licensed 3.3.0 → 3.3.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +13 -1
  3. data/lib/licensed/sources/manifest.rb +17 -22
  4. data/lib/licensed/sources/npm.rb +17 -3
  5. data/lib/licensed/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f452bd7c6a58fdaa9a56cf7085b20fe4ff3a8f3eb214835ba82a52b2ed1ac71c
4
- data.tar.gz: 8b3aff33c001623780455c68d23c014746e988b82a44db0fa243829c2be34cd5
3
+ metadata.gz: 204627468559ebbf7283c41b74374a244f5aed5c885c4b9dcfc6fe59a8443c4a
4
+ data.tar.gz: f6db3198bf7bd592e8e1512803e408091dfe6230984c9aa166bbdf7d16edb1df
5
5
  SHA512:
6
- metadata.gz: e0bb95e3496257986e52294a7788824043697d8f99d2745c65e30e3a5c255843bc1471cf47ab3f3cd407d597c658b2d82e1bc27a76e6f985b45af6803d0e98a5
7
- data.tar.gz: 93eb593c4389bff724a0a41be7c583e96541bfc308a9c331bf5d34c35217c98160e026733a49cc07b93b654b23e4507a447dbd5ab9ef8f1596a0e38139187757
6
+ metadata.gz: 5669804505cd5277a292eb51b6d46beda9f9a16e9ede968855ab9df95cdd45bd43564c15fdc45e80a9fe109c190584b93078f45588de78c689f0a93c86278bec
7
+ data.tar.gz: 7c57aa1d0a8bbe39860464a5efcec2d72bf06bd61b6b018c3b856547e7e0a6900e3dba4a440a41fed211b71b368a300d453a811f6fd11b65d82aa612bb7b203a
data/CHANGELOG.md CHANGED
@@ -6,6 +6,18 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## 3.3.1
10
+
11
+ 2021-10-07
12
+
13
+ ### Fixed
14
+
15
+ - Fix evaluation of peer dependencies with npm 7 (:tada: @manuelpuyol https://github.com/github/licensed/pull/411)
16
+
17
+ ### Changed
18
+
19
+ - Manifest source evaluation performance improvements (https://github.com/github/licensed/pull/407)
20
+
9
21
  ## 3.3.0
10
22
 
11
23
  2021-09-18
@@ -509,4 +521,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
509
521
 
510
522
  Initial release :tada:
511
523
 
512
- [Unreleased]: https://github.com/github/licensed/compare/3.3.0...HEAD
524
+ [Unreleased]: https://github.com/github/licensed/compare/3.3.1...HEAD
data/lib/licensed/sources/manifest.rb CHANGED
@@ -61,7 +61,7 @@ module Licensed
61
61
  manifest.each_with_object({}) do |(src, package_name), hsh|
62
62
  next if src.nil? || src.empty?
63
63
  hsh[package_name] ||= []
64
- hsh[package_name] << File.join(config.root, src)
64
+ hsh[package_name] << File.absolute_path(src, config.root)
65
65
  end
66
66
  end
67
67
 
@@ -130,19 +130,17 @@ module Licensed
130
130
  @configured_dependencies ||= begin
131
131
  dependencies = config.dig("manifest", "dependencies")&.dup || {}
132
132
 
133
- dependencies.each do |name, patterns|
133
+ dependencies.each_with_object({}) do |(name, patterns), hsh|
134
134
  # map glob pattern(s) listed for the dependency to a listing
135
135
  # of files that match the patterns and are not excluded
136
- dependencies[name] = files_from_pattern_list(patterns) & included_files
136
+ hsh[name] = files_from_pattern_list(patterns) & included_files
137
137
  end
138
-
139
- dependencies
140
138
  end
141
139
  end
142
140
 
143
141
  # Returns the set of project files that are included in dependency evaluation
144
142
  def included_files
145
- @sources ||= all_files - files_from_pattern_list(config.dig("manifest", "exclude"))
143
+ @included_files ||= tracked_files - files_from_pattern_list(config.dig("manifest", "exclude"))
146
144
  end
147
145
 
