licensee - npm Package Compare versions

Comparing version 5.1.0 to 6.0.0

127

index.js

		module.exports = licensee

		var licenseSatisfies = require('spdx-satisfies')
		var npmLicenseCorrections = require('npm-license-corrections')
		var parseJSON = require('json-parse-errback')
		@@ -151,3 +152,19 @@ var readPackageTree = require('read-package-tree')
		) {
		results.push(resultForPackage(configuration, child))
		var result = resultForPackage(configuration, child)
		// Deduplicate.
		var existing = results.find(function (existing) {
		return (
		existing.name === result.name &&
		existing.version === result.version
		)
		})
		if (existing) {
		if (existing.duplicates) {
		existing.duplicates.push(result)
		} else {
		existing.duplicates = [result]
		}
		} else {
		results.push(result)
		}
		findIssues(configuration, child, dependencies, results)
		@@ -187,6 +204,51 @@ }
		}
		// Find and apply any license metadata correction.
		var correction = (
		configuration.corrections &&
		npmLicenseCorrections.find(function (correction) {
		return (
		correction.name === result.name &&
		correction.version === result.version
		)
		})
		)
		if (correction) {
		result.license = correction.license
		result.corrected = true
		}

		// Check if ignored.
		var ignore = configuration.ignore
		if (ignore && Array.isArray(ignore)) {
		var ignored = ignore.some(function (ignore) {
		if (typeof ignore !== 'object') return false
		if (
		ignore.prefix &&
		typeof ignore.prefix === 'string' &&
		startsWith(result.name, ignore.prefix)
		) return true
		if (
		ignore.scope &&
		typeof ignore.scope === 'string' &&
		startsWith(result.name, '@' + ignore.scope + '/')
		) return true
		if (
		ignore.author &&
		typeof ignore.author === 'string' &&
		personMatches(result.author, ignore.author)
		) return true
		return false
		})
		if (ignored) {
		result.approved = true
		result.ignored = ignored
		return result
		}
		}

		// Check if whitelisted.
		var whitelisted = Object.keys(whitelist).some(function (name) {
		return (
		tree.package.name === name &&
		satisfies(tree.package.version, whitelist[name]) === true
		result.name === name &&
		satisfies(result.version, whitelist[name]) === true
		)
		@@ -197,19 +259,50 @@ })
		result.whitelisted = true
		return result
		}

		// Check against licensing rule.
		var matchesRule = (
		licenseExpression &&
		validSPDX(licenseExpression) &&
		result.license &&
		typeof result.license === 'string' &&
		validSPDX(result.license) &&
		licenseSatisfies(result.license, licenseExpression)
		)
		if (matchesRule) {
		result.approved = true
		result.rule = true
		} else {
		var matchesRule = (
		licenseExpression &&
		validSPDX(licenseExpression) &&
		tree.package.license &&
		typeof tree.package.license === 'string' &&
		validSPDX(tree.package.license) &&
		licenseSatisfies(tree.package.license, licenseExpression)
		)
		if (matchesRule) {
		result.approved = true
		result.rule = true
		} else {
		result.approved = false
		}
		result.approved = false
		}
		return result
		}

		function startsWith (string, prefix) {
		return string.toLowerCase().indexOf(prefix.toLowerCase()) === 0
		}

		function personMatches (person, string) {
		if (!person) return false
		if (typeof person === 'string') {
		return contains(person, string)
		}
		if (typeof person === 'object') {
		if (matches('name')) return true
		if (matches('email')) return true
		if (matches('url')) return true
		}
		return false

		function matches (key) {
		return (
		person[key] &&
		typeof person[key] === 'string' &&
		contains(person[key], string)
		)
		}
		}

		function contains (string, substring) {
		return string.toLowerCase().indexOf(substring.toLowerCase()) !== -1
		}

package.json

		{
		"name": "licensee",
		"description": "check dependency licenses against rules",
		"version": "5.1.0",
		"version": "6.0.0",
		"author": "Kyle E. Mitchell <kyle@kemitchell.com> (https://kemitchell.com/)",
		@@ -13,2 +13,3 @@ "contributors": [
		"json-parse-errback": "^2.0.1",
		"npm-license-corrections": "^1.0.0",
		"read-package-tree": "^5.2.1",
		@@ -36,5 +37,5 @@ "run-parallel": "^1.1.9",
		"scripts": {
		"style": "standard",
		"style": "standard index.js",
		"test": "tap tests/**/test.js"
		}
		}

README.md

		@@ -18,3 +18,9 @@ Check npm package dependency license metadata against rules.
		"optimist": "<=0.6.1"
		}
		},
		"corrections": false,
		"ignore": [
		{"scope": "kemitchell"},
		{"prefix": "commonform-"},
		{"author": "Kyle E. Mitchell"}
		]
		}
		@@ -39,2 +45,23 @@ ```

		The `corrections` flag toggles community corrections to npm package
		license metadata. When enabled, `licensee` will check `license` and
		`whitelist` against `license` values from [npm-license-corrections]
		when available.

		[npm-license-corrections]: https://www.npmjs.com/package/npm-license-corrections

		The optional `ignore` array instructs `licensee` to approve packages
		without considering their `license` metadata. Ignore rules can take
		one of three forms:

		1. `{"scope":"x"}` ignores all packages in scope `x`, like `@x/y`.

		2. `{"prefix":"x"}` ignores all packages whose names start with `x`,
		but not scoped packages whose scopes do not match, like `@y/x`.

		3. `{"author":"x"}` ignores all packages whose authors' names,
		e-mail addresses, or URLs contain `x`.

		All ignore rules are case-insensitive.

		# Use
		@@ -41,0 +68,0 @@

licensee

Sorry, the diff of this file is not supported yet

licensee - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes