You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@skywalking.apache.org by GitBox <gi...@apache.org> on 2021/08/01 08:17:26 UTC
[GitHub] [skywalking-eyes] zooltd opened a new pull request #51: Enhance Go dependency resolver to resolve all the dependent packages
zooltd opened a new pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51
This patch enhances the NPM dependency resolver to resolve all the dependent packages.
First, it runs the npm command `npm ls --all --parseable` to list all the packages' absolute paths.
Then, each package's name is inferred from its relative path from the node_modules dir.
Finally, walk through each package's root path to resolve licenses from the package.json file or the license file.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on a change in pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on a change in pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#discussion_r681433877
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
if err := cmd.Run(); err != nil {
- return err
+ logger.Log.Errorln(err)
}
- return nil
}
-// ResolvePackageLicense resolves the licenses of the given packages.
-func (resolver *NpmResolver) ResolvePackageLicense(depName string, report *Report) error {
- depFiles, err := ioutil.ReadDir(depName)
+// ListPkgPaths runs npm command to list all the production only packages' absolute paths, one path per line
+// Note that although the flag `--long` can show more information line like a package's name,
+// its realization and printing format is not uniform in different npm-cli versions
+func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error) {
+ buffer := &bytes.Buffer{}
+ cmd := exec.Command("npm", "ls", "--all", "--production", "--parseable")
+ cmd.Stderr = os.Stderr
+ cmd.Stdout = buffer
+ // Error occurs all the time in npm commands, so no return statement here
+ err := cmd.Run()
+ return buffer, err
Review comment:
the error returned from `cmd.Run()` is exist error, like `exit status 1`
it differs from `Stderr` , which records runtime error
so the same error will not be printed twice
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] wu-sheng commented on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
wu-sheng commented on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-890513842
What happens if `npm` command is not available?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on a change in pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on a change in pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#discussion_r681433877
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
if err := cmd.Run(); err != nil {
- return err
+ logger.Log.Errorln(err)
}
- return nil
}
-// ResolvePackageLicense resolves the licenses of the given packages.
-func (resolver *NpmResolver) ResolvePackageLicense(depName string, report *Report) error {
- depFiles, err := ioutil.ReadDir(depName)
+// ListPkgPaths runs npm command to list all the production only packages' absolute paths, one path per line
+// Note that although the flag `--long` can show more information line like a package's name,
+// its realization and printing format is not uniform in different npm-cli versions
+func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error) {
+ buffer := &bytes.Buffer{}
+ cmd := exec.Command("npm", "ls", "--all", "--production", "--parseable")
+ cmd.Stderr = os.Stderr
+ cmd.Stdout = buffer
+ // Error occurs all the time in npm commands, so no return statement here
+ err := cmd.Run()
+ return buffer, err
Review comment:
the error returned from `cmd.Run()` is exist error, like `exit status 1`
it differs from `Stderr` , which records runtime error
so the same error will not be printed twice
same as the problem below
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] kezhenxu94 commented on a change in pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
kezhenxu94 commented on a change in pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#discussion_r680621153
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
Review comment:
Did you figure out why error occurs all the time? Is it because, for example, vulnerabilities are found in the dependencies?
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
if err := cmd.Run(); err != nil {
- return err
+ logger.Log.Errorln(err)
}
- return nil
}
-// ResolvePackageLicense resolves the licenses of the given packages.
-func (resolver *NpmResolver) ResolvePackageLicense(depName string, report *Report) error {
- depFiles, err := ioutil.ReadDir(depName)
+// ListPkgPaths runs command 'npm ls --all --parseable' to list all the installed packages' paths, one path per line
+// Note that although the flag `--long` can show more information line like a package's name,
+// its realization and printing format is not uniform in different npm-cli versions
+func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error) {
+ buffer := &bytes.Buffer{}
+ cmd := exec.Command("npm", "ls", "--all", "--parseable")
Review comment:
This seems to list all dependencies, including `devDependencies` and their transitive dependencies as well, which is not what necessarily needed, is there any way to only list runtime dependencies, or exclude `devDependencies`?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd edited a comment on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd edited a comment on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-890517766
> What happens if `npm` command is not available?
