[+1] vote 胡锋 <[email protected]> 于2020年1月15日周三 下午12:15写道:
> Hi Justin, > > We don't actually use default-stylesheet.js. > > dubbo-js git/v3.0.0* > ❯ yarn why jsdom > yarn why v1.21.1 > [1/4] 🤔 Why do we have the module "jsdom"...? > [2/4] 🚚 Initialising dependency graph... > [3/4] 🔍 Finding dependency... > [4/4] 🚡 Calculating file sizes... > => Found "[email protected]" > info Reasons this module exists > - "_project_#ts-jest#jest-config#jest-environment-jsdom" depends on it > - Hoisted from > "_project_#ts-jest#jest-config#jest-environment-jsdom#jsdom" > info Disk size without dependencies: "2MB" > info Disk size with unique dependencies: "7.45MB" > info Disk size with transitive dependencies: "14.83MB" > info Number of shared dependencies: 28 > ✨ Done in 0.51s. > > jest unit testing framework includes this dependency > > Justin Mclean <[email protected]> 于2020年1月15日周三 上午5:36写道: > >> Hi, >> >> +1 (binding) >> >> I checked: >> - signatures and hashes are fine >> - LICENSE is fine >> - NOTICE all good >> - No unexpected binary files >> - All files have ASF headers >> - Can compile from source >> >> There is however another possible more serious issue in that this package >> may have A GPL dependancy, after compiling I can see this GPL licensed file >> [1]. While JSdom is MIT licensed is seems it contains this file which is >> GPL licensed, is this file actually used? >> >> Thanks, >> Justin >> >> 1. ./node_modules/jsdom/lib/jsdom/browser/default-stylesheet.js >> >> >>
