diff --git a/README.md b/README.md index f0c2a1a..cbad903 100644 --- a/README.md +++ b/README.md @@ -83,7 +83,7 @@ Update the RPM spec %changelog appropriately. ## (Preferred) Perform a scratch-build on at least one architecture ``` -fedpkg scratch-build [--arches x86_64] --srpm +fedpkg scratch-build [--arch x86_64] --srpm ``` Verify that it built successfully. diff --git a/nodejs-packaging-bundler b/nodejs-packaging-bundler index 8a1f83c..5be05e1 100755 --- a/nodejs-packaging-bundler +++ b/nodejs-packaging-bundler @@ -1,5 +1,5 @@ #!/bin/bash -OUTPUT_DIR="${HOME}/rpmbuild/SOURCES" +OUTPUT_DIR="$(rpm -E '%{_sourcedir}')" usage() { echo "Usage `basename $0` [version] " >&2 @@ -8,7 +8,7 @@ usage() { echo " download the npm, the prod and dev dependencies," >&2 echo " each in their own tarball." >&2 echo " Also finds licenses prod dependencies." >&2 - echo " All three tarballs and license list are copied to ${OUTPUT_DIR}" >&2 + echo " All three tarballs and the license list are copied to ${OUTPUT_DIR}" >&2 echo >&2 exit 1 } @@ -56,20 +56,31 @@ if [ $? -ge 1 ] ; then echo " ERROR WILL ROBINSON" rm -rf node_modules else - echo " Successful prod dependences download" + echo " Successful prod dependencies download" mv node_modules/ node_modules_prod fi echo "LICENSES IN BUNDLE:" -find . -name "package.json" -exec jq .license {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt +find . -name "package.json" -exec jq '.license | strings' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt +find . -name "package.json" -exec jq '.license | objects | .type' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt 2>/dev/null find . -name "package.json" -exec jq '.licenses[] .type' {} \; >> ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt 2>/dev/null -sed -i "/^null$/d" ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt sort -u -o ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt ${TMP_DIR}/${PACKAGE_SAFE}-${VERSION}-bundled-licenses.txt + +# Locate any dependencies without a provided license +find . -type f -name package.json -execdir jq 'if .license==null and .licenses==null then .name else null end' '{}' '+' | grep -vE '^null$' | sort -u > ${TMP_DIR}/nolicense.txt + +if [ -s ${TMP_DIR}/nolicense.txt ]; then + echo -e "\e[5m\e[41mSome dependencies do not list a license. Manual verification required!\e[0m" + cat ${TMP_DIR}/nolicense.txt + echo -e "\e[5m\e[41m======================================================================\e[0m" +fi + + echo " Downloading dev dependencies" npm install --no-optional --only=dev if [ $? -ge 1 ] ; then echo " ERROR WILL ROBINSON" else - echo " Successful dev dependences download" + echo " Successful dev dependencies download" mv node_modules/ node_modules_dev fi if [ -d node_modules_prod ] ; then @@ -79,6 +90,6 @@ if [ -d node_modules_dev ] ; then tar cfz ../${PACKAGE_SAFE}-${VERSION}-nm-dev.tgz node_modules_dev fi cd .. -cp -v ${PACKAGE_SAFE}-${VERSION}* $HOME/rpmbuild/SOURCES +cp -v ${PACKAGE_SAFE}-${VERSION}* "${OUTPUT_DIR}" popd > /dev/null rm -rf ${TMP_DIR} diff --git a/nodejs-packaging.spec b/nodejs-packaging.spec index ef645d2..efd280a 100644 --- a/nodejs-packaging.spec +++ b/nodejs-packaging.spec @@ -1,8 +1,8 @@ %global macrosdir %(d=%{_rpmconfigdir}/macros.d; [ -d $d ] || d=%{_sysconfdir}/rpm; echo $d) Name: nodejs-packaging -Version: 2021.01 -Release: 5%{?dist} +Version: 2021.06 +Release: 4%{?dist} Summary: RPM Macros and Utilities for Node.js Packaging BuildArch: noarch License: MIT @@ -39,10 +39,11 @@ Requires: coreutils, findutils, jq %description bundler nodejs-packaging-bundler bundles a node.js application node_module dependencies -It gathers the application tarball. +It gathers the application tarball. It