This is an automated email from the ASF dual-hosted git repository.
kezhenxu94 pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/skywalking-eyes.git
The following commit(s) were added to refs/heads/main by this push:
new 0eaf2c1 Add `version` property to dependency resolution results (#78)
0eaf2c1 is described below
commit 0eaf2c170598546d2b116f3f1178f480d9b73776
Author: mrproliu <[email protected]>
AuthorDate: Tue Oct 12 10:39:31 2021 +0800
Add `version` property to dependency resolution results (#78)
---
README.md | 219 ++++++++++++++++++++++++++++++++++++++++++++---------
pkg/deps/golang.go | 4 +-
pkg/deps/jar.go | 15 ++--
pkg/deps/maven.go | 6 +-
pkg/deps/npm.go | 2 +
pkg/deps/result.go | 15 ++--
6 files changed, 212 insertions(+), 49 deletions(-)
diff --git a/README.md b/README.md
index 00b96ef..b92fced 100644
--- a/README.md
+++ b/README.md
@@ -125,40 +125,191 @@ you can put them in distribution package if needed.
bin/darwin/license-eye -c test/testdata/.licenserc_for_test_check.yaml dep
resolve -o ./dependencies/licenses
INFO GITHUB_TOKEN is not set, license-eye won't comment on the pull request
INFO Loading configuration from file:
test/testdata/.licenserc_for_test_check.yaml
-WARNING Failed to resolve the license of dependency: gopkg.in/yaml.v3 cannot
identify license content
-Dependency | License
-------------------------------------------- | ------------
-github.com/bmatcuk/doublestar/v2 | MIT
-github.com/sirupsen/logrus | MIT
-golang.org/x/sys/unix | BSD-3-Clause
-github.com/spf13/cobra | Apache-2.0
-github.com/spf13/pflag | BSD-3-Clause
-vendor/golang.org/x/net/dns/dnsmessage | BSD-3-Clause
-vendor/golang.org/x/net/route | BSD-3-Clause
-golang.org/x/oauth2 | BSD-3-Clause
-golang.org/x/oauth2/internal | BSD-3-Clause
-vendor/golang.org/x/crypto/cryptobyte | BSD-3-Clause
-vendor/golang.org/x/crypto/cryptobyte/asn1 | BSD-3-Clause
-golang.org/x/net/context/ctxhttp | BSD-3-Clause
-vendor/golang.org/x/crypto/chacha20poly1305 | BSD-3-Clause
-vendor/golang.org/x/crypto/chacha20 | BSD-3-Clause
-vendor/golang.org/x/crypto/internal/subtle | BSD-3-Clause
-vendor/golang.org/x/crypto/poly1305 | BSD-3-Clause
-vendor/golang.org/x/sys/cpu | BSD-3-Clause
-vendor/golang.org/x/crypto/curve25519 | BSD-3-Clause
-vendor/golang.org/x/crypto/hkdf | BSD-3-Clause
-vendor/golang.org/x/net/http/httpguts | BSD-3-Clause
-vendor/golang.org/x/net/idna | BSD-3-Clause
-vendor/golang.org/x/text/secure/bidirule | BSD-3-Clause
-vendor/golang.org/x/text/transform | BSD-3-Clause
-vendor/golang.org/x/text/unicode/bidi | BSD-3-Clause
-vendor/golang.org/x/text/unicode/norm | BSD-3-Clause
-vendor/golang.org/x/net/http/httpproxy | BSD-3-Clause
-vendor/golang.org/x/net/http2/hpack | BSD-3-Clause
-gopkg.in/yaml.v3 | Unknown
-
-ERROR failed to identify the licenses of following packages:
-gopkg.in/yaml.v3
+WARNING Failed to resolve the license of <github.com/gogo/protobuf>: cannot
