Hello community, here is the log from the commit of package nodejs-validate-npm-package-license for openSUSE:Factory checked in at 2015-08-05 06:51:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nodejs-validate-npm-package-license (Old) and /work/SRC/openSUSE:Factory/.nodejs-validate-npm-package-license.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nodejs-validate-npm-package-license" Changes: -------- --- /work/SRC/openSUSE:Factory/nodejs-validate-npm-package-license/nodejs-validate-npm-package-license.changes 2015-07-05 18:01:54.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs-validate-npm-package-license.new/nodejs-validate-npm-package-license.changes 2015-08-05 06:51:14.000000000 +0200 @@ -1,0 +2,5 @@ +Wed Jul 29 14:24:35 UTC 2015 - i...@marguerite.su + +- update version 2.0.0 + +------------------------------------------------------------------- Old: ---- validate-npm-package-license-1.0.0.tgz New: ---- validate-npm-package-license-2.0.0.tgz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nodejs-validate-npm-package-license.spec ++++++ --- /var/tmp/diff_new_pack.NuLHvg/_old 2015-08-05 06:51:14.000000000 +0200 +++ /var/tmp/diff_new_pack.NuLHvg/_new 2015-08-05 06:51:14.000000000 +0200 @@ -19,7 +19,7 @@ %define base_name validate-npm-package-license Name: nodejs-%{base_name} -Version: 1.0.0 +Version: 2.0.0 Release: 0 Summary: Validate npm package licenses License: Apache-2.0 @@ -29,7 +29,6 @@ BuildRequires: nodejs-packaging BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch -ExclusiveArch: %{ix86} x86_64 %{arm} noarch %nodejs_find_provides_and_requires @@ -42,13 +41,13 @@ %build %install -mkdir -p %{buildroot}%{nodejs_modulesdir}/%{base_name} +mkdir -p %{buildroot}%{nodejs_sitelib}/%{base_name} cp -pr package.json index.js \ - %{buildroot}%{nodejs_modulesdir}/%{base_name}/ + %{buildroot}%{nodejs_sitelib}/%{base_name}/ %files %defattr(-,root,root,-) %doc README.md LICENSE -%{nodejs_modulesdir}/%{base_name} +%{nodejs_sitelib}/%{base_name} %changelog ++++++ validate-npm-package-license-1.0.0.tgz -> validate-npm-package-license-2.0.0.tgz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/package/README.md new/package/README.md --- old/package/README.md 2015-06-06 00:13:31.000000000 +0200 +++ new/package/README.md 2015-06-19 09:36:39.000000000 +0200 @@ -6,22 +6,56 @@ <!-- js var valid = require('./'); --> ```js -var validResult = { +var noWarnings = { validForNewPackages: true, validForOldPackages: true }; -valid('Apache-2.0'); // => validResult -valid('(GPL-3.0 OR BSD-2-Clause)'); // => validResult +// SPDX license identifier for common open-source licenses +valid('MIT'); // => noWarnings +valid('BSD-2-Clause'); // => noWarnings +valid('Apache-2.0'); // => noWarnings +valid('ISC'); // => noWarnings -var invalidResult = { +// Simple SPDX license expression for dual licensing +valid('(GPL-3.0 OR BSD-2-Clause)'); // => noWarnings + +// Refer to a non-standard license found in the package +valid('SEE LICENSE IN LICENSE.txt'); // => noWarnings +valid('SEE LICENSE IN license.md'); // => noWarnings + +// No license +valid('UNLICENSED'); // => noWarnings +valid('UNLICENCED'); // => noWarnings + +var warningsWithSuggestion = { + validForOldPackages: false, + validForNewPackages: false, + warnings: [ + 'license should be ' + + 'a valid SPDX license expression without "LicenseRef", ' + + '"UNLICENSED", or ' + + '"SEE LICENSE IN <filename>"', + 'license is similar to the valid expression "Apache-2.0"' + ] +}; + +// Almost a valid SPDX license identifier +valid('Apache 2.0'); // => warningsWithSuggestion + +var warningAboutLicenseRef = { validForOldPackages: false, validForNewPackages: false, warnings: [ - 'license should be a valid SPDX license expression', - 'license is similar to the valid expression "Apache-2.0"' + 'license should be ' + + 'a valid SPDX license expression without "LicenseRef", ' + + '"UNLICENSED", or ' + + '"SEE LICENSE IN <filename>"', ] }; -valid('Apache 2.0'); // => invalidResult +// LicenseRef-* identifiers are valid SPDX expressions, +// but not valid in package.json +valid('LicenseRef-Made-Up'); // => warningAboutLicenseRef +valid('(MIT OR LicenseRef-Made-Up)'); // => warningAboutLicenseRef ``` diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/package/index.js new/package/index.js --- old/package/index.js 2015-05-03 23:28:44.000000000 +0200 +++ new/package/index.js 2015-06-19 09:36:39.000000000 +0200 @@ -1,26 +1,74 @@ var spdx = require('spdx'); var correct = require('spdx-correct'); -module.exports = function(argument) { - if (spdx.valid(argument)) { - return { - validForNewPackages: true, - validForOldPackages: true - }; +var validResult = { + validForNewPackages: true, + validForOldPackages: true +}; + +var genericWarning = ( + 'license should be ' + + 'a valid SPDX license expression without "LicenseRef", ' + + '"UNLICENSED", or ' + + '"SEE LICENSE IN <filename>"' +); + +var fileReferenceRE = /^SEE LICEN[CS]E IN (.+)$/; + +function startsWith(prefix, string) { + return string.slice(0, prefix.length) === prefix; +} + +function usesLicenseRef(ast) { + if (ast.hasOwnProperty('license')) { + var license = ast.license; + return ( + startsWith('LicenseRef', license) || + startsWith('DocumentRef', license) + ); } else { - var warnings = [ - 'license should be a valid SPDX license expression' - ]; - var corrected = correct(argument); - if (corrected) { - warnings.push( - 'license is similar to the valid expression "' + corrected + '"' - ); + return ( + usesLicenseRef(ast.left) || + usesLicenseRef(ast.right) + ); + } +} + +module.exports = function(argument) { + var ast; + + try { + ast = spdx.parse(argument); + } catch (e) { + if ( + argument === 'UNLICENSED' || + argument === 'UNLICENCED' || + fileReferenceRE.test(argument) + ) { + return validResult; + } else { + var result = { + validForOldPackages: false, + validForNewPackages: false, + warnings: [genericWarning] + }; + var corrected = correct(argument); + if (corrected) { + result.warnings.push( + 'license is similar to the valid expression "' + corrected + '"' + ); + } + return result; } + } + + if (usesLicenseRef(ast)) { return { - validForOldPackages: false, validForNewPackages: false, - warnings: warnings + validForOldPackages: false, + warnings: [genericWarning] }; + } else { + return validResult; } }; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/package/package.json new/package/package.json --- old/package/package.json 2015-06-06 00:13:59.000000000 +0200 +++ new/package/package.json 2015-06-19 09:38:15.000000000 +0200 @@ -1,7 +1,7 @@ { "name": "validate-npm-package-license", "description": "Give me a string and I'll tell you if it's a valid npm package license string", - "version": "1.0.0", + "version": "2.0.0", "author": { "name": "Kyle E. Mitchell", "email": "k...@kemitchell.com",