class LicenseScout::DependencyManager::Mix

Attributes

packaged_dependencies[R]

Public Class Methods

new(directory) click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 26
def initialize(directory)
  super(directory)

  @packaged_dependencies = {}
end

Public Instance Methods

dependencies() click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 52
def dependencies
  parse_packaged_dependencies

  # Some dependencies are obtained via 'pkg' identifier of rebar. These
  # dependencies include their version in the rebar.lock file. Here we
  # parse the rebar.lock and remember all the versions we find.
  packaged_dependencies.map do |dep_name, dep_version|
    dep_path = Dir.glob(File.join(directory, "**", "deps", dep_name)).first

    dependency = new_dependency(dep_name, dep_version, dep_path)

    Array(hex_info(dep_name).dig("meta", "licenses")).each do |license|
      dependency.add_license(license, "https://hex.pm/api/packages/#{dep_name}")
    end

    dependency
  end.compact
end
detected?() click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 48
def detected?
  File.exist?(mix_lock_path)
end
install_command() click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 44
def install_command
  "mix deps.get"
end
name() click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 32
def name
  "elixir_mix"
end
signature() click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 40
def signature
  "mix.lock file"
end
type() click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 36
def type
  "elixir"
end

Private Instance Methods

hex_info(package_name) click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 93
def hex_info(package_name)
  response = Net::HTTP.get_response(URI("https://hex.pm/api/packages/#{package_name}"))

  if response.is_a?(Net::HTTPSuccess)
    FFI_Yajl::Parser.parse(response.body)
  else
    case response.code
    when "404"
      LicenseScout::Log.debug("[elixir] Unable to download hex.pm info for #{package_name}")
      {}
    else
      raise LicenseScout::Exceptions::UpstreamFetchError.new("Received \"#{response.code} #{response.msg}\" when attempting to fetch package information for the #{package_name} Hex package")
    end
  end
end
mix_lock_path() click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 89
def mix_lock_path
  File.join(directory, "mix.lock")
end
parse_packaged_dependencies() click to toggle source
# File lib/license_scout/dependency_manager/mix.rb, line 73
def parse_packaged_dependencies
  mix_lock_to_json_path = File.expand_path("../../../bin/mix_lock_json", File.dirname(__FILE__))
  s = Mixlib::ShellOut.new("#{LicenseScout::Config.escript_bin} #{mix_lock_to_json_path} #{mix_lock_path}", environment: LicenseScout::Config.environment)
  s.run_command
  s.error!

  mix_lock_content = FFI_Yajl::Parser.parse(s.stdout)

  mix_lock_content.each do |dep|
    name = dep.keys.first
    version = dep.values.first

    @packaged_dependencies[name] = version
  end
end