identify license content
+WARNING Failed to resolve the license of <github.com/kr/logfmt>: cannot find
license file
+WARNING Failed to resolve the license of <github.com/magiconair/properties>:
cannot identify license content
+WARNING Failed to resolve the license of <github.com/miekg/dns>: cannot
identify license content
+WARNING Failed to resolve the license of <github.com/pascaldekloe/goe>: cannot
identify license content
+WARNING Failed to resolve the license of <github.com/russross/blackfriday/v2>:
cannot identify license content
+WARNING Failed to resolve the license of <gopkg.in/check.v1>: cannot identify
license content
+Dependency | License |
Version
+-------------------------------------------------- | -------------- |
------------------------------------
+cloud.google.com/go | Apache-2.0 |
v0.46.3
+cloud.google.com/go/bigquery | Apache-2.0 |
v1.0.1
+cloud.google.com/go/datastore | Apache-2.0 |
v1.0.0
+cloud.google.com/go/firestore | Apache-2.0 |
v1.1.0
+cloud.google.com/go/pubsub | Apache-2.0 |
v1.0.1
+cloud.google.com/go/storage | Apache-2.0 |
v1.0.0
+dmitri.shuralyov.com/gpu/mtl | BSD-3-Clause |
v0.0.0-20190408044501-666a987793e9
+github.com/BurntSushi/toml | MIT |
v0.3.1
+github.com/BurntSushi/xgb | BSD-3-Clause |
v0.0.0-20160522181843-27f122750802
+github.com/OneOfOne/xxhash | Apache-2.0 |
v1.2.2
+github.com/alecthomas/template | BSD-3-Clause |
v0.0.0-20160405071501-a0175ee3bccc
+github.com/alecthomas/units | MIT |
v0.0.0-20151022065526-2efee857e7cf
+github.com/armon/circbuf | MIT |
v0.0.0-20150827004946-bbbad097214e
+github.com/armon/go-metrics | MIT |
v0.0.0-20180917152333-f0300d1749da
+github.com/armon/go-radix | MIT |
v0.0.0-20180808171621-7fddfc383310
+github.com/beorn7/perks | MIT |
v1.0.0
+github.com/bgentry/speakeasy | MIT |
v0.1.0
+github.com/bketelsen/crypt | MIT |
v0.0.3-0.20200106085610-5cbc8cc4026c
+github.com/bmatcuk/doublestar/v2 | MIT |
v2.0.4
+github.com/cespare/xxhash | MIT |
v1.1.0
+github.com/client9/misspell | MIT |
v0.3.4
+github.com/coreos/bbolt | MIT |
v1.3.2
+github.com/coreos/etcd | Apache-2.0 |
v3.3.13+incompatible
+github.com/coreos/go-semver | Apache-2.0 |
v0.3.0
+github.com/coreos/go-systemd | Apache-2.0 |
v0.0.0-20190321100706-95778dfbb74e
+github.com/coreos/pkg | Apache-2.0 |
v0.0.0-20180928190104-399ea9e2e55f
+github.com/cpuguy83/go-md2man/v2 | MIT |
v2.0.0
+github.com/davecgh/go-spew | ISC |
v1.1.1
+github.com/dgrijalva/jwt-go | MIT |
v3.2.0+incompatible
+github.com/dgryski/go-sip13 | MIT |
v0.0.0-20181026042036-e10d5fee7954
+github.com/fatih/color | MIT |
v1.7.0
+github.com/fsnotify/fsnotify | BSD-3-Clause |
v1.4.7
+github.com/ghodss/yaml | MIT |
v1.0.0
+github.com/go-gl/glfw | BSD-3-Clause |
v0.0.0-20190409004039-e6da0acd62b1
+github.com/go-kit/kit | MIT |
v0.8.0
+github.com/go-logfmt/logfmt | MIT |
v0.4.0
+github.com/go-stack/stack | MIT |
v1.8.0
+github.com/golang/glog | Apache-2.0 |
