Class: Licensed::Sources::NPM

Inherits:
Source
  • Object
show all
Defined in:
lib/licensed/sources/npm.rb

Instance Attribute Summary

Attributes inherited from Source

#config

Class Method Summary collapse

Instance Method Summary collapse

Methods inherited from Source

#dependencies, #ignored?, inherited, #initialize

Constructor Details

This class inherits a constructor from Licensed::Sources::Source

Class Method Details

.typeObject 



7
8
9
 
# File 'lib/licensed/sources/npm.rb', line 7

def self.type
  "npm"
end

Instance Method Details

#enabled?Boolean

Returns:

  • (Boolean) 


11
12
13
 
# File 'lib/licensed/sources/npm.rb', line 11

def enabled?
  Licensed::Shell.tool_available?("npm") && File.exist?(config.pwd.join("package.json"))
end

#enumerate_dependenciesObject 



15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
# File 'lib/licensed/sources/npm.rb', line 15

def enumerate_dependencies
  packages.map do |name, package|
    path = package["path"]
    Dependency.new(
      name: name,
      version: package["version"],
      path: path,
      metadata: {
        "type"     => NPM.type,
        "name"     => package["name"],
        "summary"  => package["description"],
        "homepage" => package["homepage"]
      }
    )
  end
end

#include_non_production?Boolean

Returns whether to include non production dependencies based on the licensed configuration settings

Returns:

  • (Boolean) 


84
85
86
 
# File 'lib/licensed/sources/npm.rb', line 84

def include_non_production?
  config.dig("npm", "production_only") == false
end

#package_metadataObject

Returns parsed package metadata returned from ‘npm list`



60
61
62
63
64
65
66
67
68
69
 
# File 'lib/licensed/sources/npm.rb', line 60

def package_metadata
  return @package_metadata if defined?(@package_metadata)

  @package_metadata = begin
    JSON.parse(package_metadata_command)
  rescue JSON::ParserError => e
    raise Licensed::Sources::Source::Error,
      "Licensed was unable to parse the output from 'npm list'. Please run 'npm list --json --long' and check for errors. Error: #{e.message}"
  end
end

#package_metadata_commandObject

Returns the output from running ‘npm list` to get package metadata



72
73
74
75
76
 
# File 'lib/licensed/sources/npm.rb', line 72

def package_metadata_command
  args = %w(--json --long)
  args << "--production" unless include_non_production?
  Licensed::Shell.execute("npm", "list", *args, allow_failure: true)
end

#packagesObject 



32
33
34
35
36
37
38
39
40
41
42
43
44
45
 
# File 'lib/licensed/sources/npm.rb', line 32

def packages
  root_dependencies = package_metadata["dependencies"]
  recursive_dependencies(root_dependencies).each_with_object({}) do |(name, results), hsh|
    results.uniq! { |package| package["version"] }
    if results.size == 1
      hsh[name] = results[0]
    else
      results.each do |package|
        name_with_version = "#{name}-#{package["version"]}"
        hsh[name_with_version] = package
      end
    end
  end
end

#recursive_dependencies(dependencies, result = {}) ⇒ Object

Recursively parse dependency JSON data. Returns a hash mapping the package name to it’s metadata



49
50
51
52
53
54
55
56
57
 
# File 'lib/licensed/sources/npm.rb', line 49

def recursive_dependencies(dependencies, result = {})
  dependencies.each do |name, dependency|
    next if dependency["peerMissing"]
    next if yarn_lock_present && dependency["missing"]
    (result[name] ||= []) << dependency
    recursive_dependencies(dependency["dependencies"] || {}, result)
  end
  result
end

#yarn_lock_presentObject

Returns true if a yarn.lock file exists in the current directory



79
80
81
 
# File 'lib/licensed/sources/npm.rb', line 79

def yarn_lock_present
  @yarn_lock_present ||= File.exist?(config.pwd.join("yarn.lock"))
end