The error msg will print in the console, and the program continues regardlessly. However, it will not crash, it just prints an empty list.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on a change in pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on a change in pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#discussion_r680626671
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
Review comment:
Yes, mostly that's because vulnerabilities are found, and that occurs frequently when installing packages.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-890517766
> What happens if `npm` command is not available?
The msg will print in the console, and the program continues regardlessly. However, it will not crash, it just prints an empty list.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891535879
It seems in some cases, the `license` field in package.json shows as:
```
"licenses": [
{
"type": "AFLv2.1",
"url": "http://trac.dojotoolkit.org/browser/dojo/trunk/LICENSE#L43"
},
{
"type": "BSD",
"url": "http://trac.dojotoolkit.org/browser/dojo/trunk/LICENSE#L13"
}
```
Plan to fix this in next patch
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] kezhenxu94 commented on a change in pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
kezhenxu94 commented on a change in pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#discussion_r681404026
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
if err := cmd.Run(); err != nil {
- return err
+ logger.Log.Errorln(err)
Review comment:
Do we want to log it again because the stderr has already printed this right?
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
if err := cmd.Run(); err != nil {
- return err
+ logger.Log.Errorln(err)
}
- return nil
}
-// ResolvePackageLicense resolves the licenses of the given packages.
-func (resolver *NpmResolver) ResolvePackageLicense(depName string, report *Report) error {
- depFiles, err := ioutil.ReadDir(depName)
+// ListPkgPaths runs npm command to list all the production only packages' absolute paths, one path per line
+// Note that although the flag `--long` can show more information line like a package's name,
+// its realization and printing format is not uniform in different npm-cli versions
+func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error) {
+ buffer := &bytes.Buffer{}
+ cmd := exec.Command("npm", "ls", "--all", "--production", "--parseable")
+ cmd.Stderr = os.Stderr
+ cmd.Stdout = buffer
+ // Error occurs all the time in npm commands, so no return statement here
+ err := cmd.Run()
+ return buffer, err
Review comment:
maybe we can remove the return value `error` because
- the error is mostly expected
- we don't deal with the error when invoking this function
- the stderr is printed and we don't need to get the error when invoking this function
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd removed a comment on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd removed a comment on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891530540
> This looks much better, just some nits. Can you please run this tool on [http://github.com/apache/skywalking-client-js](https://github.com/apache/skywalking-client-js) and [http://github.com/apache/skywalking-nodejs](https://github.com/apache/skywalking-nodejs) to see the results and paste here?
For http://github.com/apache/skywalking-client-js, the complete output is shown below:
root@Samaritan:~/workplace/skywalking-eyes# ./bin/linux/license-eye -c ~/testPlace/javascript/.licenserc.yaml d r
INFO GITHUB_TOKEN is not set, license-eye won't comment on the pull request
INFO Loading configuration from file: /root/testPlace/javascript/.licenserc.yaml
INFO Try to install nodejs packages in 5 seconds, press [s/S] and ENTER to skip
INFO Time out, try to install packages
INFO Run command: /usr/local/bin/npm install, please wait
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile
> @kubernetes/client-node@0.15.1 prepare
> npm run build
