[Feature request] Regex support for package exlusions

kessler / license-report

create a short report about a project's dependencies (license, url etc)

MIT License

223 stars 39 forks source link

[Feature request] Regex support for package exlusions #139

Closed elmaxe closed 11 months ago

elmaxe commented 1 year ago

If you want to exclude packages with a common pattern, you currently have to list all packages you want to exclude. With regex support, you could specify a single regex to exclude many packages.

Example config.json

{
  "exclude": [
    "^@blabla.*"
  ]
}

BePo65 commented 1 year ago

Sounds good; let me think a few days about the consequences.

BePo65 commented 1 year ago

So I have a 2 questions:

do you have a real use case and what does it look like?
as regex is quite a costly operation: how to differentiate between simple and regex excludes (e.g. add a new configuration parameter)?

elmaxe commented 1 year ago

do you have a real use case and what does it look like?

We use this package to get the list of open source packages our app uses, which is required in many licenses. We have some internal packages at my company that we don't want to show up in this list. Right now we have to add every single one of those internal packages to the list of exclusions. Since they all have a common prefix (@company/<package-name>), it would be easier to specify a regex to exclude all packages that starts with @company.

as regex is quite a costly operation: how to differentiate between simple and regex excludes (e.g. add a new configuration parameter)?

I asked chatgpt for an example, and it suggested the following:

{
  "exclude": [
    "string_to_exclude_1",
    "string_to_exclude_2",
    ...
  ],
  "excludeRegex": [
    "regex_pattern_1",
    "regex_pattern_2",
    ...
  ]
}

but perhaps something like this would be better

{
  "exclude": {
    strings: [...],
    regex: [...]
  }
}

BePo65 commented 1 year ago

I could imagine that the use case is quite common, so this would be a good new feature for license-report.

As a solution I would prefer the "excludeRegex" variant, as this would not break any current installations. Do you have the time to create a PR for this?

elmaxe commented 1 year ago

I could imagine that the use case is quite common, so this would be a good new feature for license-report.

As a solution I would prefer the "excludeRegex" variant, as this would not break any current installations. Do you have the time to create a PR for this?

Great! I will try to find some time!

BePo65 commented 1 year ago

I had some time to play around with this feature and created a pull request (#144). Instead of an array of regular expressions, I used a single one, as this simplified the code. If more than one 'group of packages' is to be excluded this way, the regular expression must simply account for these 'groups'.

If you want, you can throw a look at the modifications before I merge the pr.

BePo65 commented 11 months ago

solved by pr #144