enhance(dependency)
return dependency unless known?(dependency.package_manager)
return enhance_from_metadata(dependency) if available_in?(dependency.meta)
licenses_for(dependency).each do |text|
dependency.licenses << @guess.license_for(text)
end
dependency
end
private
def licenses_for(dependency)
results = cache_for(dependency).licenses_for(dependency.name, dependency.version)
results && !results.empty? ? results : gateway_for(dependency).licenses_for(dependency)
end
def cache_for(dependency, git: Spandx.git)
db = git[dependency.package_manager.to_sym] || git[:cache]
Spandx::Core::Cache.new(dependency.package_manager, db: db)
end
def known?(package_manager)
%i[nuget maven rubygems npm yarn pypi composer].include?(package_manager)
end
def gateway_for(dependency)
::Spandx::Core::Gateway.find do |gateway|
gateway.matches?(dependency)
end
end
def available_in?(metadata)
metadata.respond_to?(:[]) && metadata['license']
end
def enhance_from_metadata(dependency)
dependency.meta['license'].each do |x|
dependency.licenses << @guess.license_for(x)
end
dependency
end
end
end
end
Version data entries
4 entries across 4 versions & 1 rubygems