licensed 3.4.1 → 3.4.2

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1a241c3ec016e1b2f49cc7a4ed53c53ee07a45fb5dc5f1b6655e6c4e5acf2d6d
4
- data.tar.gz: 26e55577302098d09128c87d422856307841fa85dd95c181a7fe9280713ee644
3
+ metadata.gz: 3d7cec159ef0a5af9df07ac13ba8f540897d1039436d39d361ad2948f305f857
4
+ data.tar.gz: 1e7b7b50ee7715c41e0b5774104039e471be2d749645a38265d3930d51cd81ab
5
5
  SHA512:
6
- metadata.gz: 4358bc3c0f238d569beb172ded8589088336a64ccac81f55f2f669e7619c59c5590fdda1b88c5d3812cc8f554af2381ec1f74f40798634a547a6e8884d33c10e
7
- data.tar.gz: 751818fb0934e5cf80629971267373117d1649d6ec65f8ae35477f53153307a4fee7893d9182f9b112fe622d8554656ca4892717084793b31577cb1b86557fad
6
+ metadata.gz: 5c32f95d211dece04fea6c8dff48525593a8348d36dea980f0815159922b5b813270d0ac8b4f6425a9cbcf9437cbf145693f18411b733c917f56ef1b495cca77
7
+ data.tar.gz: '095b85ceea926a975b18b8001bebca68343dba8550ed2533ccc7eb3860424f707b0756cc121e8c6ad2fc7715c734232f43175513e5005a5c6f535551c3831f6f'
data/CHANGELOG.md CHANGED
@@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## 3.4.2
10
+
11
+ 2022-01-17
12
+
13
+ ### Fixed
14
+
15
+ - The yarn source will no longer evaluate package.json files that do not represent project dependencies (https://github.com/github/licensed/pull/439)
16
+
9
17
  ## 3.4.1
10
18
 
11
19
  2022-01-07
@@ -547,4 +555,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
547
555
 
548
556
  Initial release :tada:
549
557
 
550
- [Unreleased]: https://github.com/github/licensed/compare/3.4.1...HEAD
558
+ [Unreleased]: https://github.com/github/licensed/compare/3.4.2...HEAD
data/Rakefile CHANGED
@@ -62,6 +62,7 @@ namespace :test do
62
62
  t.libs << "lib"
63
63
  t.test_files = FileList["test/**/*_test.rb"].exclude("test/fixtures/**/*_test.rb")
64
64
  .exclude("test/sources/*_test.rb")
65
+ .exclude("test/sources/**/*_test.rb")
65
66
  end
66
67
  end
67
68
 
@@ -32,7 +32,7 @@ module Licensed
32
32
  mapped_packages = yarn_info.reduce({}) do |accum, package|
33
33
  name, _ = package["value"].rpartition("@")
34
34
  version = package.dig("children", "Version")
35
- id = "#{name}-#{version}"
35
+ id = "#{name}@#{version}"
36
36
 
37
37
  accum[name] ||= []
38
38
  accum[name] << {
@@ -59,22 +59,6 @@ module Licensed
59
59
  end
60
60
  end
61
61
 
62
- # Returns a hash that maps all dependency names to their location on disk
63
- # by parsing every package.json file under node_modules.
64
- def dependency_paths
65
- @dependency_paths ||= Dir.glob(config.pwd.join("node_modules/**/package.json")).each_with_object({}) do |file, hsh|
66
- begin
67
- dirname = File.dirname(file)
68
- json = JSON.parse(File.read(file))
69
- hsh["#{json["name"]}-#{json["version"]}"] = dirname
70
- rescue JSON::ParserError
71
- # don't crash execution if there is a problem parsing a package.json file
72
- # if the bad package.json file relates to a package that licensed should be reporting on
73
- # then this will still result in an error about a missing package
74
- end
75
- end
76
- end
77
-
78
62
  # Returns the output from running `yarn list` to get project dependencies
79
63
  def yarn_info_command
80
64
  args = %w(--json --manifest --recursive --all)
@@ -73,22 +73,6 @@ module Licensed
73
73
  result
74
74
  end
75
75
 
76
- # Returns a hash that maps all dependency names to their location on disk
77
- # by parsing every package.json file under node_modules.
78
- def dependency_paths
79
- @dependency_paths ||= Dir.glob(config.pwd.join("node_modules/**/package.json")).each_with_object({}) do |file, hsh|
80
- begin
81
- dirname = File.dirname(file)
82
- json = JSON.parse(File.read(file))
83
- hsh["#{json["name"]}@#{json["version"]}"] = dirname
84
- rescue JSON::ParserError
85
- # don't crash execution if there is a problem parsing a package.json file
86
- # if the bad package.json file relates to a package that licensed should be reporting on
87
- # then this will still result in an error about a missing package
88
- end
89
- end
90
- end
91
-
92
76
  # Finds and returns the yarn package tree listing from `yarn list` output
93
77
  def yarn_package_tree
94
78
  return @yarn_package_tree if defined?(@yarn_package_tree)
@@ -23,6 +23,25 @@ module Licensed
23
23
  def yarn_version
24
24
  Gem::Version.new(Licensed::Shell.execute("yarn", "-v"))
25
25
  end
26
+
27
+ # Returns a hash that maps all dependency names to their location on disk
28
+ # by parsing every package.json file under node_modules.
29
+ def dependency_paths
30
+ @dependency_paths ||= [
31
+ *Dir.glob(config.pwd.join("**/node_modules/*/package.json")),
32
+ *Dir.glob(config.pwd.join("**/node_modules/@*/*/package.json"))
33
+ ].each_with_object({}) do |file, hsh|
34
+ begin
35
+ dirname = File.dirname(file)
36
+ json = JSON.parse(File.read(file))
37
+ hsh["#{json["name"]}@#{json["version"]}"] = dirname
38
+ rescue JSON::ParserError
39
+ # don't crash execution if there is a problem parsing a package.json file
40
+ # if the bad package.json file relates to a package that licensed should be reporting on
41
+ # then this will still result in an error about a missing package
42
+ end
43
+ end
44
+ end
26
45
  end
27
46
  end
28
47
  end
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Licensed
3
- VERSION = "3.4.1".freeze
3
+ VERSION = "3.4.2".freeze
4
4
 
5
5
  def self.previous_major_versions
6
6
  major_version = Gem::Version.new(Licensed::VERSION).segments.first
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: licensed
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.4.1
4
+ version: 3.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-01-08 00:00:00.000000000 Z
11
+ date: 2022-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: licensee