New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LicenseFinder fails with npm projects #519
Comments
+1 on a Angular project. /usr/local/rvm/gems/ruby-2.5.1/gems/license_finder-5.1.0/lib/license_finder/package_managers/npm.rb:35:in `npm_json': Command 'npm list --json --long' failed to execute: npm ERR! peer dep missing: @angular/common@5.2.10, required by @angular/forms@5.2.10 (RuntimeError)
npm ERR! peer dep missing: @angular/common@5.2.10, required by @angular/platform-browser@5.2.10
npm ERR! peer dep missing: @angular/common@5.2.10, required by @angular/platform-browser-dynamic@5.2.10
npm ERR! peer dep missing: @angular/common@5.2.10, required by @angular/router@5.2.10
npm ERR! peer dep missing: @angular/core@5.2.11, required by @angular/animations@5.2.11
npm ERR! peer dep missing: @angular/core@5.2.11, required by @angular/common@5.2.11
npm ERR! peer dep missing: @angular/core@^4.0.0, required by angular2-powerbi@0.1.1 |
I'm having the same issue as well. Anyone figure out a solution? |
I'm going to follow up on a couple things I did to reduce some of the errors.
This now left me with 1 ERR!
|
No matter how many I have, LicenseFinder always fails when there are missing peer dependencies 😢
|
I am also having same problem. Is there any workaround for this? |
The issue is here. LicenseFinder/lib/license_finder/package_managers/npm.rb Lines 35 to 40 in ad1ebf4
Looks like when a package has unmet peer dependencies, npm will return a list of the missing peer dependencies in stderr. An exception is raised in this case even though stdout still contains the valid data needed for license extraction. This is probably NOT the correct way to permanently fix this as it may blow up if there are more than peer dependency errors present. But if the only error is regarding unmet peer dependencies, the below work around should work in a pinch. def npm_json
command = "#{NPM.package_management_command} list --json --long#{production_flag}"
stdout, stderr, status = Dir.chdir(project_path) { Cmd.run(command) }
if not status.success? and not stderr.include? "npm ERR! peer dep missing:"
raise "Command '#{command}' failed to execute: #{stderr}"
end
JSON.parse(stdout)
end |
When using LicenseFinder on npm projects, we often have an error exit.
It's using
npm install
andnpm list
under the hood to get a list of dependencies, butnpm list
fails with:(with the project https://gitlab.com/gitlab-org/security-products/tests/js-npm for example)
The text was updated successfully, but these errors were encountered: