@datapos/datapos-development 0.3.254 → 0.3.257

package/README.md

@@ -64,7 +64,7 @@ The OWASP Dependency Check Report identifies known vulnerabilities in project de
 
 ### Dependency Licenses
 
-The following table lists top-level production and peer dependencies. All these dependencies (including transitive ones) have been recursively verified to use Apache-2.0, BSD-2-Clause, CC0-1.0, or MIT—commercially friendly licenses with minimal restrictions. Developers cloning this repository should independently verify dev and optional dependencies; users of the published library are covered by these checks. We do not include unlicensed dependencies. Used to support development activity and not released as part of the production release. Check if you clone.
+The following table lists top-level production and peer dependencies. All these dependencies (including transitive ones) have been recursively verified to use Apache-2.0, BSD-2-Clause, CC0-1.0, or MIT—commercially friendly licenses with minimal restrictions. Developers cloning this repository should independently verify dev and optional dependencies; users of the published library are covered by these checks. We do not include unlicensed dependencies. Used to support development activity and not released as part of the production release. Check if you clone. We use `license-report`, `license-report-check` and `license-report-recursive` to identify dependency licenses.
 
 <!-- DEPENDENCY_LICENSES_START -->
 
@@ -112,3 +112,104 @@ For detailed implementation, see the `scripts` section in the `package.json` fil
 This project is licensed under the MIT License, allowing free use, modification, and distribution.
 
 [MIT](./LICENSE) © 2026 Data Positioning Pty Ltd
+
+## Review License Reporting
+
+Here’s a step-by-step license compliance checklist for Node.js projects that combines automated tooling like license-report with manual verification. This is designed to make sure your MIT project remains compliant when using third-party dependencies.
+
+Node.js License Compliance Checklist
+Step 1: Generate initial license report
+
+Run your tool, e.g., license-report:
+
+npx license-report --json > licenses.json
+
+Save the output for review.
+
+This gives a first-pass list of all dependencies and their declared licenses.
+
+Step 2: Identify potential issues
+
+For each dependency in the report, check for:
+
+Flag What it means Action
+No license declared No license field in package.json Check for LICENSE file in repo. If none, contact author or replace dependency.
+Custom/proprietary license License not recognized Manually review the license text and confirm compatibility.
+Copyleft license (GPL, LGPL) May require release of modifications If LGPL, ensure linking rules are followed. GPL may restrict distribution.
+License mismatch License field differs from LICENSE file Trust LICENSE file; update your report accordingly.
+Step 3: Verify actual license text
+
+Check the dependency’s repository for a LICENSE file.
+
+Confirm that the license text matches the package.json declaration.
+
+For multi-license projects, note which license applies to the code you are using.
+
+Step 4: Document all licenses
+
+Create a ThirdPartyLicenses.md or LICENSES/ folder in your project.
+
+For each dependency, include:
+
+Dependency name and version
+
+License type (from LICENSE file)
+
+URL to repository or package
+
+Any copyleft obligations (e.g., “LGPL: modifications must remain LGPL”)
+
+Example (ThirdPartyLicenses.md):
+
+# Third-Party Dependencies
+
+## LibraryA 1.2.3
+
+- License: Apache-2.0
+- Repository: https://github.com/user/libraryA
+- License text: LICENSES/LibraryA.txt
+
+## LibraryB 4.5.6
+
+- License: BSD-2-Clause
+- Repository: https://github.com/user/libraryB
+- License text: LICENSES/LibraryB.txt
+
+## LibraryC 0.1.2
+
+- License: LGPL-3.0-only
+- Repository: https://github.com/user/libraryC
+- License text: LICENSES/LibraryC.txt
+- Note: If you modify this library, modifications must remain LGPL-3.0-only
+
+Step 5: Include license texts
+
+Copy the full license text into your project for each dependency.
+
+Put each in LICENSES/LibraryName.txt or combine into ThirdPartyLicenses.md.
+
+Make it easily accessible to end users.
+
+Step 6: Audit before release
+
+Review all dependencies: no missing licenses.
+
+Confirm compliance with copyleft licenses.
+
+Ensure your own MIT license only covers your code.
+
+Update ThirdPartyLicenses.md whenever dependencies are added/updated.
+
+Step 7: Automate for future
+
+Use CI scripts to regenerate license report on npm install or release.
+
+Fail the build if any dependency has “no license” or an incompatible license.
+
+Optional tools:
+
+license-checker (Node.js)
+
+npm-license-crawler
+
+fossology (more comprehensive scanning)

package/dist/datapos-development.es.js

@@ -7751,7 +7751,7 @@ async function ip() {
     if (i === "app")
       se("7️⃣  Register module"), await Rh();
     else if (i === "engine")
-      se("7️⃣  Register module"), await ys(), await vs("datapos-engine-eu");
+      se("7️⃣  Register module"), await ys(), await vs(`datapos-engine-eu/${s}`);
     else if (s === void 0)
       se("7️⃣  Registration NOT required.");
     else {
@@ -7759,14 +7759,14 @@ async function ip() {
       const a = t.id.slice(Math.max(0, t.id.lastIndexOf("-") + 1));
       await vs(`datapos-engine-eu/${s}/${a}`);
     }
-    await Ee("8️⃣  Publish to npm", "npm", ["publish", "--access", "public"]), Fe(`Project version '${e.version}' released.`);
+    i === "connector" || i === "context" || i === "dev" || i === "presenter" || i === "shared" || i === "tool" ? await Ee("8️⃣  Publish to npm", "npm", ["publish", "--access", "public"]) : se(`7️⃣  Publishing NOT required for package type '${i}''.`), Fe(`Project version '${e.version}' released.`);
   } catch (e) {
     console.error("❌ Error releasing project.", e), process.exit(1);
   }
 }
 function Dh(e) {
   const t = e.name ?? "";
-  return t === "datapos-app" ? "app" : t === "datapos-engine" ? "engine" : t.includes("datapos-connector") ? "connector" : t.includes("datapos-context") ? "context" : t.includes("datapos-presenter") ? "presenter" : t.includes("datapos-tool") ? "tool" : "other";
+  return t === "datapos-app" ? "app" : t === "datapos-api" ? "api" : t === "datapos-engine" ? "engine" : t.includes("datapos-connector") ? "connector" : t.includes("datapos-context") ? "context" : t.includes("datapos-presenter") ? "presenter" : t.includes("datapos-tool") ? "tool" : "other";
 }
 async function sp() {
   try {
@@ -7837,6 +7837,8 @@ function Bh(e) {
 }
 function $h(e) {
   switch (e) {
+    case "engine":
+      return "engine";
     case "connector":
       return "connectors";
     case "context":

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "@datapos/datapos-development",
-    "version": "0.3.254",
+    "version": "0.3.257",
     "description": "A library of utilities for managing the Data Positioning repositories.",
     "license": "MIT",
     "author": "Jonathan Terrell <terrell.jm@gmail.com>",