v0.0.0-20160126235308-23def4e6c14b
+github.com/golang/groupcache | Apache-2.0 |
v0.0.0-20190129154638-5b532d6fd5ef
+github.com/golang/mock | Apache-2.0 |
v1.3.1
+github.com/golang/protobuf | BSD-3-Clause |
v1.3.2
+github.com/google/btree | Apache-2.0 |
v1.0.0
+github.com/google/go-cmp | BSD-3-Clause |
v0.3.0
+github.com/google/go-github/v33 | BSD-3-Clause |
v33.0.0
+github.com/google/go-querystring | BSD-3-Clause |
v1.0.0
+github.com/google/martian | Apache-2.0 |
v2.1.0+incompatible
+github.com/google/pprof | Apache-2.0 |
v0.0.0-20190515194954-54271f7e092f
+github.com/google/renameio | Apache-2.0 |
v0.1.0
+github.com/googleapis/gax-go/v2 | BSD-3-Clause |
v2.0.5
+github.com/gopherjs/gopherjs | BSD-2-Clause |
v0.0.0-20181017120253-0766667cb4d1
+github.com/gorilla/websocket | BSD-2-Clause |
v1.4.2
+github.com/grpc-ecosystem/go-grpc-middleware | Apache-2.0 |
v1.0.0
+github.com/grpc-ecosystem/go-grpc-prometheus | Apache-2.0 |
v1.2.0
+github.com/grpc-ecosystem/grpc-gateway | BSD-3-Clause |
v1.9.0
+github.com/hashicorp/consul/api | MPL-2.0 |
v1.1.0
+github.com/hashicorp/consul/sdk | MPL-2.0 |
v0.1.1
+github.com/hashicorp/errwrap | MPL-2.0 |
v1.0.0
+github.com/hashicorp/go-cleanhttp | MPL-2.0 |
v0.5.1
+github.com/hashicorp/go-immutable-radix | MPL-2.0 |
v1.0.0
+github.com/hashicorp/go-msgpack | BSD-3-Clause |
v0.5.3
+github.com/hashicorp/go-multierror | MPL-2.0 |
v1.0.0
+github.com/hashicorp/go-rootcerts | MPL-2.0 |
v1.0.0
+github.com/hashicorp/go-sockaddr | MPL-2.0 |
v1.0.0
+github.com/hashicorp/go-syslog | MIT |
v1.0.0
+github.com/hashicorp/go-uuid | MPL-2.0 |
v1.0.1
+github.com/hashicorp/go.net | BSD-3-Clause |
v0.0.1
+github.com/hashicorp/golang-lru | MPL-2.0 |
v0.5.1
+github.com/hashicorp/hcl | MPL-2.0 |
v1.0.0
+github.com/hashicorp/logutils | MPL-2.0 |
v1.0.0
+github.com/hashicorp/mdns | MIT |
v1.0.0
+github.com/hashicorp/memberlist | MPL-2.0 |
v0.1.3
+github.com/hashicorp/serf | MPL-2.0 |
v0.8.2
+github.com/inconshreveable/mousetrap | Apache-2.0 |
v1.0.0
+github.com/jonboulle/clockwork | Apache-2.0 |
v0.1.0
+github.com/json-iterator/go | MIT |
v1.1.6
+github.com/jstemmer/go-junit-report | MIT |
v0.0.0-20190106144839-af01ea7f8024
+github.com/jtolds/gls | MIT |
v4.20.0+incompatible
+github.com/julienschmidt/httprouter | BSD-3-Clause |
v1.2.0
+github.com/kisielk/errcheck | MIT |
v1.1.0
+github.com/kisielk/gotool | MIT |
v1.0.0
+github.com/konsorten/go-windows-terminal-sequences | MIT |
v1.0.1
+github.com/kr/pretty | MIT |
v0.1.0
+github.com/kr/pty | MIT |
v1.1.1
+github.com/kr/text | MIT |
v0.1.0
+github.com/mattn/go-colorable | MIT |
v0.0.9
+github.com/mattn/go-isatty | MIT |
v0.0.3
+github.com/matttproud/golang_protobuf_extensions | Apache-2.0 |
v1.0.1
+github.com/mitchellh/cli | MPL-2.0 |
v1.0.0
+github.com/mitchellh/go-homedir | MIT |
v1.1.0
+github.com/mitchellh/go-testing-interface | MIT |
v1.0.0
+github.com/mitchellh/gox | MPL-2.0 |
v0.4.0
