dc956a0a79
* chore(19834): upgraded yargs dependency to 4.8.1 in order to remove pkg-conf dependency license conflict. * chore(19834): override xmldom to one of the allowed licenses (MIT). * chore(19834): added some overrides and whitelistenig for Apache2. * chore(19834): correct overides for some apache2 licenses. * chore(NA): updated specific dependency needs. * chore(19834): added some more info on updated licenses. * chore(19834): small note on dependencies use versions. * feat(NA): add the ability to white list licenses only valid for dev only dependencies. * chore(NA): update yarn lock files to include integrity check. * fix(NA): yarn lock file for kbn ui framework. * docs(NA): fix uncompleted comment left on the code.
69 lines
2.1 KiB
JavaScript
69 lines
2.1 KiB
JavaScript
/*
|
|
* Licensed to Elasticsearch B.V. under one or more contributor
|
|
* license agreements. See the NOTICE file distributed with
|
|
* this work for additional information regarding copyright
|
|
* ownership. Elasticsearch B.V. licenses this file to you under
|
|
* the Apache License, Version 2.0 (the "License"); you may
|
|
* not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing,
|
|
* software distributed under the License is distributed on an
|
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
* KIND, either express or implied. See the License for the
|
|
* specific language governing permissions and limitations
|
|
* under the License.
|
|
*/
|
|
|
|
import { getInstalledPackages } from '../src/dev/npm';
|
|
import {
|
|
assertLicensesValid,
|
|
LICENSE_WHITELIST,
|
|
DEV_ONLY_LICENSE_WHITELIST,
|
|
LICENSE_OVERRIDES,
|
|
} from '../src/dev/license_checker';
|
|
|
|
export default function licenses(grunt) {
|
|
grunt.registerTask('licenses', 'Checks dependency licenses', async function () {
|
|
const done = this.async();
|
|
|
|
try {
|
|
const dev = Boolean(grunt.option('dev'));
|
|
|
|
// Get full packages list according dev flag
|
|
const packages = await getInstalledPackages({
|
|
directory: grunt.config.get('root'),
|
|
licenseOverrides: LICENSE_OVERRIDES,
|
|
dev
|
|
});
|
|
// Filter the packages only used in production
|
|
const prodPackages = packages.filter(pkg => !pkg.isDevOnly);
|
|
|
|
// Assert if the found licenses in the production
|
|
// packages are valid
|
|
assertLicensesValid({
|
|
packages: prodPackages,
|
|
validLicenses: LICENSE_WHITELIST
|
|
});
|
|
|
|
// Do the same as above for the packages only used in development
|
|
// if the dev flag is found
|
|
if (dev) {
|
|
const devPackages = packages.filter(pkg => pkg.isDevOnly);
|
|
|
|
assertLicensesValid({
|
|
packages: devPackages,
|
|
validLicenses: LICENSE_WHITELIST.concat(DEV_ONLY_LICENSE_WHITELIST)
|
|
});
|
|
}
|
|
|
|
done();
|
|
} catch (err) {
|
|
grunt.fail.fatal(err);
|
|
done(err);
|
|
}
|
|
});
|
|
}
|