> @kubernetes/client-node@0.15.1 build
> tsc
up to date, audited 465 packages in 18s
22 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
WARNING Failed to resolve the license of dependency: json-schema cannot capture the license field; cannot find the license file
Dependency | License
----------------------------------------------- | ------------
@types/js-yaml | MIT
@types/node | MIT
@types/request | MIT
@types/stream-buffers | MIT
@types/tar | MIT
@types/underscore | MIT
@types/ws | MIT
byline | MIT
execa | MIT
isomorphic-ws | MIT
js-yaml | MIT
jsonpath-plus | MIT
openid-client | MIT
request | Apache-2.0
rfc4648 | MIT
shelljs | BSD-3-Clause
stream-buffers | Unlicense
tar | ISC
tmp-promise | MIT
tslib | Apache-2.0
underscore | MIT
ws | MIT
@types/caseless | MIT
@types/form-data | MIT
@types/tough-cookie | MIT
@types/minipass | MIT
@types/events | MIT
cross-spawn | MIT
get-stream | MIT
human-signals | Apache-2.0
is-stream | MIT
merge-stream | MIT
npm-run-path | MIT
onetime | MIT
signal-exit | ISC
strip-final-newline | MIT
js-yaml/node_modules/argparse | Python-2.0
base64url | MIT
got | MIT
jose | MIT
openid-client/node_modules/lru-cache | ISC
openid-client/node_modules/make-error | ISC
object-hash | MIT
oidc-token-hash | MIT
p-any | MIT
aws-sign2 | Apache-2.0
aws4 | MIT
caseless | Apache-2.0
combined-stream | MIT
extend | MIT
forever-agent | Apache-2.0
form-data | MIT
har-validator | ISC
http-signature | MIT
is-typedarray | MIT
isstream | MIT
json-stringify-safe | ISC
mime-types | MIT
oauth-sign | Apache-2.0
performance-now | MIT
qs | BSD-3-Clause
safe-buffer | MIT
tough-cookie | BSD-3-Clause
tunnel-agent | Apache-2.0
uuid | MIT
glob | ISC
interpret | MIT
rechoir | MIT
chownr | ISC
fs-minipass | ISC
minipass | ISC
minizlib | MIT
tar/node_modules/mkdirp | MIT
tar/node_modules/yallist | ISC
tmp | MIT
path-key | MIT
shebang-command | MIT
cross-spawn/node_modules/which | ISC
mimic-fn | MIT
@sindresorhus/is | MIT
@szmarczak/http-timer | MIT
@types/cacheable-request | MIT
@types/responselike | MIT
cacheable-lookup | MIT
cacheable-request | MIT
decompress-response | MIT
http2-wrapper | MIT
lowercase-keys | MIT
p-cancelable | MIT
responselike | MIT
@panva/asn1.js | MIT
openid-client/node_modules/yallist | ISC
p-some | MIT
delayed-stream | MIT
asynckit | MIT
ajv | MIT
har-schema | ISC
assert-plus | MIT
jsprim | MIT
sshpk | MIT
mime-db | MIT
psl | MIT
punycode | MIT
fs.realpath | ISC
inflight | ISC
inherits | ISC
minimatch | ISC
once | ISC
path-is-absolute | MIT
resolve | MIT
minipass/node_modules/yallist | ISC
minizlib/node_modules/yallist | ISC
tmp/node_modules/rimraf | ISC
shebang-regex | MIT
isexe | ISC
defer-to-connect | MIT
@types/http-cache-semantics | MIT
@types/keyv | MIT
clone-response | MIT
cacheable-request/node_modules/get-stream | MIT
http-cache-semantics | BSD-2-Clause
keyv | MIT
normalize-url | MIT
decompress-response/node_modules/mimic-response | MIT
quick-lru | MIT
resolve-alpn | MIT
aggregate-error | MIT
co | MIT
fast-deep-equal | MIT
fast-json-stable-stringify | MIT
json-schema-traverse | MIT
extsprintf | MIT
verror | MIT
asn1 | MIT
bcrypt-pbkdf | BSD-3-Clause
dashdash | MIT
ecc-jsbn | MIT
getpass | MIT
jsbn | MIT
safer-buffer | MIT
tweetnacl | Unlicense
wrappy | ISC
brace-expansion | MIT
path-parse | MIT
tmp/node_modules/glob | ISC
mimic-response | MIT
pump | MIT
json-buffer | MIT
clean-stack | MIT
indent-string | MIT
core-util-is | MIT
balanced-match | MIT
concat-map | MIT
end-of-stream | MIT
json-schema | Unknown
ERROR failed to identify the licenses of following packages (1):
json-schema
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on a change in pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on a change in pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#discussion_r681433877
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
if err := cmd.Run(); err != nil {
- return err
+ logger.Log.Errorln(err)
}
- return nil
}
-// ResolvePackageLicense resolves the licenses of the given packages.
