license-report
Advanced tools
Comparing version 2.0.0 to 2.1.0
19
index.js
@@ -15,4 +15,5 @@ #!/usr/bin/env node | ||
if (path.extname(config.package) !== '.json') | ||
if (path.extname(config.package) !== '.json') { | ||
throw new Error('invalid package.json ' + config.package) | ||
} | ||
@@ -33,7 +34,9 @@ var resolvedPackageJson = path.resolve(process.cwd(), config.package) | ||
if(!config.only || config.only.indexOf('prod') > -1) | ||
if(!config.only || config.only.indexOf('prod') > -1) { | ||
addAll(deps, depsIndex) | ||
} | ||
if(!config.only || config.only.indexOf('dev') > -1) | ||
if(!config.only || config.only.indexOf('dev') > -1) { | ||
addAll(devDeps, depsIndex) | ||
} | ||
@@ -58,4 +61,5 @@ async.map(depsIndex, getPackageReportData, function(err, results) { | ||
// fill in defaults | ||
if (!(fieldName in packageData)) | ||
if (!(fieldName in packageData)) { | ||
finalData[fieldName] = config[fieldName].value | ||
} | ||
} | ||
@@ -68,4 +72,5 @@ | ||
for (var j = finalData.length - 1; j >= 0; j--) { | ||
if (!finalData[j]) | ||
if (!finalData[j]) { | ||
finalData[j] = 'n/a' | ||
} | ||
} | ||
@@ -121,3 +126,5 @@ } | ||
for (var p in packages) { | ||
if(p.indexOf('@') === 0) { | ||
p = p.substring(p.indexOf('/') + 1, p.length) | ||
} | ||
var package = p + '@' + packages[p] | ||
@@ -124,0 +131,0 @@ |
@@ -77,3 +77,7 @@ var rc = require('rc') | ||
label: 'comment' | ||
}, | ||
httpRetryOptions: { | ||
maxAttempts: 5, | ||
delay: 1000 | ||
} | ||
}) |
@@ -6,7 +6,9 @@ var util = require('util') | ||
if (typeof json.license === 'string') | ||
if (typeof json.license === 'string') { | ||
return json.license | ||
} | ||
if (typeof json.license === 'object') | ||
if (typeof json.license === 'object') { | ||
return json.license.type | ||
} | ||
@@ -19,6 +21,7 @@ if (util.isArray(json.licenses)) { | ||
if (typeof json.licenses[i] === 'string' ) | ||
if (typeof json.licenses[i] === 'string' ) { | ||
result += json.licenses[i] | ||
else | ||
} else { | ||
result += json.licenses[i].type | ||
} | ||
} | ||
@@ -25,0 +28,0 @@ |
@@ -14,10 +14,14 @@ var visit = require('visit-values') | ||
visit(json, function(value) { | ||
if (value.substr(0, 'http'.length) === 'http') | ||
if (value.substr(0, 'http'.length) === 'http') { | ||
return otherUrls.push(value) | ||
} | ||
if (value.substr(0, 'git'.length) === 'git') | ||
if (value.substr(0, 'git'.length) === 'git') { | ||
return otherUrls.push(value) | ||
} | ||
}) | ||
if (otherUrls.length > 0) return otherUrls[0] | ||
if (otherUrls.length > 0) { | ||
return otherUrls[0] | ||
} | ||
} |
var request = require('request') | ||
var config = require('./config.js') | ||
var debug = require('debug')('license-report:getPackageJson') | ||
var Stubborn = require('stubborn') | ||
var get = module.exports = function(name, versionOrCallback, callback) { | ||
@@ -16,3 +18,3 @@ var uri = config.registry + name | ||
request(uri, function(err, response, body) { | ||
var stubborn = new Stubborn(exec, config.httpRetryOptions, function (err, result) { | ||
if (err) { | ||
@@ -22,22 +24,38 @@ return callback(err) | ||
// 4xx / 5xx errors | ||
if (response.statusCode > 399 && response.statusCode < 599) { | ||
return callback(new Error('invalid statusCode ' + response.statusCode)) | ||
} | ||
callback(null, result) | ||
}) | ||
try { | ||
debug('OK %s', uri) | ||
return callback(null, JSON.parse(body)) | ||
} catch (e) { | ||
debug(e) | ||
debug(body) | ||
return callback(e) | ||
} | ||
stubborn.on('attemptError', function (err) { | ||
console.error(err) | ||
console.error('http request to npm failed, retrying again soon...') | ||
}) | ||
stubborn.run() | ||
function exec(internalCallback) { | ||
request(uri, function(err, response, body) { | ||
if (err) { | ||
return internalCallback(err) | ||
} | ||
// 4xx / 5xx errors | ||
