bundler: Add warning for deps missing license tag

Resolves: rhbz#1920223

Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
This commit is contained in:
Stephen Gallagher 2021-03-04 15:15:36 -05:00 committed by sgallagh
parent 7aed687bf8
commit e7b09b6fec

View File

@ -64,6 +64,17 @@ find . -name "package.json" -exec jq '.license | strings' {} \; >> ${TMP_DIR}/${
find . -name "package.json" -exec jq '.license | objects | .type' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt 2>/dev/null find . -name "package.json" -exec jq '.license | objects | .type' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt 2>/dev/null
find . -name "package.json" -exec jq '.licenses[] .type' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt 2>/dev/null find . -name "package.json" -exec jq '.licenses[] .type' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt 2>/dev/null
sort -u -o ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt sort -u -o ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt
# Locate any dependencies without a provided license
find . -type f -name package.json -execdir jq 'if .license==null and .licenses==null then .name else null end' '{}' '+' | grep -vE '^null$' | sort -u > ${TMP_DIR}/nolicense.txt
if [ -s ${TMP_DIR}/nolicense.txt ]; then
echo -e "\e[5m\e[41mSome dependencies do not list a license. Manual verification required!\e[0m"
cat ${TMP_DIR}/nolicense.txt
echo -e "\e[5m\e[41m======================================================================\e[0m"
fi
echo " Downloading dev dependencies" echo " Downloading dev dependencies"
npm install --no-optional --only=dev npm install --no-optional --only=dev
if [ $? -ge 1 ] ; then if [ $? -ge 1 ] ; then