-func (resolver *NpmResolver) ResolvePackageLicense(depName string, report *Report) error {
- depFiles, err := ioutil.ReadDir(depName)
+// ListPkgPaths runs npm command to list all the production only packages' absolute paths, one path per line
+// Note that although the flag `--long` can show more information line like a package's name,
+// its realization and printing format is not uniform in different npm-cli versions
+func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error) {
+ buffer := &bytes.Buffer{}
+ cmd := exec.Command("npm", "ls", "--all", "--production", "--parseable")
+ cmd.Stderr = os.Stderr
+ cmd.Stdout = buffer
+ // Error occurs all the time in npm commands, so no return statement here
+ err := cmd.Run()
+ return buffer, err
Review comment:
the error returned from `cmd.Run()` is exist error, like `exit status 1`
it differs from `Stderr` , which records runtime error
so the same error will not be printed twice
its's the same as the commnet below
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891477158
devDeps and transitive devDeps are now excluded
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] kezhenxu94 commented on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
kezhenxu94 commented on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891636325
> It seems in some cases, the `license` field in package.json shows as:
>
> ```
> "licenses": [
> {
> "type": "AFLv2.1",
> "url": "http://trac.dojotoolkit.org/browser/dojo/trunk/LICENSE#L43"
> },
> {
> "type": "BSD",
> "url": "http://trac.dojotoolkit.org/browser/dojo/trunk/LICENSE#L13"
> }
> ```
>
> It can not be parsed right now. Plan to fix this in next patch
Good catch! Projects are able to be dual-licensed or licensed under multiple licenses, let’s tackle this case in next PR
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891530540
> This looks much better, just some nits. Can you please run this tool on [http://github.com/apache/skywalking-client-js](https://github.com/apache/skywalking-client-js) and [http://github.com/apache/skywalking-nodejs](https://github.com/apache/skywalking-nodejs) to see the results and paste here?
For http://github.com/apache/skywalking-client-js, the complete output is shown below:
root@Samaritan:~/workplace/skywalking-eyes# ./bin/linux/license-eye -c ~/testPlace/javascript/.licenserc.yaml d r
INFO GITHUB_TOKEN is not set, license-eye won't comment on the pull request
INFO Loading configuration from file: /root/testPlace/javascript/.licenserc.yaml
INFO Try to install nodejs packages in 5 seconds, press [s/S] and ENTER to skip
INFO Time out, try to install packages
INFO Run command: /usr/local/bin/npm install, please wait
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile
> @kubernetes/client-node@0.15.1 prepare
> npm run build
> @kubernetes/client-node@0.15.1 build
> tsc
up to date, audited 465 packages in 18s
22 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
WARNING Failed to resolve the license of dependency: json-schema cannot capture the license field; cannot find the license file
Dependency | License
----------------------------------------------- | ------------
@types/js-yaml | MIT
@types/node | MIT
@types/request | MIT
@types/stream-buffers | MIT
@types/tar | MIT
@types/underscore | MIT
@types/ws | MIT
byline | MIT
execa | MIT
isomorphic-ws | MIT
js-yaml | MIT
jsonpath-plus | MIT
openid-client | MIT
request | Apache-2.0
rfc4648 | MIT
shelljs | BSD-3-Clause
stream-buffers | Unlicense
tar | ISC
tmp-promise | MIT
tslib | Apache-2.0
