spandx 0.18.2
Spanx is a ruby API for interacting with the spdx.org software license catalogue. This gem includes a command line interface to scan a software project for the software licenses that are associated with each dependency in the project. Spandx also allows you to hook additional information for each dependency found. For instance, you can add plugin to Spandx to find and report vulnerabilities for the dependencies it found.
Gemfile:
=
安裝:
=
Runtime 相依性套件 (12):
addressable
~> 2.7
bundler
>= 1.16, < 3.0.0
hcl2
~> 0.1
net-hippie
~> 1.0
nokogiri
~> 1.10
oj
~> 3.10
parslet
~> 2.0
sorted_set
~> 1.0
terminal-table
~> 1.8
thor
>= 0
tty-spinner
~> 0.9
zeitwerk
~> 2.3
Development 相依性套件 (13):
benchmark-ips
~> 2.8
bundler-audit
~> 0.6
byebug
~> 11.1
licensed
~> 2.8
rake
~> 13.0
rake-compiler
~> 1.1
rspec
~> 3.0
rspec-benchmark
~> 0.5
rubocop
~> 0.52
rubocop-rspec
~> 1.22
ruby-prof
~> 1.3
vcr
~> 6.0
webmock
~> 3.7