licensed 3.4.1 → 3.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 1a241c3ec016e1b2f49cc7a4ed53c53ee07a45fb5dc5f1b6655e6c4e5acf2d6d
4
- data.tar.gz: 26e55577302098d09128c87d422856307841fa85dd95c181a7fe9280713ee644
3
+ metadata.gz: 3d7cec159ef0a5af9df07ac13ba8f540897d1039436d39d361ad2948f305f857
4
+ data.tar.gz: 1e7b7b50ee7715c41e0b5774104039e471be2d749645a38265d3930d51cd81ab
5
5
  SHA512:
6
- metadata.gz: 4358bc3c0f238d569beb172ded8589088336a64ccac81f55f2f669e7619c59c5590fdda1b88c5d3812cc8f554af2381ec1f74f40798634a547a6e8884d33c10e
7
- data.tar.gz: 751818fb0934e5cf80629971267373117d1649d6ec65f8ae35477f53153307a4fee7893d9182f9b112fe622d8554656ca4892717084793b31577cb1b86557fad
6
+ metadata.gz: 5c32f95d211dece04fea6c8dff48525593a8348d36dea980f0815159922b5b813270d0ac8b4f6425a9cbcf9437cbf145693f18411b733c917f56ef1b495cca77
7
+ data.tar.gz: '095b85ceea926a975b18b8001bebca68343dba8550ed2533ccc7eb3860424f707b0756cc121e8c6ad2fc7715c734232f43175513e5005a5c6f535551c3831f6f'
data/CHANGELOG.md CHANGED
@@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
6
6
 
7
7
  ## [Unreleased]
8
8
 
9
+ ## 3.4.2
10
+
11
+ 2022-01-17
12
+
13
+ ### Fixed
14
+
15
+ - The yarn source will no longer evaluate package.json files that do not represent project dependencies (https://github.com/github/licensed/pull/439)
16
+
9
17
  ## 3.4.1
10
18
 
11
19
  2022-01-07
@@ -547,4 +555,4 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
547
555
 
548
556
  Initial release :tada:
549
557
 
550
- [Unreleased]: https://github.com/github/licensed/compare/3.4.1...HEAD
558
+ [Unreleased]: https://github.com/github/licensed/compare/3.4.2...HEAD
data/Rakefile CHANGED
@@ -62,6 +62,7 @@ namespace :test do
62
62
  t.libs << "lib"
63
63
  t.test_files = FileList["test/**/*_test.rb"].exclude("test/fixtures/**/*_test.rb")
64
64
  .exclude("test/sources/*_test.rb")
65
+ .exclude("test/sources/**/*_test.rb")
65
66
  end
66
67
  end
67
68
 
@@ -32,7 +32,7 @@ module Licensed
32
32
  mapped_packages = yarn_info.reduce({}) do |accum, package|
33
33
  name, _ = package["value"].rpartition("@")
34
34
  version = package.dig("children", "Version")
35
- id = "#{name}-#{version}"
35
+ id = "#{name}@#{version}"
36
36
 
37
37
  accum[name] ||= []
38
38
  accum[name] << {
@@ -59,22 +59,6 @@ module Licensed
59
59
  end
60
60
  end
61
61
 
62
- # Returns a hash that maps all dependency names to their location on disk
63
- # by parsing every package.json file under node_modules.
64
- def dependency_paths
65
- @dependency_paths ||= Dir.glob(config.pwd.join("node_modules/**/package.json")).each_with_object({}) do |file, hsh|
66
- begin
67
- dirname = File.dirname(file)
68
- json = JSON.parse(File.read(file))
69
- hsh["#{json["name"]}-#{json["version"]}"] = dirname
70
- rescue JSON::ParserError
71
- # don't crash execution if there is a problem parsing a package.json file
72
- # if the bad package.json file relates to a package that licensed should be reporting on
73
- # then this will still result in an error about a missing package
74
- end
75
- end
76
- end
77
-
78
62
  # Returns the output from running `yarn list` to get project dependencies
79
63
  def yarn_info_command
80
64
  args = %w(--json --manifest --recursive --all)
@@ -73,22 +73,6 @@ module Licensed
73
73
  result
74
74
  end
75
75
 
76
- # Returns a hash that maps all dependency names to their location on disk
77
- # by parsing every package.json file under node_modules.
78
- def dependency_paths
79
- @dependency_paths ||= Dir.glob(config.pwd.join("node_modules/**/package.json")).each_with_object({}) do |file, hsh|
80
- begin
81
- dirname = File.dirname(file)
82
- json = JSON.parse(File.read(file))
83
- hsh["#{json["name"]}@#{json["version"]}"] = dirname
84
- rescue JSON::ParserError
85
- # don't crash execution if there is a problem parsing a package.json file
86
- # if the bad package.json file relates to a package that licensed should be reporting on
87
- # then this will still result in an error about a missing package
88
- end
89
- end
90
- end
91
-
92
76
  # Finds and returns the yarn package tree listing from `yarn list` output
93
77
  def yarn_package_tree
94
78
  return @yarn_package_tree if defined?(@yarn_package_tree)
@@ -23,6 +23,25 @@ module Licensed
23
23
  def yarn_version
24
24
  Gem::Version.new(Licensed::Shell.execute("yarn", "-v"))
25
25
  end
26
+
27
+ # Returns a hash that maps all dependency names to their location on disk
28
+ # by parsing every package.json file under node_modules.
29
+ def dependency_paths
30
+ @dependency_paths ||= [
31
+ *Dir.glob(config.pwd.join("**/node_modules/*/package.json")),
32
+ *Dir.glob(config.pwd.join("**/node_modules/@*/*/package.json"))
33
+ ].each_with_object({}) do |file, hsh|
34
+ begin
35
+ dirname = File.dirname(file)
36
+ json = JSON.parse(File.read(file))
37
+ hsh["#{json["name"]}@#{json["version"]}"] = dirname
38
+ rescue JSON::ParserError
39
+ # don't crash execution if there is a problem parsing a package.json file
40
+ # if the bad package.json file relates to a package that licensed should be reporting on
41
+ # then this will still result in an error about a missing package
42
+ end
43
+ end
44
+ end
26
45
  end
27
46
  end
28
47
  end
@@ -1,6 +1,6 @@
1
1
  # frozen_string_literal: true
2
2
  module Licensed
3
- VERSION = "3.4.1".freeze
3
+ VERSION = "3.4.2".freeze
4
4
 
5
5
  def self.previous_major_versions
6
6
  major_version = Gem::Version.new(Licensed::VERSION).segments.first
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: licensed
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.4.1
4
+ version: 3.4.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - GitHub
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2022-01-08 00:00:00.000000000 Z
11
+ date: 2022-01-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: licensee