underscore | MIT
ws | MIT
@types/caseless | MIT
@types/form-data | MIT
@types/tough-cookie | MIT
@types/minipass | MIT
@types/events | MIT
cross-spawn | MIT
get-stream | MIT
human-signals | Apache-2.0
is-stream | MIT
merge-stream | MIT
npm-run-path | MIT
onetime | MIT
signal-exit | ISC
strip-final-newline | MIT
js-yaml/node_modules/argparse | Python-2.0
base64url | MIT
got | MIT
jose | MIT
openid-client/node_modules/lru-cache | ISC
openid-client/node_modules/make-error | ISC
object-hash | MIT
oidc-token-hash | MIT
p-any | MIT
aws-sign2 | Apache-2.0
aws4 | MIT
caseless | Apache-2.0
combined-stream | MIT
extend | MIT
forever-agent | Apache-2.0
form-data | MIT
har-validator | ISC
http-signature | MIT
is-typedarray | MIT
isstream | MIT
json-stringify-safe | ISC
mime-types | MIT
oauth-sign | Apache-2.0
performance-now | MIT
qs | BSD-3-Clause
safe-buffer | MIT
tough-cookie | BSD-3-Clause
tunnel-agent | Apache-2.0
uuid | MIT
glob | ISC
interpret | MIT
rechoir | MIT
chownr | ISC
fs-minipass | ISC
minipass | ISC
minizlib | MIT
tar/node_modules/mkdirp | MIT
tar/node_modules/yallist | ISC
tmp | MIT
path-key | MIT
shebang-command | MIT
cross-spawn/node_modules/which | ISC
mimic-fn | MIT
@sindresorhus/is | MIT
@szmarczak/http-timer | MIT
@types/cacheable-request | MIT
@types/responselike | MIT
cacheable-lookup | MIT
cacheable-request | MIT
decompress-response | MIT
http2-wrapper | MIT
lowercase-keys | MIT
p-cancelable | MIT
responselike | MIT
@panva/asn1.js | MIT
openid-client/node_modules/yallist | ISC
p-some | MIT
delayed-stream | MIT
asynckit | MIT
ajv | MIT
har-schema | ISC
assert-plus | MIT
jsprim | MIT
sshpk | MIT
mime-db | MIT
psl | MIT
punycode | MIT
fs.realpath | ISC
inflight | ISC
inherits | ISC
minimatch | ISC
once | ISC
path-is-absolute | MIT
resolve | MIT
minipass/node_modules/yallist | ISC
minizlib/node_modules/yallist | ISC
tmp/node_modules/rimraf | ISC
shebang-regex | MIT
isexe | ISC
defer-to-connect | MIT
@types/http-cache-semantics | MIT
@types/keyv | MIT
clone-response | MIT
cacheable-request/node_modules/get-stream | MIT
http-cache-semantics | BSD-2-Clause
keyv | MIT
normalize-url | MIT
decompress-response/node_modules/mimic-response | MIT
quick-lru | MIT
resolve-alpn | MIT
aggregate-error | MIT
co | MIT
fast-deep-equal | MIT
fast-json-stable-stringify | MIT
json-schema-traverse | MIT
extsprintf | MIT
verror | MIT
asn1 | MIT
bcrypt-pbkdf | BSD-3-Clause
dashdash | MIT
ecc-jsbn | MIT
getpass | MIT
jsbn | MIT
safer-buffer | MIT
tweetnacl | Unlicense
wrappy | ISC
brace-expansion | MIT
path-parse | MIT
tmp/node_modules/glob | ISC
mimic-response | MIT
pump | MIT
json-buffer | MIT
clean-stack | MIT
indent-string | MIT
core-util-is | MIT
balanced-match | MIT
concat-map | MIT
end-of-stream | MIT
json-schema | Unknown
ERROR failed to identify the licenses of following packages (1):
json-schema
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on a change in pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on a change in pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#discussion_r680626184
##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
}
// InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
cmd := exec.Command("npm", "install")
- cmd.Dir = root
logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
+ // Error occurs all the time in npm commands, so no return statement here
if err := cmd.Run(); err != nil {
- return err
+ logger.Log.Errorln(err)
}
- return nil
}
-// ResolvePackageLicense resolves the licenses of the given packages.
