class LicenseScout::DependencyManager::Cpanm

Public Instance Methods

dependencies() click to toggle source
# File lib/license_scout/dependency_manager/cpanm.rb, line 47
def dependencies
  Dir.glob("#{cpanm_root}/latest-build/*").map do |dep_path|
    next unless File.directory?(dep_path)

    dep_data = manifest(dep_path)
    metafile = dep_data["metafile"]
    dep_name = dep_data["name"]
    dep_version = dep_data["version"]

    dependency = new_dependency(dep_name, dep_version, dep_path)

    # CPANM projects contain license metadata - include it!
    unless dep_data["license"].nil?
      Array(dep_data["license"]).each do |license|
        next if license == "unknown"

        dependency.add_license(license, metafile)
      end
    end

    dependency
  end.compact
end
detected?() click to toggle source

NOTE: it's possible that projects won't have a META.yml, but the two that we care about for Chef Server do have one. As of 2015, 84% of perl distribution packages have one: neilb.org/2015/10/18/spotters-guide.html

# File lib/license_scout/dependency_manager/cpanm.rb, line 43
def detected?
  File.exist?(meta_json_path) || File.exist?(meta_yml_path)
end
install_command() click to toggle source
# File lib/license_scout/dependency_manager/cpanm.rb, line 36
def install_command
  "cpanm --installdeps ."
end
name() click to toggle source
# File lib/license_scout/dependency_manager/cpanm.rb, line 24
def name
  "perl_cpanm"
end
signature() click to toggle source
# File lib/license_scout/dependency_manager/cpanm.rb, line 32
def signature
  File.exist?(meta_json_path) ? "META.json file" : "META.yml file"
end
type() click to toggle source
# File lib/license_scout/dependency_manager/cpanm.rb, line 28
def type
  "perl"
end

Private Instance Methods

cpanm_root() click to toggle source
# File lib/license_scout/dependency_manager/cpanm.rb, line 100
def cpanm_root
  # By default cpanm downloads all the dependencies into ~/.cpanm directory
  File.expand_path(LicenseScout::Config.cpanm_root)
end
manifest(unpack_path) click to toggle source

Packages can contain metadata files named META.yml, META.json, MYMETA.json, MYMETA.yml. META.* files are created by the authors of the plugins whereas MYMETA.* files are created by the build system after dynamic dependencies are resolved. For our purposes META.* files are enough. And for no good reason we prioritize json files over yml files.

# File lib/license_scout/dependency_manager/cpanm.rb, line 87
def manifest(unpack_path)
  json_path = File.join(unpack_path, "META.json")
  yml_path = File.join(unpack_path, "META.yml")

  if File.exist?(json_path)
    FFI_Yajl::Parser.parse(File.read(json_path)).merge({ "metafile" => "META.json" })
  elsif File.exist?(yml_path)
    Psych.safe_load(File.read(yml_path)).merge({ "metafile" => "META.yml" })
  else
    raise LicenseScout::Exceptions::Error.new("Can not find a metadata file for the perl package at '#{unpack_path}'.")
  end
end
meta_json_path() click to toggle source
# File lib/license_scout/dependency_manager/cpanm.rb, line 77
def meta_json_path
  File.join(directory, "META.json")
end
meta_yml_path() click to toggle source
# File lib/license_scout/dependency_manager/cpanm.rb, line 73
def meta_yml_path
  File.join(directory, "META.yml")
end