You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@skywalking.apache.org by GitBox <gi...@apache.org> on 2021/08/07 07:53:44 UTC

[GitHub] [skywalking-eyes] zooltd opened a new pull request #52: Enhance NPM dependency resolver to resolve deprecated license styles

zooltd opened a new pull request #52:
URL: https://github.com/apache/skywalking-eyes/pull/52


   This patch enhances the NPM dependency resolver to resolve deprecated license styles, which are like
   ```
   {
     "license" : {
       "type" : "ISC",
       "url" : "https://opensource.org/licenses/ISC"
     }
   }
   
   {
     "licenses" : [
       {
         "type": "MIT",
         "url": "https://www.opensource.org/licenses/mit-license.php"
       },
       {
         "type": "Apache-2.0",
         "url": "https://opensource.org/licenses/apache2.0.php"
       }
     ]
   }
   ```


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [skywalking-eyes] kezhenxu94 merged pull request #52: Enhance NPM dependency resolver to resolve deprecated license styles

Posted by GitBox <gi...@apache.org>.

kezhenxu94 merged pull request #52:
URL: https://github.com/apache/skywalking-eyes/pull/52


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [skywalking-eyes] kezhenxu94 commented on a change in pull request #52: Enhance NPM dependency resolver to resolve deprecated license styles

Posted by GitBox <gi...@apache.org>.

kezhenxu94 commented on a change in pull request #52:
URL: https://github.com/apache/skywalking-eyes/pull/52#discussion_r684602875



##########
File path: pkg/deps/npm.go
##########
@@ -206,10 +215,53 @@ func (resolver *NpmResolver) ResolvePkgFile(pkgFile string) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	if packageInfo.License == "" {
-		return "", fmt.Errorf("cannot capture the license field")
+
+	if lcs, ok := resolver.ResolveLicenseField(packageInfo.License); ok {
+		return lcs, nil
+	}
+
+	if lcs, ok := resolver.ResolveLicensesField(packageInfo.Licenses); ok {
+		return lcs, nil
+	}
+
+	return "", fmt.Errorf("cannot parse the \"license\"/\"licenses\" field")

Review comment:
       ```suggestion
   	return "", fmt.Errorf(`cannot parse the "license"/"licenses" field`)
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [skywalking-eyes] kezhenxu94 commented on a change in pull request #52: Enhance NPM dependency resolver to resolve deprecated license styles

Posted by GitBox <gi...@apache.org>.

kezhenxu94 commented on a change in pull request #52:
URL: https://github.com/apache/skywalking-eyes/pull/52#discussion_r684602822



##########
File path: pkg/deps/npm.go
##########
@@ -206,10 +215,53 @@ func (resolver *NpmResolver) ResolvePkgFile(pkgFile string) (string, error) {
 	if err != nil {
 		return "", err
 	}
-	if packageInfo.License == "" {
-		return "", fmt.Errorf("cannot capture the license field")
+
+	if lcs, ok := resolver.ResolveLicenseField(packageInfo.License); ok {
+		return lcs, nil
+	}
+
+	if lcs, ok := resolver.ResolveLicensesField(packageInfo.Licenses); ok {
+		return lcs, nil
+	}
+
+	return "", fmt.Errorf("cannot parse the \"license\"/\"licenses\" field")
+}
+
+// ResolveLicenseField parses and validates the "license" field in package.json file
+func (resolver *NpmResolver) ResolveLicenseField(rawData []byte) (string, bool) {
+	if len(rawData) > 0 {
+		switch rawData[0] {
+		case '"':
+			var lcs string
+			_ = json.Unmarshal(rawData, &lcs)
+			if lcs != "" {
+				return lcs, true
+			}
+		case '{':
+			var lcs Lcs
+			_ = json.Unmarshal(rawData, &lcs)
+			if t := lcs.Type; t != "" {
+				return t, true
+			}
+		}
+	}
+	return "", false
+}
+
+// ResolveLicensesField parses and validates the "licenses" field in package.json file
+// Additionally, the output is converted into the SPDX license expression syntax version 2.0 string, like "(ISC OR GPL-3.0)"
+func (resolver *NpmResolver) ResolveLicensesField(licenses []Lcs) (string, bool) {

Review comment:
       Let's remove `()` in the licenses and simply this
   
   ```go
   	var lcs []string
   	for _, l := range licenses {
   		lcs = append(lcs, l.Type)
   	}
   	if len(lcs) == 0 {
   		return "", false
   	}
   	return strings.Join(lcs, " OR "), true
   ```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@skywalking.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org