licensed 3.3.0 → 3.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +13 -1
  3. data/lib/licensed/sources/manifest.rb +17 -22
  4. data/lib/licensed/sources/npm.rb +17 -3
  5. data/lib/licensed/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f452bd7c6a58fdaa9a56cf7085b20fe4ff3a8f3eb214835ba82a52b2ed1ac71c
4
- data.tar.gz: 8b3aff33c001623780455c68d23c014746e988b82a44db0fa243829c2be34cd5
3
+ metadata.gz: 204627468559ebbf7283c41b74374a244f5aed5c885c4b9dcfc6fe59a8443c4a
4
+ data.tar.gz: f6db3198bf7bd592e8e1512803e408091dfe6230984c9aa166bbdf7d16edb1df
5
5
  SHA512:
6
- metadata.gz: e0bb95e3496257986e52294a7788824043697d8f99d2745c65e30e3a5c255843bc1471cf47ab3f3cd407d597c658b2d82e1bc27a76e6f985b45af6803d0e98a5
7
- data.tar.gz: 93eb593c4389bff724a0a41be7c583e96541bfc308a9c331bf5d34c35217c98160e026733a49cc07b93b654b23e4507a447dbd5ab9ef8f1596a0e38139187757
6
+ metadata.gz: 5669804505cd5277a292eb51b6d46beda9f9a16e9ede968855ab9df95cdd45bd43564c15fdc45e80a9fe109c190584b93078f45588de78c689f0a93c86278bec
7
+ data.tar.gz: 7c57aa1d0a8bbe39860464a5efcec2d72bf06bd61b6b018c3b856547e7e0a6900e3dba4a440a41fed211b71b368a300d453a811f6fd11b65d82aa612bb7b203a
data/CHANGELOG.md CHANGED
@@ -6,6 +6,18 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## 3.3.1
10
+
11
+ 2021-10-07
12
+
13
+ ### Fixed
14
+
15
+ - Fix evaluation of peer dependencies with npm 7 (:tada: @manuelpuyol https://github.com/github/licensed/pull/411)
16
+
17
+ ### Changed
18
+
19
+ - Manifest source evaluation performance improvements (https://github.com/github/licensed/pull/407)
20
+
9
21
  ## 3.3.0
10
22
 
11
23
  2021-09-18
@@ -509,4 +521,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
509
521
 
510
522
  Initial release :tada:
511
523
 
512
- [Unreleased]: https://github.com/github/licensed/compare/3.3.0...HEAD
524
+ [Unreleased]: https://github.com/github/licensed/compare/3.3.1...HEAD
data/lib/licensed/sources/manifest.rb CHANGED
@@ -61,7 +61,7 @@ module Licensed
61
61
  manifest.each_with_object({}) do |(src, package_name), hsh|
62
62
  next if src.nil? || src.empty?
63
63
  hsh[package_name] ||= []
64
- hsh[package_name] << File.join(config.root, src)
64
+ hsh[package_name] << File.absolute_path(src, config.root)
65
65
  end
66
66
  end
67
67
 
@@ -130,19 +130,17 @@ module Licensed
130
130
  @configured_dependencies ||= begin
131
131
  dependencies = config.dig("manifest", "dependencies")&.dup || {}
132
132
 
133
- dependencies.each do |name, patterns|
133
+ dependencies.each_with_object({}) do |(name, patterns), hsh|
134
134
  # map glob pattern(s) listed for the dependency to a listing
135
135
  # of files that match the patterns and are not excluded
136
- dependencies[name] = files_from_pattern_list(patterns) & included_files
136
+ hsh[name] = files_from_pattern_list(patterns) & included_files
137
137
  end
138
-
139
- dependencies
140
138
  end
141
139
  end
142
140
 
143
141
  # Returns the set of project files that are included in dependency evaluation
144
142
  def included_files
145
- @sources ||= all_files - files_from_pattern_list(config.dig("manifest", "exclude"))
143
+ @included_files ||= tracked_files - files_from_pattern_list(config.dig("manifest", "exclude"))
146
144
  end
147
145
 
