77 */
88// tslint:disable:no-implicit-dependencies
99import { JsonObject , logging } from '@angular-devkit/core' ;
10+ import * as path from 'path' ;
11+ import { packages } from '../lib/packages' ;
1012
1113require ( '../lib/bootstrap-local' ) ;
1214
13- const path = require ( 'path' ) ;
1415const spdxSatisfies = require ( 'spdx-satisfies' ) ;
1516
1617
@@ -43,9 +44,6 @@ const licensesWhitelist = [
4344
4445 // Combinations.
4546 '(AFL-2.1 OR BSD-2-Clause)' ,
46- '(MIT OR CC-BY-3.0)' ,
47- '(MIT OR Apache-2.0)' ,
48- '(MIT OR BSD-3-Clause)' ,
4947] ;
5048
5149// Name variations of SPDX licenses that some packages have.
@@ -62,40 +60,39 @@ const licenseReplacements: { [key: string]: string } = {
6260
6361// Specific packages to ignore, add a reason in a comment. Format: package-name@version.
6462const ignoredPackages = [
65- '[email protected] ' , // CC0 but it's content only (index.json, no code) and not distributed. 63+ // * Development only
6664 '[email protected] ' , // CC0 but it's content only (index.json, no code) and not distributed. 67- '[email protected] ' , // MIT, license but it's not listed in package.json. 68- '[email protected] ' , // LGPL,MIT but has a broken licenses array. 69- '[email protected] ' , // Apache-2.0 but broken license in package.json 65+ '[email protected] ' , // LGPL-3.0 but only used as a tool, not linked in the build. 66+
67+ // * Broken license fields
68+ '[email protected] ' , // MIT but no license field in package.json 7069 '[email protected] ' , // MIT but broken license in package.json 70+ '[email protected] ' , // Apache-2.0 but broken license in package.json 7171
72+ // * Other
7273 '[email protected] ' , // TODO(hansl): fix this. this is not an acceptable license, but is 8 deps down 7374 // so hard to manage. In talk with owner and users to switch over.
74-
75- '[email protected] ' , // TODO(filipesilva): remove this when karma is moved to e2e tests. 75+ '[email protected] ' , // Zlib -- TODO(filipesilva): remove this when karma is moved to e2e tests. 7676 // TODO(filipesilva): remove this when spec_large is moved to e2e tests.
7777 '[email protected] ' , // (OFL-1.1 AND MIT) 78-
79- '@webassemblyjs/[email protected] ' , // MIT but no LICENSE file. `license` field in package.json. 80- '@webassemblyjs/[email protected] ' , // Apache 2.0 license, but get discovered as "Apache". 81- '@webassemblyjs/[email protected] ' , // Apache 2.0 license, but get discovered as "Apache". 82-
83- '[email protected] ' , // LGPL-3.0 but only used as a tool, not linked in the build. 8478] ;
8579
80+ // Ignore own packages (all MIT)
81+ for ( const packageName of Object . keys ( packages ) ) {
82+ ignoredPackages . push ( `${ packageName } ) ;
83+ }
84+
8685// Find all folders directly under a `node_modules` that have a package.json.
8786const checker = require ( 'license-checker' ) ;
8887
8988
9089// Check if a license is accepted by an array of accepted licenses
9190function _passesSpdx ( licenses : string [ ] , accepted : string [ ] ) {
92- return accepted . some ( l => {
93- try {
94- return spdxSatisfies ( licenses . join ( ' AND ' ) , l ) ;
95- } catch ( _ ) {
96- return false ;
97- }
98- } ) ;
91+ try {
92+ return spdxSatisfies ( licenses . join ( ' AND ' ) , accepted . join ( ' OR ' ) ) ;
93+ } catch {
94+ return false ;
95+ }
9996}
10097
10198
@@ -113,8 +110,7 @@ export default function (_options: {}, logger: logging.Logger): Promise<number>
113110 . map ( key => ( {
114111 id : key ,
115112 licenses : ( [ ] as string [ ] )
116- // tslint:disable-next-line:non-null-operator
117- . concat ( ( json [ key ] ! as JsonObject ) . licenses as string [ ] )
113+ . concat ( ( json [ key ] as JsonObject ) . licenses as string [ ] )
118114 // `*` is used when the license is guessed.
119115 . map ( x => x . replace ( / \* $ / , '' ) )
120116 . map ( x => x in licenseReplacements ? licenseReplacements [ x ] : x ) ,
0 commit comments