Ready for public

README.md

@@ -0,0 +1,38 @@
+# Opticense
+
+Opticense is a command line tool for comparing and finding the license texts of dependencies in your project.
+
+## Notice
+
+This tool is under development and does not claim the accuracy of the findings. It will not provide you with legal advice. If the scanned license matches an existing license, it can provide the output, but it will not make any inferences about the license. What you do with the licenses is your responsibility. No responsibility is taken for any issues that may arise from using this tool. It is an open-source code created solely for ease of use.
+
+## Usage
+
+### On the command line
+
+Pre-built exe files are available in the Releases section of GitHub. Users who want to use the npm package version can also install it by saying "npm install Opticense".
+Basic usage:
+
+    Opticense crawl <folderpath>
+
+Here, `<folderpath>` is the main directory of the project to be analyzed. Opticense can scan through the package manager folders. If it cannot access the directory or if there is no package manager folder, it will not be able to perform the scan.
+
+## Details
+
+### Implementation
+
+**tl;dr**: Jaccard Similarity Algorithm, cache file
+
+Opticense extracts the content of license files and compares them with cached texts. This comparison is done by matching with a license that has a similarity score above a specified threshold based on the [Jaccard Similarity Algorithm](https://en.wikipedia.org/wiki/Jaccard_index) A single match may yield multiple similarity options. To reduce the number of similarity options, you can increase the threshold value (coming soon)
+
+### How were licenses selected?
+
+Licenses were selected by looking at key licenses in Synopsys [Top 20 Open Source Licenses 2022-23](https://www.synopsys.com/blogs/software-security/top-open-source-licenses.html) article
+
+## Contributing
+
+Contributions are very welcome! See [CONTRIBUTING](CONTRIBUTING.md) for more info.
+
+## License
+
+This library is licensed under the [GPL-3.0 license](LICENSE).

SECURITY.md

@@ -0,0 +1,11 @@
+# Security Policy
+
+## Supported Versions
+
+| Version  | Supported                 |
+| -------- | ------------------------- |
+|  0.8.\* | :white_check_mark: STABLE |
+
+## Reporting a Vulnerability
+
+To report a vulnerability, please email our security team at sarifkarakilic [at] gmail. Please include a clear description of the vulnerability and any supporting information. We appreciate your responsible disclosure and will address the issue promptly. Thank you for your contribution to our project's security.

clients/cargoManager.js

@@ -35,23 +35,20 @@ class CargoManager {
         const parsed = toml.parse(data);
         const packageReferences = [];
 
-        // Extract dependencies from [dependencies]
         if (parsed.dependencies) {
           Object.keys(parsed.dependencies).forEach((key) => {
             const version = parsed.dependencies[key];
             packageReferences.push({ include: key, version: version });
           });
         }
 
-        // Extract dependencies from [dev-dependencies]
         if (parsed["dev-dependencies"]) {
           Object.keys(parsed["dev-dependencies"]).forEach((key) => {
             const version = parsed["dev-dependencies"][key];
             packageReferences.push({ include: key, version: version });
           });
         }
 
-        // Extract dependencies from [target.*.dependencies]
         if (parsed.target) {
           Object.keys(parsed.target).forEach((targetKey) => {
             if (parsed.target[targetKey].dependencies) {
@@ -64,7 +61,6 @@ class CargoManager {
             }
           });
         }
-        //console.log(packageReferences);
         this.findCargoLicenses(packageReferences);
       } catch (err) {
         console.error("Error parsing TOML:", err);
@@ -113,7 +109,6 @@ class CargoManager {
         `${pkg.include.toLowerCase()}-`
       );
 
-      // Find the subdirectory with the unique ID
       const subDirs = fs
         .readdirSync(cargoPath)
         .filter((dir) => dir.includes("index.crates.io-"));
@@ -124,7 +119,6 @@ class CargoManager {
 
       const registryPath = path.join(cargoPath, subDirs[0]);
 
-      // Find all directories matching the package name prefix
       const versions = fs
         .readdirSync(registryPath)
         .filter((dir) => dir.startsWith(`${pkg.include.toLowerCase()}-`));
@@ -133,7 +127,6 @@ class CargoManager {
         return;
       }
 
-      // Sort versions and pick the highest one
       versions.sort((a, b) => {
         const versionA = a.match(/-(\d+\.\d+\.\d+(?:\+\w+\.\d+\.\d+)?)/);
         const versionB = b.match(/-(\d+\.\d+\.\d+(?:\+\w+\.\d+\.\d+)?)/);

clients/nodeManager.js

@@ -19,28 +19,6 @@ class NodeManager {
   async getDependenciesGraph() {
     return new Promise((resolve, reject) => {
       {
-        // const platform = os.platform();
-        // let command = "";
-
-        // if (platform === "win32") {
-        //   // Windows komutu
-        //   command = "npm list --depth=9999 --json 2>nul";
-        // } else {
-        //   // Unix tabanlı sistemler için komut
-        //   command = "npm list --depth=9999 --json 2>/dev/null";
-        // }
-        // //read p.json
-        // //  get dep name depth=9999
-        // console.log("Dependency graph creating...");
-        // exec(command, { cwd: this.targetPath }, (error, stdout, stderr) => {
-        //   if (error) {
-        //     console.error(`exec error: ${error}`);
-        //     return reject();
-        //   }
-        //   this.dependecyGraph = JSON.parse(stdout).dependencies;
-        //   console.log("Dependency graph created.");
-        //   //console.log(this.dependecyGraph);
-        //});
         resolve();
       }
     }).catch();

clients/nugetManager.js

@@ -59,7 +59,6 @@ class NugetManager {
           });
         }
 
-        //console.log(packageReferences);
         this.findNugetPackages(packageReferences);
       });
     });

src/cache.js

@@ -58,7 +58,6 @@ class TextCache {
   }
 }
 
-
 module.exports = {
   TextCache,
 };