2021-01-06 18:13:56 +00:00
|
|
|
#!/bin/bash
|
2021-06-22 11:52:34 +00:00
|
|
|
OUTPUT_DIR="$(rpm -E '%{_sourcedir}')"
|
2021-01-06 18:13:56 +00:00
|
|
|
|
|
|
|
usage() {
|
2022-05-01 15:42:30 +00:00
|
|
|
echo "Usage `basename $0` <npm_name> [version] [tarball]" >&2
|
2021-01-06 18:13:56 +00:00
|
|
|
echo >&2
|
|
|
|
echo " Given a npm module name, and optionally a version," >&2
|
|
|
|
echo " download the npm, the prod and dev dependencies," >&2
|
|
|
|
echo " each in their own tarball." >&2
|
|
|
|
echo " Also finds licenses prod dependencies." >&2
|
2022-01-02 19:51:00 +00:00
|
|
|
echo " All three tarballs and the license list are copied to ${OUTPUT_DIR}" >&2
|
2022-05-01 15:42:30 +00:00
|
|
|
echo " If a tarball is passed, use that instead of downloading from npm" >&2
|
2021-01-06 18:13:56 +00:00
|
|
|
echo >&2
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
|
|
|
|
if ! [ -f /usr/bin/npm ]; then
|
|
|
|
echo >&2
|
|
|
|
echo "`basename $0` requires npm to run" >&2
|
|
|
|
echo >&2
|
|
|
|
echo "Run the following to fix this" >&2
|
|
|
|
echo " sudo dnf install npm" >&2
|
|
|
|
echo >&2
|
|
|
|
exit 2
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ $# -lt 1 ]; then
|
|
|
|
usage
|
|
|
|
else
|
|
|
|
case $1 in
|
|
|
|
-h | --help )
|
|
|
|
usage
|
|
|
|
;;
|
|
|
|
* )
|
|
|
|
PACKAGE="$1"
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ $# -ge 2 ]; then
|
|
|
|
VERSION="$2"
|
2022-05-01 15:42:30 +00:00
|
|
|
if [ $# -ge 3 ]; then
|
|
|
|
TARBALL="$(realpath "$3")"
|
|
|
|
fi
|
2021-01-06 18:13:56 +00:00
|
|
|
else
|
|
|
|
VERSION="$(npm view ${PACKAGE} version)"
|
|
|
|
fi
|
2021-01-18 00:22:03 +00:00
|
|
|
# the package name might contain invalid characters, sanitize first
|
|
|
|
PACKAGE_SAFE=$(echo $PACKAGE | sed -e 's|/|-|g')
|
2021-01-06 18:13:56 +00:00
|
|
|
TMP_DIR=$(mktemp -d -t ci-XXXXXXXXXX)
|
|
|
|
mkdir -p ${OUTPUT_DIR}
|
|
|
|
mkdir -p ${TMP_DIR}
|
|
|
|
pushd ${TMP_DIR}
|
2022-05-01 15:42:30 +00:00
|
|
|
if [ -f "$TARBALL" ]; then
|
|
|
|
TARBALL_DIR=$(mktemp -d -t ci-XXXXXXXXXX)
|
|
|
|
pushd ${TARBALL_DIR}
|
|
|
|
tar xfz ${TARBALL} --strip-components 1
|
|
|
|
npm pack .
|
|
|
|
popd > /dev/null
|
|
|
|
mv ${TARBALL_DIR}/*.tgz .
