github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-20 07:48:52 -04:00
Code Issues Projects Releases Packages Wiki Activity
kibana/tasks/licenses.js
Tiago Costa dc956a0a79
Fix non-conforming licenses on devDependencies and add the ability to whitelisting devOnly licenses (#23859) 
* chore(19834): upgraded yargs dependency to 4.8.1 in order to remove pkg-conf dependency license conflict.

* chore(19834): override xmldom to one of the allowed licenses (MIT).

* chore(19834): added some overrides and whitelistenig for Apache2.

* chore(19834): correct overides for some apache2 licenses.

* chore(NA): updated specific dependency needs.

* chore(19834): added some more info on updated licenses.

* chore(19834): small note on dependencies use versions.

* feat(NA): add the ability to white list licenses only valid for dev only dependencies.

* chore(NA): update yarn lock files to include integrity check.

* fix(NA): yarn lock file for kbn ui framework.

* docs(NA): fix uncompleted comment left on the code.
2018-11-09 02:11:17 +00:00

68 lines
2.1 KiB
JavaScript
Raw Permalink Blame History

/*
* Licensed to Elasticsearch B.V. under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch B.V. licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import { getInstalledPackages } from '../src/dev/npm';
import {
assertLicensesValid,
LICENSE_WHITELIST,
DEV_ONLY_LICENSE_WHITELIST,
LICENSE_OVERRIDES,
} from '../src/dev/license_checker';
export default function licenses(grunt) {
grunt.registerTask('licenses', 'Checks dependency licenses', async function () {
const done = this.async();
try {
const dev = Boolean(grunt.option('dev'));
// Get full packages list according dev flag
const packages = await getInstalledPackages({
directory: grunt.config.get('root'),
licenseOverrides: LICENSE_OVERRIDES,
dev
});
// Filter the packages only used in production
const prodPackages = packages.filter(pkg => !pkg.isDevOnly);
// Assert if the found licenses in the production
// packages are valid
assertLicensesValid({
packages: prodPackages,
validLicenses: LICENSE_WHITELIST
});
// Do the same as above for the packages only used in development
// if the dev flag is found
if (dev) {
const devPackages = packages.filter(pkg => pkg.isDevOnly);
assertLicensesValid({
packages: devPackages,
validLicenses: LICENSE_WHITELIST.concat(DEV_ONLY_LICENSE_WHITELIST)
});
}
done();
} catch (err) {
grunt.fail.fatal(err);
done(err);
}
});
}
Reference in a new issue View git blame Copy permalink