148
146
  # Finds and returns all files in the project that match
@@ -151,26 +149,23 @@ module Licensed
151
149
  return Set.new if patterns.nil? || patterns.empty?
152
150
 
153
151
  # evaluate all patterns from the project root
154
- Dir.chdir config.root do
155
- Array(patterns).reduce(Set.new) do |files, pattern|
156
- if pattern.start_with?("!")
157
- # if the pattern is an exclusion, remove all matching files
158
- # from the result
159
- files - Dir.glob(pattern[1..-1], File::FNM_DOTMATCH)
160
- else
161
- # if the pattern is an inclusion, add all matching files
162
- # to the result
163
- files + Dir.glob(pattern, File::FNM_DOTMATCH)
164
- end
152
+ Array(patterns).each_with_object(Set.new) do |pattern, files|
153
+ if pattern.start_with?("!")
154
+ # if the pattern is an exclusion, remove all matching files
155
+ # from the result
156
+ files.subtract(Dir.glob(pattern[1..-1], File::FNM_DOTMATCH, base: config.root))
157
+ else
158
+ # if the pattern is an inclusion, add all matching files
159
+ # to the result
160
+ files.merge(Dir.glob(pattern, File::FNM_DOTMATCH, base: config.root))
165
161
  end
166
162
  end
167
163
  end
168
164
 
169
- # Returns all tracked files in the project
170
- def all_files
171
- # remove files if they are tracked but don't exist on the file system
172
- @all_files ||= Set.new(Licensed::Git.files || [])
173
- .delete_if { |f| !File.exist?(File.join(Licensed::Git.repository_root, f)) }
165
+ # Returns all tracked files in the project as the intersection of what git tracks and the files in the project
166
+ def tracked_files
167
+ @tracked_files ||= Set.new(Array(Licensed::Git.files)) &
168
+ Set.new(Dir.glob("**/*", File::FNM_DOTMATCH, base: config.root))
174
169
  end
175
170
 
176
171
  class Dependency < Licensed::Dependency
data/lib/licensed/sources/npm.rb CHANGED
@@ -66,15 +66,17 @@ module Licensed
66
66
 
67
67
  # Recursively parse dependency JSON data. Returns a hash mapping the
68
68
  # package name to it's metadata
69
- def recursive_dependencies(dependencies, result = {})
69
+ def recursive_dependencies(dependencies, result = {}, parent = nil)
70
70
  dependencies.each do |name, dependency|
71
- next if dependency["peerMissing"]
71
+ next if missing_peer?(parent, dependency, name)
72
72
  next if yarn_lock_present && dependency["missing"]
73
73
  next if dependency["extraneous"] && dependency["missing"]
74
74
 
75
75
  dependency["name"] = name
76
+ dependency["version"] ||= extract_version(parent, name) if dependency["missing"]
77
+
76
78
  (result[name] ||= []) << dependency
77
- recursive_dependencies(dependency["dependencies"] || {}, result)
79
+ recursive_dependencies(dependency["dependencies"] || {}, result, dependency)
78
80
  end
79
81
  result
80
82
  end
@@ -135,6 +137,18 @@ module Licensed
135
137
  def include_non_production?
136
138
  config.dig("npm", "production_only") == false
137
139
  end
140
+
141
+ def missing_peer?(parent, dependency, name)
142
+ dependency["peerMissing"] || (dependency["missing"] && peer_dependency(parent, name))
143
+ end
144
+
145
+ def peer_dependency(parent, name)
146
+ parent&.dig("peerDependencies", name)
147
+ end
148
+
149
+ def extract_version(parent, name)
150
+ parent&.dig("_dependencies", name) || peer_dependency(parent, name)
151
+ end
138
152
  end
139
153
  end
140
154
  end
data/lib/licensed/version.rb CHANGED
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Licensed
3
- VERSION = "3.3.0".freeze
3
+ VERSION = "3.3.1".freeze
4
4
 
5
5
  def self.previous_major_versions
6
6
  major_version = Gem::Version.new(Licensed::VERSION).segments.first
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: licensed
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.3.0
4
+ version: 3.3.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-09-19 00:00:00.000000000 Z
11
+ date: 2021-10-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: licensee