-func (resolver *NpmResolver) ResolvePackageLicense(depName string, report *Report) error {
- depFiles, err := ioutil.ReadDir(depName)
+// ListPkgPaths runs command 'npm ls --all --parseable' to list all the installed packages' paths, one path per line
+// Note that although the flag `--long` can show more information line like a package's name,
+// its realization and printing format is not uniform in different npm-cli versions
+func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error) {
+ buffer := &bytes.Buffer{}
+ cmd := exec.Command("npm", "ls", "--all", "--parseable")
Review comment:
Sorry did not notice that. I guess another argument named 'omit' may help but I need to look into it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd commented on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd commented on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891544934
> This looks much better, just some nits. Can you please run this tool on [http://github.com/apache/skywalking-client-js](https://github.com/apache/skywalking-client-js) and [http://github.com/apache/skywalking-nodejs](https://github.com/apache/skywalking-nodejs) to see the results and paste here?
For skywalking-client-js, the total output is shown as below:
root@Samaritan:~/skywalking-eyes# ./bin/linux/license-eye -c ~/testPlace/skywalking-client-js/.licenserc.yaml d r
INFO GITHUB_TOKEN is not set, license-eye won't comment on the pull request
INFO Loading configuration from file: /root/testPlace/skywalking-client-js/.licenserc.yaml
INFO Try to install nodejs packages in 5 seconds, press [s/S] and ENTER to skip
INFO Time out, try to install packages
INFO Run command: /usr/local/bin/npm install, please wait
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
added 652 packages, and audited 653 packages in 29s
50 packages are looking for funding
run `npm fund` for details
5 vulnerabilities (4 moderate, 1 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
Dependency | License
--------- | ------------
js-base64 | BSD-3-Clause
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] kezhenxu94 merged pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
kezhenxu94 merged pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd edited a comment on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd edited a comment on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891544934
> This looks much better, just some nits. Can you please run this tool on [http://github.com/apache/skywalking-client-js](https://github.com/apache/skywalking-client-js) and [http://github.com/apache/skywalking-nodejs](https://github.com/apache/skywalking-nodejs) to see the results and paste here?
#### For skywalking-client-js, the total output is shown as below:
root@Samaritan:~/skywalking-eyes# ./bin/linux/license-eye -c ~/testPlace/skywalking-client-js/.licenserc.yaml d r
INFO GITHUB_TOKEN is not set, license-eye won't comment on the pull request
INFO Loading configuration from file: /root/testPlace/skywalking-client-js/.licenserc.yaml
INFO Try to install nodejs packages in 5 seconds, press [s/S] and ENTER to skip
INFO Time out, try to install packages
INFO Run command: /usr/local/bin/npm install, please wait
npm WARN old lockfile
npm WARN old lockfile The package-lock.json file was created with an old version of npm,
npm WARN old lockfile so supplemental metadata must be fetched from the registry.
npm WARN old lockfile
npm WARN old lockfile This is a one-time fix-up, please be patient...
npm WARN old lockfile
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated querystring@0.2.0: The querystring API is considered Legacy. new code should use the URLSearchParams API instead.
npm WARN deprecated chokidar@2.1.8: Chokidar 2 will break on node v14+. Upgrade to chokidar 3 with 15x less dependencies.
added 652 packages, and audited 653 packages in 29s
50 packages are looking for funding
run `npm fund` for details
5 vulnerabilities (4 moderate, 1 high)
To address issues that do not require attention, run:
npm audit fix
To address all issues (including breaking changes), run:
npm audit fix --force
Run `npm audit` for details.