148
146
  # Finds and returns all files in the project that match
@@ -151,26 +149,23 @@ module Licensed
151
149
  return Set.new if patterns.nil? || patterns.empty?
152
150
 
153
151
  # evaluate all patterns from the project root
154
- Dir.chdir config.root do
155
- Array(patterns).reduce(Set.new) do |files, pattern|
156
- if pattern.start_with?("!")
157
- # if the pattern is an exclusion, remove all matching files
158
- # from the result
159
- files - Dir.glob(pattern[1..-1], File::FNM_DOTMATCH)
160
- else
161
- # if the pattern is an inclusion, add all matching files
162
- # to the result
163
- files + Dir.glob(pattern, File::FNM_DOTMATCH)
164
- end
152
+ Array(patterns).each_with_object(Set.new) do |pattern, files|
153
+ if pattern.start_with?("!")
154
+ # if the pattern is an exclusion, remove all matching files
155
+ # from the result
156
+ files.subtract(Dir.glob(pattern[1..-1], File::FNM_DOTMATCH, base: config.root))
157
+ else
158
+ # if the pattern is an inclusion, add all matching files
159
+ # to the result
160
+ files.merge(Dir.glob(pattern, File::FNM_DOTMATCH, base: config.root))
165
161
  end
166
162
  end
167
163
  end
168
164
 
169
- # Returns all tracked files in the project
170
- def all_files
171
- # remove files if they are tracked but don't exist on the file system
172
- @all_files ||= Set.new(Licensed::Git.files || [])
173
- .delete_if { |f| !File.exist?(File.join(Licensed::Git.repository_root, f)) }
165
+ # Returns all tracked files in the project as the intersection of what git tracks and the files in the project
166
+ def tracked_files
167
+ @tracked_files ||= Set.new(Array(Licensed::Git.files)) &
168
+ Set.new(Dir.glob("**/*", File::FNM_DOTMATCH, base: config.root))
174
169
  end
175
170
 
176
171
  class Dependency < Licensed::Dependency
data/lib/licensed/sources/npm.rb CHANGED
@@ -66,15 +66,17 @@ module Licensed
66
66
 
67
67
  # Recursively parse dependency JSON data. Returns a hash mapping the
68
68
  # package name to it's metadata
69
- def recursive_dependencies(dependencies, result = {})
69
+ def recursive_dependencies(dependencies, result = {}, parent = nil)
70
70
  dependencies.each do |name, dependency|
71
- next if dependency["peerMissing"]
71
+ next if missing_peer?(parent, dependency, name)
72
72
  next if yarn_lock_present && dependency["missing"]
73
73
  next if dependency["extraneous"] && dependency["missing"]
74
74
 
75
75
  dependency["name"] = name
76
+ dependency["version"] ||= extract_version(parent, name) if dependency["missing"]
77
+
76
78
  (result[name] ||= []) << dependency
77
- recursive_dependencies(dependency["dependencies"] || {}, result)
79
+ recursive_dependencies(dependency["dependencies"] || {}, result, dependency)
78
80
  end
79
81
  result
80
82
  end
@@ -135,6 +137,18 @@ module Licensed
135
137
  def include_non_production?
136
138
  config.dig("npm", "production_only") == false
137
139
  end
140
+
141
+ def missing_peer?(parent, dependency, name)
142
+ dependency["peerMissing"] || (dependency["missing"] && peer_dependency(parent, name))
143
+ end
144
+
145
+ def peer_dependency(parent, name)
146
+ parent&.dig("peerDependencies", name)
147
+ end
148
+
149
+ def extract_version(parent, name)
150
+ parent&.dig("_dependencies", name) || peer_dependency(parent, name)
151
+ end
138
152
  end
139
153
  end
140
154
  end
data/lib/licensed/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Licensed
3
- VERSION = "3.3.0".freeze
3
+ VERSION = "3.3.1".freeze
4
4
 
5
5
  def self.previous_major_versions
6
6
  major_version = Gem::Version.new(Licensed::VERSION).segments.first
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: licensed
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.3.0
4
+ version: 3.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-09-19 00:00:00.000000000 Z
11
+ date: 2021-10-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: licensee