You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@skywalking.apache.org by GitBox <gi...@apache.org> on 2021/08/02 03:00:40 UTC

[GitHub] [skywalking-eyes] kezhenxu94 commented on a change in pull request #51: Enhance NPM dependency resolver to resolve all the dependent packages

kezhenxu94 commented on a change in pull request #51:
URL: https://github.com/apache/skywalking-eyes/pull/51#discussion_r680621153



##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
 }
 
 // InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
 	cmd := exec.Command("npm", "install")
-	cmd.Dir = root
 	logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
+	// Error occurs all the time in npm commands, so no return statement here

Review comment:
       Did you figure out why error occurs all the time? Is it because, for example, vulnerabilities are found in the dependencies?

##########
File path: pkg/deps/npm.go
##########
@@ -141,79 +119,132 @@ func (resolver *NpmResolver) NeedSkipInstallPkgs() bool {
 }
 
 // InstallPkgs runs command 'npm install' to install node packages
-func (resolver *NpmResolver) InstallPkgs(root string) error {
+func (resolver *NpmResolver) InstallPkgs() {
 	cmd := exec.Command("npm", "install")
-	cmd.Dir = root
 	logger.Log.Println(fmt.Sprintf("Run command: %v, please wait", cmd.String()))
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
+	// Error occurs all the time in npm commands, so no return statement here
 	if err := cmd.Run(); err != nil {
-		return err
+		logger.Log.Errorln(err)
 	}
-	return nil
 }
 
-// ResolvePackageLicense resolves the licenses of the given packages.
-func (resolver *NpmResolver) ResolvePackageLicense(depName string, report *Report) error {
-	depFiles, err := ioutil.ReadDir(depName)
+// ListPkgPaths runs command 'npm ls --all --parseable' to list all the installed packages' paths, one path per line
+// Note that although the flag `--long` can show more information line like a package's name,
+// its realization and printing format is not uniform in different npm-cli versions
+func (resolver *NpmResolver) ListPkgPaths() (io.Reader, error) {
+	buffer := &bytes.Buffer{}
+	cmd := exec.Command("npm", "ls", "--all", "--parseable")

Review comment:
       This seems to list all dependencies, including `devDependencies` and their transitive dependencies as well, which is not what necessarily needed, is there any way to only list runtime dependencies, or exclude `devDependencies`?




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org