+github.com/mitchellh/iochan | MIT |
v1.0.0
+github.com/mitchellh/mapstructure | MIT |
v1.1.2
+github.com/modern-go/concurrent | Apache-2.0 |
v0.0.0-20180306012644-bacd9c7ef1dd
+github.com/modern-go/reflect2 | Apache-2.0 |
v1.0.1
+github.com/mwitkow/go-conntrack | Apache-2.0 |
v0.0.0-20161129095857-cc309e4a2223
+github.com/oklog/ulid | Apache-2.0 |
v1.3.1
+github.com/pelletier/go-toml | MIT |
v1.2.0
+github.com/pkg/errors | BSD-2-Clause |
v0.8.1
+github.com/pmezard/go-difflib | BSD-3-Clause |
v1.0.0
+github.com/posener/complete | MIT |
v1.1.1
+github.com/prometheus/client_golang | Apache-2.0 |
v0.9.3
+github.com/prometheus/client_model | Apache-2.0 |
v0.0.0-20190129233127-fd36f4220a90
+github.com/prometheus/common | Apache-2.0 |
v0.4.0
+github.com/prometheus/procfs | Apache-2.0 |
v0.0.0-20190507164030-5867b95ac084
+github.com/prometheus/tsdb | Apache-2.0 |
v0.7.1
+github.com/rogpeppe/fastuuid | BSD-3-Clause |
v0.0.0-20150106093220-6724a57986af
+github.com/rogpeppe/go-internal | BSD-3-Clause |
v1.3.0
+github.com/ryanuber/columnize | MIT |
v0.0.0-20160712163229-9b3edd62028f
+github.com/sean-/seed | MIT |
v0.0.0-20170313163322-e2103e2c3529
+github.com/shurcooL/sanitized_anchor_name | MIT |
v1.0.0
+github.com/sirupsen/logrus | MIT |
v1.7.0
+github.com/smartystreets/assertions | MIT |
v0.0.0-20180927180507-b2de0cb4f26d
+github.com/smartystreets/goconvey | MIT |
v1.6.4
+github.com/soheilhy/cmux | Apache-2.0 |
v0.1.4
+github.com/spaolacci/murmur3 | BSD-3-Clause |
v0.0.0-20180118202830-f09979ecbc72
+github.com/spf13/afero | Apache-2.0 |
v1.1.2
+github.com/spf13/cast | MIT |
v1.3.0
+github.com/spf13/cobra | Apache-2.0 |
v1.1.1
+github.com/spf13/jwalterweatherman | MIT |
v1.0.0
+github.com/spf13/pflag | BSD-3-Clause |
v1.0.5
+github.com/spf13/viper | MIT |
v1.7.0
+github.com/stretchr/objx | MIT |
v0.1.1
+github.com/stretchr/testify | MIT |
v1.3.0
+github.com/subosito/gotenv | MIT |
v1.2.0
+github.com/tmc/grpc-websocket-proxy | MIT |
v0.0.0-20190109142713-0ad062ec5ee5
+github.com/xiang90/probing | MIT |
v0.0.0-20190116061207-43a291ad63a2
+github.com/yuin/goldmark | MIT |
v1.3.5
+go.etcd.io/bbolt | MIT |
v1.3.2
+go.opencensus.io | Apache-2.0 |
v0.22.0
+go.uber.org/atomic | MIT |
v1.4.0
+go.uber.org/multierr | MIT |
v1.1.0
+go.uber.org/zap | MIT |
v1.10.0
+golang.org/x/crypto | BSD-3-Clause |
v0.0.0-20191011191535-87dc89f01550
+golang.org/x/exp | BSD-3-Clause |
v0.0.0-20191030013958-a1ab85dbe136
+golang.org/x/image | BSD-3-Clause |
v0.0.0-20190802002840-cff245a6509b
+golang.org/x/lint | BSD-3-Clause |
v0.0.0-20190930215403-16217165b5de
+golang.org/x/mobile | BSD-3-Clause |
v0.0.0-20190719004257-d2bd2a29d028
+golang.org/x/mod | BSD-3-Clause |
v0.4.2
+golang.org/x/net | BSD-3-Clause |
v0.0.0-20210726213435-c6fcb2dbf985
+golang.org/x/oauth2 | BSD-3-Clause |
v0.0.0-20190604053449-0f29369cfe45
+golang.org/x/sync | BSD-3-Clause |
v0.0.0-20210220032951-036812b2e83c
