search

eclipse-dash / nodejs-wrapper

This wrapper makes it easy to integrate and run The Eclipse Dash License Tool in Eclipse Foundation project repositories.
Eclipse Public License 2.0
0 stars 2 forks source link

Check Exclusions Before Creating Review Requests #6

Open jfaltermeier opened 1 week ago

jfaltermeier commented 1 week ago

When working with npm workspaces, local workspaces are included in the package-lock.json file, which means they are also processed by the license checker. To address getting reviews for internal packages, I added an exclusions file. With this my CI job is green. However, the current setup still tries to open review tickets for the excluded local packages.

It would be helpful if the exclusions were checked before review tickets are created.

Affected project files:

https://github.com/eclipse-theia/theia-cloud/blob/main/node/package-lock.json https://github.com/eclipse-theia/theia-cloud/blob/main/node/configs/license-check-exclusions.json

Example output:

[main] INFO License information could not be automatically verified for the following content:
[main] INFO 
[main] INFO npm/npmjs/-/landing-page/0.1.0
[main] INFO npm/npmjs/-/testing-page/0.1.0
[main] INFO 
[main] INFO This content is either not correctly mapped by the system, or requires review.
[main] INFO A review is required for npm/npmjs/-/landing-page/0.1.0.
[main] INFO A review request was created https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab/-/issues/17097 .
[main] INFO A review is required for npm/npmjs/-/testing-page/0.1.0.
[main] INFO A review request was created https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab/-/issues/17098 .
WARN: Command [
  "java",
  "-jar",
  "/home/runner/work/theia-cloud/theia-cloud/node/node_modules/@eclipse-dash/nodejs-wrapper/download/dash-licenses.jar",
  "package-lock.json",
  "-batch",
  50,
  "-timeout",
  200,
  "-summary",
  "/home/runner/work/theia-cloud/theia-cloud/node/license-check-summary.txt",
  "-project",
  "ecd.theia",
  "-review"
] exited with code: 2
INFO: Checking dash-licenses "restricted" results against configured exclusions...
INFO: Some restricted dependencies were found in dash-licenses results, but all were excluded by configuration!
INFO: Found no dependency that requires further investigation. Good job!
INFO: Done.
waynebeaton commented 6 days ago

Related: https://github.com/eclipse-dash/dash-licenses/issues/415