lib/licensed/commands/status.rb in licensed-4.1.0 vs lib/licensed/commands/status.rb in licensed-4.2.0
- old
+ new
@@ -58,23 +58,24 @@
report["license"] = record["license"]
report.errors << "dependency record out of date" if record["version"] != dependency.version
report.errors << "missing license text" if record.licenses.empty?
if record["review_changed_license"]
report.errors << "license text has changed and needs re-review. if the new text is ok, remove the `review_changed_license` flag from the cached record"
- elsif license_needs_review?(app, record)
+ elsif license_needs_review?(app, source, record)
report.errors << needs_review_error_message(app, record)
end
end
report["allowed"] = report.errors.empty?
end
# Returns true if a cached record needs further review based on the
# record's license(s) and the app's configuration
- def license_needs_review?(app, record)
+ def license_needs_review?(app, source, record)
# review is not needed if the record is set as reviewed
- return false if app.reviewed?(record, match_version: data_source == "configuration")
+ require_version = data_source == "configuration" || source.class.require_matched_dependency_version
+ return false if app.reviewed?(record, require_version: require_version)
# review is not needed if the top level license is allowed
return false if app.allowed?(record["license"])
# the remaining checks are meant to allow records marked as "other"
@@ -97,10 +98,10 @@
return "license needs review: #{record["license"]}" if data_source == "files"
error = "dependency needs review"
# look for an unversioned reviewed list match
- if app.reviewed?(record, match_version: false)
+ if app.reviewed?(record, require_version: false)
error += ", unversioned 'reviewed' match found: #{record["name"]}"
end
# look for other version matches in reviewed list
possible_matches = app.reviewed_versions(record)