+golang.org/x/sys | BSD-3-Clause |
v0.0.0-20210510120138-977fb7262007
+golang.org/x/term | BSD-3-Clause |
v0.0.0-20201126162022-7de9c90e9dd1
+golang.org/x/text | BSD-3-Clause |
v0.3.6
+golang.org/x/time | BSD-3-Clause |
v0.0.0-20190308202827-9d24e82272b4
+golang.org/x/tools | BSD-3-Clause |
v0.1.5
+golang.org/x/xerrors | BSD-3-Clause |
v0.0.0-20200804184101-5ec99f83aff1
+google.golang.org/api | BSD-3-Clause |
v0.13.0
+google.golang.org/appengine | Apache-2.0 |
v1.6.1
+google.golang.org/genproto | Apache-2.0 |
v0.0.0-20191108220845-16a3f7862a1a
+google.golang.org/grpc | Apache-2.0 |
v1.21.1
+gopkg.in/alecthomas/kingpin.v2 | MIT |
v2.2.6
+gopkg.in/errgo.v2 | BSD-3-Clause |
v2.1.0
+gopkg.in/ini.v1 | Apache-2.0 |
v1.51.0
+gopkg.in/resty.v1 | MIT |
v1.12.0
+gopkg.in/yaml.v2 | Apache-2.0 |
v2.2.8
+gopkg.in/yaml.v3 | MIT and Apache |
v3.0.0-20200615113413-eeeca48fe776
+honnef.co/go/tools | MIT |
v0.0.1-2019.2.3
+rsc.io/binaryregexp | BSD-3-Clause |
v0.2.0
+github.com/gogo/protobuf | Unknown |
v1.2.1
+github.com/kr/logfmt | Unknown |
v0.0.0-20140226030751-b84e30acd515
+github.com/magiconair/properties | Unknown |
v1.8.1
+github.com/miekg/dns | Unknown |
v1.0.14
+github.com/pascaldekloe/goe | Unknown |
v0.0.0-20180627143212-57f6aae5913c
+github.com/russross/blackfriday/v2 | Unknown |
v2.0.1
+gopkg.in/check.v1 | Unknown |
v1.0.0-20180628173108-788fd7840127
+
+ERROR failed to identify the licenses of following packages (7):
+github.com/gogo/protobuf
+github.com/kr/logfmt
+github.com/magiconair/properties
+github.com/miekg/dns
+github.com/pascaldekloe/goe
+github.com/russross/blackfriday/v2
+gopkg.in/check.v1
```
#### Check Dependencies' licenses
diff --git a/pkg/deps/golang.go b/pkg/deps/golang.go
index 83d1e9c..872787e 100644
--- a/pkg/deps/golang.go
+++ b/pkg/deps/golang.go
@@ -59,7 +59,7 @@ func (resolver *GoModResolver) Resolve(goModFile string,
report *Report) error {
return err
}
- output, err := exec.Command("go", "list", "-m", "-json", "all").Output()
+ output, err := exec.Command("go", "mod", "download", "-json").Output()
if err != nil {
return err
}
@@ -91,6 +91,7 @@ func (resolver *GoModResolver) ResolvePackages(modules
[]*packages.Module, repor
report.Skip(&Result{
Dependency: module.Path,
LicenseSpdxID: Unknown,
+ Version: module.Version,
})
}
}
@@ -126,6 +127,7 @@ func (resolver *GoModResolver) ResolvePackageLicense(module
*packages.Module, re
LicenseFilePath: licenseFilePath,
LicenseContent: string(content),
LicenseSpdxID: identifier,
+ Version: module.Version,
})
return nil
}
diff --git a/pkg/deps/jar.go b/pkg/deps/jar.go
index a21cb1b..945d31e 100644
--- a/pkg/deps/jar.go
+++ b/pkg/deps/jar.go
@@ -25,6 +25,7 @@ import (
"io"
"path/filepath"
"regexp"
+ "strings"
"github.com/apache/skywalking-eyes/internal/logger"
"github.com/apache/skywalking-eyes/pkg/license"
@@ -38,7 +39,7 @@ func (resolver *JarResolver) CanResolve(jarFile string) bool {