Dependency | License
--------- | ------------
js-base64 | BSD-3-Clause
#### And for skywalking-nodejs:
(`npm run generate-source` failed somehow)
root@Samaritan:~/skywalking-eyes# ./bin/linux/license-eye -c ~/testPlace/skywalking-nodejs/.licenserc.yaml d r
INFO GITHUB_TOKEN is not set, license-eye won't comment on the pull request
INFO Loading configuration from file: /root/testPlace/skywalking-nodejs/.licenserc.yaml
INFO Try to install nodejs packages in 5 seconds, press [s/S] and ENTER to skip
INFO Time out, try to install packages
INFO Run command: /usr/local/bin/npm install, please wait
> skywalking-backend-js@0.4.0 prepare
> npm run generate-source
> skywalking-backend-js@0.4.0 generate-source
> scripts/protoc.sh
Could not make proto path relative: **/*.proto: No such file or directory
/root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/protoc.js:41
throw error;
^
Error: Command failed: /root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/protoc --plugin=protoc-gen-grpc=/root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/grpc_node_plugin --js_out=import_style=commonjs,binary:/root/testPlace/skywalking-nodejs/src/proto/ --grpc_out=/root/testPlace/skywalking-nodejs/src/proto/ --plugin=protoc-gen-grpc=/root/testPlace/skywalking-nodejs/node_modules/.bin/grpc_tools_node_protoc_plugin **/*.proto
Could not make proto path relative: **/*.proto: No such file or directory
at ChildProcess.exithandler (child_process.js:390:12)
at ChildProcess.emit (events.js:400:28)
at maybeClose (internal/child_process.js:1055:16)
at Socket.<anonymous> (internal/child_process.js:441:11)
at Socket.emit (events.js:400:28)
at Pipe.<anonymous> (net.js:675:12) {
killed: false,
code: 1,
signal: null,
cmd: '/root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/protoc --plugin=protoc-gen-grpc=/root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/grpc_node_plugin --js_out=import_style=commonjs,binary:/root/testPlace/skywalking-nodejs/src/proto/ --grpc_out=/root/testPlace/skywalking-nodejs/src/proto/ --plugin=protoc-gen-grpc=/root/testPlace/skywalking-nodejs/node_modules/.bin/grpc_tools_node_protoc_plugin **/*.proto'
}
Could not make proto path relative: **/*.proto: No such file or directory
/root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/protoc.js:41
throw error;
^
Error: Command failed: /root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/protoc --plugin=protoc-gen-grpc=/root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/grpc_node_plugin --plugin=protoc-gen-ts=/root/testPlace/skywalking-nodejs/node_modules/.bin/protoc-gen-ts --ts_out=/root/testPlace/skywalking-nodejs/src/proto/ **/*.proto
Could not make proto path relative: **/*.proto: No such file or directory
at ChildProcess.exithandler (child_process.js:390:12)
at ChildProcess.emit (events.js:400:28)
at maybeClose (internal/child_process.js:1055:16)
at Socket.<anonymous> (internal/child_process.js:441:11)
at Socket.emit (events.js:400:28)
at Pipe.<anonymous> (net.js:675:12) {
killed: false,
code: 1,
signal: null,
cmd: '/root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/protoc --plugin=protoc-gen-grpc=/root/testPlace/skywalking-nodejs/node_modules/grpc-tools/bin/grpc_node_plugin --plugin=protoc-gen-ts=/root/testPlace/skywalking-nodejs/node_modules/.bin/protoc-gen-ts --ts_out=/root/testPlace/skywalking-nodejs/src/proto/ **/*.proto'
}
npm ERR! code 1
npm ERR! path /root/testPlace/skywalking-nodejs
npm ERR! command failed
npm ERR! command sh -c npm run generate-source
npm ERR! A complete log of this run can be found in:
