Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependencies with resolved CQs are still shown as restricted #20

Closed
olexii4 opened this issue Jul 29, 2020 · 4 comments
Closed

Dependencies with resolved CQs are still shown as restricted #20

olexii4 opened this issue Jul 29, 2020 · 4 comments

Comments

@olexii4
Copy link

olexii4 commented Jul 29, 2020
edited
Loading

Dependencies with resolved CQs are still shown as restricted.

For example, we already have CQs for the following runtime dependencies:
attr-accept@1.1.3(CQ22348)
dom-helpers@3.4.0(CQ22349)
file-selector@0.1.12(CQ22350)
json5@1.0.1(CQ22351)
nan@2.14.1(CQ22352)
popper.js@1.16.1(CQ22353)
prop-types-extra@1.1.1(CQ22354)
react-dropzone@9.0.0(CQ22355)
vscode-languageclient@6.1.3(CQ22358)
warning@4.0.3(CQ22359)

They were resolved a week ago.

The next run of dash-license shows that dependencies are still rejected:

…
npm/npmjs/-/attr-accept/1.1.3, unknown, restricted, none
…
npm/npmjs/-/dom-helpers/3.4.0, unknown, restricted, none
…
npm/npmjs/-/file-selector/0.1.12, unknown, restricted, none
…
npm/npmjs/-/json5/1.0.1, unknown, restricted, none
…
npm/npmjs/-/nan/2.14.1, unknown, restricted, none
…
npm/npmjs/-/popper.js/1.16.1, unknown, restricted, none
…
npm/npmjs/-/prop-types-extra/1.1.1, unknown, restricted, none
…
npm/npmjs/-/react-dropzone/9.0.0, unknown, restricted, none
…
npm/npmjs/-/vscode-languageclient/6.1.3, unknown, restricted, none
…
npm/npmjs/-/warning/4.0.3, unknown, restricted, none
…

dash-licenses commit

b907560

Steps to reproduce:

  1. Clone and build dash-licenses.
$ git clone https://github.com/eclipse/dash-licenses.git
$ cd dash-licenses && mvn clean install
$ cd yarn && yarn install && cd -
  1. Download the target yarn.lock file.
$ wget https://raw.githubusercontent.com/che-incubator/che-dashboard-next/master/yarn.lock
  1. Run dash-licenses
$ node yarn/index.js | java -jar target/org.eclipse.dash.licenses-0.0.1-SNAPSHOT.jar -

The new file DEPENDENCIES will be created
@olexii4 olexii4 mentioned this issue Jul 30, 2020
Merged
@waynebeaton
Copy link
Member

There was a bug in the script that pulls the NPM id from the CQ description. I've fixed it.

Try it now.

@olexii4
Copy link
Author

olexii4 commented Aug 11, 2020
edited
Loading

@waynebeaton Many thanks. It works much better now, but we still have some missings.

For example: 'npm/npmjs/@types/axios/0.14.0'

...
npm/npmjs/-/detect-node/2.0.4, unknown, restricted, none
npm/npmjs/@types/axios/0.14.0, unknown, restricted, none
npm/npmjs/-/remark-parse/6.0.3, unknown, restricted, none
...

But we have https://dev.eclipse.org/ipzilla/show_bug.cgi?id=22386
And 'npm/npmjs/@types/axios/0.14.0' was included.

@waynebeaton
Copy link
Member

I haven't quite figured out how to deal with "works with" dependencies. See #13.

@olexii4
Copy link
Author

olexii4 commented Aug 17, 2020

Thanks

@olexii4 olexii4 closed this as completed Aug 17, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@waynebeaton @olexii4