func (resolver *JarResolver) Resolve(jarFile string, report *Report) error {
state := NotFound
- if err := resolver.ResolveJar(&state, jarFile, report); err != nil {
+ if err := resolver.ResolveJar(&state, jarFile, Unknown, report); err !=
nil {
dep := filepath.Base(jarFile)
logger.Log.Warnf("Failed to resolve the license of <%s>: %v\n",
dep, state.String())
report.Skip(&Result{
@@ -50,7 +51,7 @@ func (resolver *JarResolver) Resolve(jarFile string, report
*Report) error {
return nil
}
-func (resolver *JarResolver) ResolveJar(state *State, jarFile string, report
*Report) error {
+func (resolver *JarResolver) ResolveJar(state *State, jarFile, version string,
report *Report) error {
dep := filepath.Base(jarFile)
compressedJar, err := zip.OpenReader(jarFile)
@@ -75,7 +76,7 @@ func (resolver *JarResolver) ResolveJar(state *State, jarFile
string, report *Re
return err
}
- return resolver.IdentifyLicense(jarFile, dep,
buf.String(), report)
+ return resolver.IdentifyLicense(jarFile, dep,
buf.String(), version, report)
}
}
@@ -92,8 +93,9 @@ func (resolver *JarResolver) ResolveJar(state *State, jarFile
string, report *Re
report.Resolve(&Result{
Dependency: dep,
LicenseFilePath: jarFile,
- LicenseContent: r[1],
- LicenseSpdxID: r[1],
+ LicenseContent: strings.TrimSpace(r[1]),
+ LicenseSpdxID: strings.TrimSpace(r[1]),
+ Version: version,
})
return nil
}
@@ -120,7 +122,7 @@ func (resolver *JarResolver) ReadFileFromZip(archiveFile
*zip.File) (*bytes.Buff
return buf, nil
}
-func (resolver *JarResolver) IdentifyLicense(path, dep, content string, report
*Report) error {
+func (resolver *JarResolver) IdentifyLicense(path, dep, content, version
string, report *Report) error {
identifier, err := license.Identify(path, content)
if err != nil {
return err
@@ -131,6 +133,7 @@ func (resolver *JarResolver) IdentifyLicense(path, dep,
content string, report *
LicenseFilePath: path,
LicenseContent: content,
LicenseSpdxID: identifier,
+ Version: version,
})
return nil
}
diff --git a/pkg/deps/maven.go b/pkg/deps/maven.go
index 9d1ba60..c35ecb3 100644
--- a/pkg/deps/maven.go
+++ b/pkg/deps/maven.go
@@ -151,6 +151,7 @@ func (resolver *MavenPomResolver) ResolveDependencies(deps
[]*Dependency, report
report.Skip(&Result{
Dependency: dep.Jar(),
LicenseSpdxID: Unknown,
+ Version: dep.Version,
})
}
}
@@ -159,7 +160,7 @@ func (resolver *MavenPomResolver) ResolveDependencies(deps
[]*Dependency, report
// ResolveLicense search all possible locations of the license, such as pom
file, jar package
func (resolver *MavenPomResolver) ResolveLicense(state *State, dep
*Dependency, report *Report) error {
- err := resolver.ResolveJar(state, filepath.Join(resolver.repo,
dep.Path(), dep.Jar()), report)
+ err := resolver.ResolveJar(state, filepath.Join(resolver.repo,
dep.Path(), dep.Jar()), dep.Version, report)
if err == nil {
return nil
}
@@ -180,6 +181,7 @@ func (resolver *MavenPomResolver)
