Closed tobybellwood closed 6 years ago
hiqsol
commented
6 years ago The chosen bower package is linked to https://github.com/harvesthq/chosen-package
You can check it at Bower registry: https://registry.bower.io/packages/chosen
So I can't help with it.
It is sad nobody answers your issue at Drupal.org Library Packaging Whitelist. I think the problem should be solved there as you suggested.
tobybellwood
commented
6 years ago Thanks @hiqsol - just trying to get to the bottom of how the chain fits together!
Looks like chosen have changed something along the way, and bower has/hasn't picked it up properly!
tobybellwood
commented
6 years ago (quick follow-up) As more packages are chosing yarn over bower, is there any plan to extend asset-packagist to support yarn-asset?
hiqsol
commented
6 years ago Yarn is an alternative client to NPM packages which are already provided as npm-asset.
So, it's already there ;)
tobybellwood
commented
6 years ago oh yeah - good point 😀
I'll have a dig through the logic to see how I can get npm-asset to grab the source, not the npm tgz version
Looking at https://asset-packagist.org/p/bower-asset/chosen/latest.json
The zip URLs are coming up as https://api.github.com/repos/harvesthq/bower-chosen , which is just a link to the official https://github.com/harvesthq/chosen-package
This causes the bower-asset to fail the drupal whitelist process (https://www.drupal.org/project/drupalorg_whitelist/issues/2954806).
Do you source the data in chosen/latest.json from somewhere, or can you override it?