if (response.statusCode > 399 && response.statusCode < 599) { | ||
return internalCallback(new Error('invalid statusCode ' + response.statusCode)) | ||
} | ||
var result, parseError | ||
try { | ||
debug('OK %s', uri) | ||
result = JSON.parse(body) | ||
} catch (e) { | ||
debug(e) | ||
debug(body) | ||
parseError = e | ||
} | ||
return internalCallback(parseError, result) | ||
}) | ||
} | ||
} | ||
if (require.main === module) { | ||
get('forkraft', function(err, package) { | ||
console.log(package.versions) | ||
}) | ||
} |
@@ -19,4 +19,5 @@ var semver = require('semver') | ||
if (split.length !== 2) | ||
if (split.length !== 2) { | ||
throw new Error('invalid package: ' + package) | ||
} | ||
@@ -28,4 +29,5 @@ callback = versionRangeOrCallback | ||
if (typeof callback !== 'function') | ||
if (typeof callback !== 'function') { | ||
throw new Error('missing callback argument') | ||
} | ||
@@ -43,5 +45,6 @@ versionRange = semver.validRange(versionRange) | ||
// dont think is is possible but just to make sure. | ||
if (!json.versions) | ||
// dont think it is possible but just to make sure. | ||
if (!json.versions) { | ||
return callback(new Error('no versions in registry for package ' + package)) | ||
} | ||
@@ -53,4 +56,5 @@ // find the right version for this package | ||
if (!version) | ||
if (!version) { | ||
return callback(new Error('cannot find a version that satisfies range ' + versionRange + ' in the registry')) | ||
} | ||
@@ -57,0 +61,0 @@ getPackageJson(package, version, function(err, json) { |
{ | ||
"name": "license-report", | ||
"version": "2.0.0", | ||
"version": "2.1.0", | ||
"description": "creates a short report about project's dependencies (license, url etc)", | ||
@@ -29,2 +29,3 @@ "main": "index.js", | ||
"semver": "^3.0.1", | ||
"stubborn": "^1.2.0", | ||
"text-table": "^0.2.0", | ||
@@ -31,0 +32,0 @@ "visit-values": "^1.0.1" |
var assert = require('assert') | ||
var extractLicense = require('../lib/extractLicense.js') | ||
describe.only('extractLicense', function () { | ||
describe('extractLicense', function () { | ||
@@ -6,0 +6,0 @@ it('if its a string', function () { |
var assert = require('assert') | ||
var getPackageReportData = require('../lib/getPackageReportData.js') | ||
describe('getPackageReportData', function () { | ||
this.timeout(10000) | ||
describe.only('getPackageReportData', function () { | ||
this.timeout(20000) | ||
@@ -10,5 +10,7 @@ it('gets the package report data', function (done) { | ||
getPackageReportData('async', '>0.0.1', function(err, data) { | ||
if (err) return done(err) | ||
assert.strictEqual(data.name, 'async') | ||
assert.strictEqual(data.licenseType, 'MIT') | ||
assert.strictEqual(data.link, 'https://github.com/caolan/async.git') | ||
assert.strictEqual(data.link, 'git+https://github.com/caolan/async.git') | ||
@@ -21,2 +23,4 @@ done() | ||
getPackageReportData('async', 'a.b.c', function(err, data) { | ||
if (err) return done(err) | ||
assert.strictEqual(data.name, 'async') | ||
@@ -28,5 +32,6 @@ assert.strictEqual(data.comment, 'skipping async (invalid semversion)') | ||
}) | ||
it('returns an error when no versions satisfy the condition', function (done) { | ||
getPackageReportData('async', '0.0.1', function(err, data) { | ||
assert(err.message.indexOf('cannot find a version that satisfies range') === -1) | ||
assert(err.message.indexOf('cannot find a version that satisfies range') === 0) | ||
@@ -33,0 +38,0 @@ done() |
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
Shell access
Supply chain riskThis module accesses the system shell. Accessing the system shell increases the risk of executing arbitrary code.
Found 1 instance in 1 package
82410
377
0
9
15
+ Addedstubborn@^1.2.0
+ Addeddebug@4.3.7(transitive)
+ Addedlodash@4.17.21(transitive)
+ Addedms@2.1.3(transitive)
+ Addedstubborn@1.2.5(transitive)