ResolveLicenseFromPom(state *State, dep *Depen
LicenseFilePath: pomFile,
LicenseContent: pom.Raw(),
LicenseSpdxID: pom.AllLicenses(),
+ Version: dep.Version,
})
return nil
@@ -190,7 +192,7 @@ func (resolver *MavenPomResolver)
ResolveLicenseFromPom(state *State, dep *Depen
return err
} else if headerComments != "" {
*state |= FoundLicenseInPomHeader
- return resolver.IdentifyLicense(pomFile, dep.Jar(),
headerComments, report)
+ return resolver.IdentifyLicense(pomFile, dep.Jar(),
headerComments, dep.Version, report)
}
return fmt.Errorf("not found in pom file")
diff --git a/pkg/deps/npm.go b/pkg/deps/npm.go
index e8eb33e..11f5cab 100644
--- a/pkg/deps/npm.go
+++ b/pkg/deps/npm.go
@@ -51,6 +51,7 @@ type Package struct {
License json.RawMessage `json:"license"`
Licenses []Lcs `json:"licenses"`
Path string `json:"-"`
+ Version string `json:"version"`
}
const PkgFileName = "package.json"
@@ -210,6 +211,7 @@ func (resolver *NpmResolver) ResolvePkgFile(result *Result,
pkgPath string) erro
return err
}
+ result.Version = packageInfo.Version
if lcs, ok := resolver.ResolveLicenseField(packageInfo.License); ok {
result.LicenseSpdxID = lcs
return nil
diff --git a/pkg/deps/result.go b/pkg/deps/result.go
index f460bcc..b7c5af1 100644
--- a/pkg/deps/result.go
+++ b/pkg/deps/result.go
@@ -36,6 +36,7 @@ type Result struct {
LicenseContent string
LicenseSpdxID string
ResolveErrors []error
+ Version string
}
// Report is a collection of resolved Result.
@@ -55,24 +56,26 @@ func (report *Report) Skip(result *Result) {
}
func (report *Report) String() string {
- dWidth, lWidth := .0, .0
+ dWidth, lWidth, vWidth := .0, .0, .0
for _, r := range report.Skipped {
dWidth = math.Max(float64(len(r.Dependency)), dWidth)
lWidth = math.Max(float64(len(r.LicenseSpdxID)), lWidth)
+ vWidth = math.Max(float64(len(r.Version)), vWidth)
}
for _, r := range report.Resolved {
dWidth = math.Max(float64(len(r.Dependency)), dWidth)
lWidth = math.Max(float64(len(r.LicenseSpdxID)), lWidth)
+ vWidth = math.Max(float64(len(r.Version)), vWidth)
}
- rowTemplate := fmt.Sprintf("%%-%dv | %%%dv\n", int(dWidth), int(lWidth))
- s := fmt.Sprintf(rowTemplate, "Dependency", "License")
- s += fmt.Sprintf(rowTemplate, strings.Repeat("-", int(dWidth)),
strings.Repeat("-", int(lWidth)))
+ rowTemplate := fmt.Sprintf("%%-%dv | %%%dv | %%%dv\n", int(dWidth),
int(lWidth), int(vWidth))
+ s := fmt.Sprintf(rowTemplate, "Dependency", "License", "Version")
+ s += fmt.Sprintf(rowTemplate, strings.Repeat("-", int(dWidth)),
strings.Repeat("-", int(lWidth)), strings.Repeat("-", int(vWidth)))
for _, r := range report.Resolved {
- s += fmt.Sprintf(rowTemplate, r.Dependency, r.LicenseSpdxID)
+ s += fmt.Sprintf(rowTemplate, r.Dependency, r.LicenseSpdxID,
r.Version)
}
for _, r := range report.Skipped {
- s += fmt.Sprintf(rowTemplate, r.Dependency, Unknown)
+ s += fmt.Sprintf(rowTemplate, r.Dependency, Unknown, r.Version)
}
return s
