-
Notifications
You must be signed in to change notification settings - Fork 981
/
Copy pathrun_check_licenses_cli.ts
72 lines (66 loc) · 2.3 KB
/
run_check_licenses_cli.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
/*
* SPDX-License-Identifier: Apache-2.0
*
* The OpenSearch Contributors require contributions made to
* this file be licensed under the Apache-2.0 license or a
* compatible open source license.
*
* Any modifications Copyright OpenSearch Contributors. See
* GitHub history for details.
*/
/*
* Licensed to Elasticsearch B.V. under one or more contributor
* license agreements. See the NOTICE file distributed with
* this work for additional information regarding copyright
* ownership. Elasticsearch B.V. licenses this file to you under
* the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
import { REPO_ROOT } from '@osd/utils';
import { run } from '@osd/dev-utils';
import { getInstalledPackages } from '../npm';
import { LICENSE_WHITELIST, DEV_ONLY_LICENSE_WHITELIST, LICENSE_OVERRIDES } from './config';
import { assertLicensesValid } from './valid';
run(
async ({ log, flags }) => {
const packages = await getInstalledPackages({
directory: REPO_ROOT,
licenseOverrides: LICENSE_OVERRIDES,
includeDev: !!flags.dev,
});
// Assert if the found licenses in the production
// packages are valid
assertLicensesValid({
packages: packages.filter((pkg) => !pkg.isDevOnly),
validLicenses: LICENSE_WHITELIST,
});
log.success('All production dependency licenses are allowed');
// Do the same as above for the packages only used in development
// if the dev flag is found
if (flags.dev) {
assertLicensesValid({
packages: packages.filter((pkg) => pkg.isDevOnly),
validLicenses: LICENSE_WHITELIST.concat(DEV_ONLY_LICENSE_WHITELIST),
});
log.success('All development dependency licenses are allowed');
}
},
{
flags: {
boolean: ['dev'],
help: `
--dev Also check dev dependencies
`,
},
}
);