licensed 3.4.1 → 3.4.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +9 -1
- data/Rakefile +1 -0
- data/lib/licensed/sources/yarn/berry.rb +1 -17
- data/lib/licensed/sources/yarn/v1.rb +0 -16
- data/lib/licensed/sources/yarn.rb +19 -0
- data/lib/licensed/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3d7cec159ef0a5af9df07ac13ba8f540897d1039436d39d361ad2948f305f857
|
4
|
+
data.tar.gz: 1e7b7b50ee7715c41e0b5774104039e471be2d749645a38265d3930d51cd81ab
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 5c32f95d211dece04fea6c8dff48525593a8348d36dea980f0815159922b5b813270d0ac8b4f6425a9cbcf9437cbf145693f18411b733c917f56ef1b495cca77
|
7
|
+
data.tar.gz: '095b85ceea926a975b18b8001bebca68343dba8550ed2533ccc7eb3860424f707b0756cc121e8c6ad2fc7715c734232f43175513e5005a5c6f535551c3831f6f'
|
data/CHANGELOG.md
CHANGED
@@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
6
6
|
|
7
7
|
## [Unreleased]
|
8
8
|
|
9
|
+
## 3.4.2
|
10
|
+
|
11
|
+
2022-01-17
|
12
|
+
|
13
|
+
### Fixed
|
14
|
+
|
15
|
+
- The yarn source will no longer evaluate package.json files that do not represent project dependencies (https://github.com/github/licensed/pull/439)
|
16
|
+
|
9
17
|
## 3.4.1
|
10
18
|
|
11
19
|
2022-01-07
|
@@ -547,4 +555,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
|
|
547
555
|
|
548
556
|
Initial release :tada:
|
549
557
|
|
550
|
-
[Unreleased]: https://github.com/github/licensed/compare/3.4.
|
558
|
+
[Unreleased]: https://github.com/github/licensed/compare/3.4.2...HEAD
|
data/Rakefile
CHANGED
@@ -32,7 +32,7 @@ module Licensed
|
|
32
32
|
mapped_packages = yarn_info.reduce({}) do |accum, package|
|
33
33
|
name, _ = package["value"].rpartition("@")
|
34
34
|
version = package.dig("children", "Version")
|
35
|
-
id = "#{name}
|
35
|
+
id = "#{name}@#{version}"
|
36
36
|
|
37
37
|
accum[name] ||= []
|
38
38
|
accum[name] << {
|
@@ -59,22 +59,6 @@ module Licensed
|
|
59
59
|
end
|
60
60
|
end
|
61
61
|
|
62
|
-
# Returns a hash that maps all dependency names to their location on disk
|
63
|
-
# by parsing every package.json file under node_modules.
|
64
|
-
def dependency_paths
|
65
|
-
@dependency_paths ||= Dir.glob(config.pwd.join("node_modules/**/package.json")).each_with_object({}) do |file, hsh|
|
66
|
-
begin
|
67
|
-
dirname = File.dirname(file)
|
68
|
-
json = JSON.parse(File.read(file))
|
69
|
-
hsh["#{json["name"]}-#{json["version"]}"] = dirname
|
70
|
-
rescue JSON::ParserError
|
71
|
-
# don't crash execution if there is a problem parsing a package.json file
|
72
|
-
# if the bad package.json file relates to a package that licensed should be reporting on
|
73
|
-
# then this will still result in an error about a missing package
|
74
|
-
end
|
75
|
-
end
|
76
|
-
end
|
77
|
-
|
78
62
|
# Returns the output from running `yarn list` to get project dependencies
|
79
63
|
def yarn_info_command
|
80
64
|
args = %w(--json --manifest --recursive --all)
|
@@ -73,22 +73,6 @@ module Licensed
|
|
73
73
|
result
|
74
74
|
end
|
75
75
|
|
76
|
-
# Returns a hash that maps all dependency names to their location on disk
|
77
|
-
# by parsing every package.json file under node_modules.
|
78
|
-
def dependency_paths
|
79
|
-
@dependency_paths ||= Dir.glob(config.pwd.join("node_modules/**/package.json")).each_with_object({}) do |file, hsh|
|
80
|
-
begin
|
81
|
-
dirname = File.dirname(file)
|
82
|
-
json = JSON.parse(File.read(file))
|
83
|
-
hsh["#{json["name"]}@#{json["version"]}"] = dirname
|
84
|
-
rescue JSON::ParserError
|
85
|
-
# don't crash execution if there is a problem parsing a package.json file
|
86
|
-
# if the bad package.json file relates to a package that licensed should be reporting on
|
87
|
-
# then this will still result in an error about a missing package
|
88
|
-
end
|
89
|
-
end
|
90
|
-
end
|
91
|
-
|
92
76
|
# Finds and returns the yarn package tree listing from `yarn list` output
|
93
77
|
def yarn_package_tree
|
94
78
|
return @yarn_package_tree if defined?(@yarn_package_tree)
|
@@ -23,6 +23,25 @@ module Licensed
|
|
23
23
|
def yarn_version
|
24
24
|
Gem::Version.new(Licensed::Shell.execute("yarn", "-v"))
|
25
25
|
end
|
26
|
+
|
27
|
+
# Returns a hash that maps all dependency names to their location on disk
|
28
|
+
# by parsing every package.json file under node_modules.
|
29
|
+
def dependency_paths
|
30
|
+
@dependency_paths ||= [
|
31
|
+
*Dir.glob(config.pwd.join("**/node_modules/*/package.json")),
|
32
|
+
*Dir.glob(config.pwd.join("**/node_modules/@*/*/package.json"))
|
33
|
+
].each_with_object({}) do |file, hsh|
|
34
|
+
begin
|
35
|
+
dirname = File.dirname(file)
|
36
|
+
json = JSON.parse(File.read(file))
|
37
|
+
hsh["#{json["name"]}@#{json["version"]}"] = dirname
|
38
|
+
rescue JSON::ParserError
|
39
|
+
# don't crash execution if there is a problem parsing a package.json file
|
40
|
+
# if the bad package.json file relates to a package that licensed should be reporting on
|
41
|
+
# then this will still result in an error about a missing package
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
26
45
|
end
|
27
46
|
end
|
28
47
|
end
|
data/lib/licensed/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: licensed
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.4.
|
4
|
+
version: 3.4.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- GitHub
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-01-
|
11
|
+
date: 2022-01-17 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: licensee
|