|
|
|
|
rm -rf ${TARBALL_DIR}
|
|
|
|
else
|
|
|
|
npm pack ${PACKAGE}
|
|
|
|
fi
|
2021-01-06 18:13:56 +00:00
|
|
|
tar xfz *.tgz
|
|
|
|
cd package
|
2022-07-02 18:40:15 +00:00
|
|
|
for packagejson in $(find . -type d -name node_modules\* -prune -o -type f -name package.json -print); do
|
|
|
|
pushd $(dirname $packagejson)
|
|
|
|
echo " Downloading prod dependencies"
|
|
|
|
npm install --no-optional --only=prod
|
|
|
|
if [ $? -ge 1 ] ; then
|
|
|
|
echo " ERROR WILL ROBINSON"
|
2021-01-06 18:13:56 +00:00
|
|
|
rm -rf node_modules
|
2022-07-02 18:40:15 +00:00
|
|
|
else
|
|
|
|
echo " Successful prod dependencies download"
|
2021-01-06 18:13:56 +00:00
|
|
|
mv node_modules/ node_modules_prod
|
2022-07-02 18:40:15 +00:00
|
|
|
fi
|
|
|
|
popd
|
|
|
|
done
|
|
|
|
|
2021-01-06 18:13:56 +00:00
|
|
|
echo "LICENSES IN BUNDLE:"
|
2021-03-04 19:49:35 +00:00
|
|
|
find . -name "package.json" -exec jq '.license | strings' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt
|
|
|
|
find . -name "package.json" -exec jq '.license | objects | .type' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt 2>/dev/null
|
2021-01-18 00:22:03 +00:00
|
|
|
find . -name "package.json" -exec jq '.licenses[] .type' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt 2>/dev/null
|
|
|
|
sort -u -o ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt
|
2021-03-04 20:15:36 +00:00
|
|
|
|
|
|
|
# Locate any dependencies without a provided license
|
|
|
|
find . -type f -name package.json -execdir jq 'if .license==null and .licenses==null then .name else null end' '{}' '+' | grep -vE '^null$' | sort -u > ${TMP_DIR}/nolicense.txt
|
|
|
|
|
|
|
|
if [ -s ${TMP_DIR}/nolicense.txt ]; then
|
|
|
|
echo -e "\e[5m\e[41mSome dependencies do not list a license. Manual verification required!\e[0m"
|
|
|
|
cat ${TMP_DIR}/nolicense.txt
|
|
|
|
echo -e "\e[5m\e[41m======================================================================\e[0m"
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
2022-07-02 18:40:15 +00:00
|
|
|
for packagejson in $(find . -type d -name node_modules\* -prune -o -type f -name package.json -print); do
|
|
|
|
pushd $(dirname $packagejson)
|
|
|
|
echo " Downloading dev dependencies"
|
|
|
|
npm install --no-optional --only=dev
|
|
|
|
if [ $? -ge 1 ] ; then
|
|
|
|
echo " ERROR WILL ROBINSON"
|
|
|
|
else
|
|
|
|
echo " Successful dev dependencies download"
|
2021-01-06 18:13:56 +00:00
|
|
|
mv node_modules/ node_modules_dev
|
2022-07-02 18:40:15 +00:00
|
|
|
fi
|
|
|
|
popd
|
|
|
|
done
|
2021-01-06 18:13:56 +00:00
|
|
|
if [ -d node_modules_prod ] ; then
|
2022-07-02 18:40:15 +00:00
|
|
|
tar cfz ../${PACKAGE_SAFE}-${VERSION}-nm-prod.tgz $(find . -type d -name node_modules_prod)
|
2021-01-06 18:13:56 +00:00
|
|
|
fi
|
|
|
|
if [ -d node_modules_dev ] ; then
|
2022-07-02 18:40:15 +00:00
|
|
|
tar cfz ../${PACKAGE_SAFE}-${VERSION}-nm-dev.tgz $(find . -type d -name node_modules_dev)
|
2021-01-06 18:13:56 +00:00
|
|
|
fi
|
|
|
|
cd ..
|
2021-06-22 11:50:42 +00:00
|
|
|
cp -v ${PACKAGE_SAFE}-${VERSION}* "${OUTPUT_DIR}"
|
2021-01-06 18:13:56 +00:00
|
|
|
popd > /dev/null
|
|
|
|
rm -rf ${TMP_DIR}
|