npm ERR! /root/.npm/_logs/2021-08-03T05_38_55_303Z-debug.log
ERROR exit status 1
Dependency | License
------------------------------------ | -----------------------------------
google-protobuf | BSD-3-Clause
grpc | Apache-2.0
semver | ISC
tslib | 0BSD
uuid | MIT
winston | MIT
@types/bytebuffer | MIT
lodash.camelcase | MIT
lodash.clone | MIT
nan | MIT
node-pre-gyp | BSD-3-Clause
protobufjs | Apache-2.0
lru-cache | ISC
@dabh/diagnostics | MIT
async | MIT
is-stream | MIT
logform | MIT
one-time | MIT
winston/node_modules/readable-stream | MIT
stack-trace | MIT
triple-beam | MIT
winston-transport | MIT
@types/long | MIT
@types/node | MIT
detect-libc | Apache-2.0
mkdirp | MIT
needle | MIT
nopt | ISC
npm-packlist | ISC
npmlog | ISC
rc | (BSD-2-Clause OR MIT OR Apache-2.0)
rimraf | ISC
node-pre-gyp/node_modules/semver | ISC
tar | ISC
ascli | Apache-2.0
bytebuffer | Apache-2.0
glob | ISC
yargs | MIT
lru-cache/node_modules/yallist | ISC
colorspace | MIT
enabled | MIT
kuler | MIT
colors | MIT
fast-safe-stringify | MIT
fecha | MIT
ms | MIT
fn.name | MIT
inherits | ISC
string_decoder | MIT
util-deprecate | MIT
readable-stream | MIT
minimist | MIT
debug | MIT
iconv-lite | MIT
sax | ISC
abbrev | ISC
osenv | ISC
ignore-walk | ISC
npm-bundled | ISC
npm-normalize-package-bin | ISC
are-we-there-yet | ISC
console-control-strings | ISC
gauge | ISC
set-blocking | ISC
deep-extend | MIT
ini | ISC
strip-json-comments | MIT
chownr | ISC
fs-minipass | ISC
minipass | ISC
minizlib | MIT
safe-buffer | MIT
yallist | ISC
colour | MIT
optjs | MIT
long | Apache-2.0
fs.realpath | ISC
inflight | ISC
minimatch | ISC
once | ISC
path-is-absolute | MIT
camelcase | MIT
cliui | ISC
decamelize | MIT
os-locale | MIT
string-width | MIT
window-size | MIT
y18n | ISC
color | MIT
text-hex | MIT
core-util-is | MIT
isarray | MIT
process-nextick-args | MIT
safer-buffer | MIT
os-homedir | MIT
os-tmpdir | MIT
delegates | MIT
aproba | ISC
has-unicode | ISC
object-assign | MIT
signal-exit | ISC
strip-ansi | MIT
wide-align | ISC
wrappy | ISC
brace-expansion | MIT
wrap-ansi | MIT
lcid | MIT
code-point-at | MIT
is-fullwidth-code-point | MIT
color-convert | MIT
color-string | MIT
ansi-regex | MIT
balanced-match | MIT
concat-map | MIT
invert-kv | MIT
number-is-nan | MIT
color-name | MIT
simple-swizzle | MIT
is-arrayish | MIT
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd edited a comment on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd edited a comment on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891535879
It seems in some cases, the `license` field in package.json is like:
```
"licenses": [
{
"type": "AFLv2.1",
"url": "http://trac.dojotoolkit.org/browser/dojo/trunk/LICENSE#L43"
},
{
"type": "BSD",
"url": "http://trac.dojotoolkit.org/browser/dojo/trunk/LICENSE#L13"
}
```
It can not be parsed right now. Plan to fix this in next patch
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [skywalking-eyes] zooltd edited a comment on pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages
Posted by GitBox <gi...@apache.org>.
zooltd edited a comment on pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#issuecomment-891535879
It seems in some cases, the `license` field in package.json shows as:
```
"licenses": [
{
"type": "AFLv2.1",
"url": "http://trac.dojotoolkit.org/browser/dojo/trunk/LICENSE#L43"
},
{
"type": "BSD",
"url": "http://trac.dojotoolkit.org/browser/dojo/trunk/LICENSE#L13"
}
```
It can not be parsed right now. Plan to fix this in next patch
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org