generates a runtime (prod) tarball with runtime node_module dependencies It generates a testing (dev) tarball with node_module dependencies for testing -It generates a bundled licence file that gets the licenses in the runtime dependency tarball +It generates a bundled license file that gets the licenses in the runtime +dependency tarball %prep pushd %{_topdir}/BUILD @@ -83,6 +84,22 @@ install -Dpm0755 nodejs-packaging-bundler %{buildroot}%{_bindir}/nodejs-packagin %changelog +* Thu Jan 20 2022 Stephen Gallagher - 2021.06-4 +- NPM bundler: also find namespaced bundled dependencies +- Related: #1990096 +- Related RHELPLAN-119396 + +* Thu Jul 22 2021 Fedora Release Engineering - 2021.06-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Tue Jun 22 2021 Stephen Gallagher - 2021.06-2 +- Fix hard-coded output directory in the bundler + +* Wed Jun 02 2021 Stephen Gallagher - 2021.06-1 +- Update to 2021.06-1 +- bundler: Handle archaic license metadata +- bundler: Warn about bundled dependencies with no license metadata + * Mon Aug 09 2021 Mohan Boddu - 2021.01-5 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688 diff --git a/nodejs.prov b/nodejs.prov index 663d3d9..56a9bf1 100755 --- a/nodejs.prov +++ b/nodejs.prov @@ -93,9 +93,9 @@ def generate_dependencies(module_path, module_dir_set=NODE_MODULES): else: # Invalid metadata path raise ValueError("Invalid module path '%s'" % module_path) - for dir_path, subdir_list, __ in os.walk(root_dir): - # Currently in node_modules (or similar), continue to subdirs - if os.path.basename(dir_path) in module_dir_set: + for dir_path, subdir_list, file_list in os.walk(root_dir): + # We are only interested in directories that contain package.json + if "package.json" not in file_list: continue # Read and format metadata diff --git a/test/bundled_namespace/node_modules/@nmcli/test201/package.json b/test/bundled_namespace/node_modules/@nmcli/test201/package.json new file mode 100644 index 0000000..4618046 --- /dev/null +++ b/test/bundled_namespace/node_modules/@nmcli/test201/package.json @@ -0,0 +1,4 @@ +{ + "name": "@nmcli/test201", + "version": "2.1.4" +} diff --git a/test/bundled_namespace/node_modules/test200/package.json b/test/bundled_namespace/node_modules/test200/package.json new file mode 100644 index 0000000..92ab4ba --- /dev/null +++ b/test/bundled_namespace/node_modules/test200/package.json @@ -0,0 +1,4 @@ +{ + "name": "test200", + "version": "1.3.5" +} diff --git a/test/bundled_namespace/nodejs.prov.err.exp b/test/bundled_namespace/nodejs.prov.err.exp new file mode 100644 index 0000000..e69de29 diff --git a/test/bundled_namespace/nodejs.prov.out.exp b/test/bundled_namespace/nodejs.prov.out.exp new file mode 100644 index 0000000..cf9c17f --- /dev/null +++ b/test/bundled_namespace/nodejs.prov.out.exp @@ -0,0 +1,3 @@ +bundled(nodejs-@nmcli/test201) = 2.1.4 +bundled(nodejs-test200) = 1.3.5 +npm(test) = 4.5.6 diff --git a/test/bundled_namespace/nodejs.req.err.exp b/test/bundled_namespace/nodejs.req.err.exp new file mode 100644 index 0000000..e69de29 diff --git a/test/bundled_namespace/nodejs.req.out.exp b/test/bundled_namespace/nodejs.req.out.exp new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/test/bundled_namespace/nodejs.req.out.exp @@ -0,0 +1 @@ + diff --git a/test/bundled_namespace/package.json.in b/test/bundled_namespace/package.json.in new file mode 100644 index 0000000..e41f38b --- /dev/null +++ b/test/bundled_namespace/package.json.in @@ -0,0 +1,11 @@ +{ + "name": "test", + "version": "4.5.6", + "engines": { + "node": ">=6 <10" + }, + "dependencies": { + "test100": "^1.2.3", + "test101": ">=2.1" + } +} diff --git a/test/run b/test/run index 6afb356..7897b24 100755 --- a/test/run +++ b/test/run @@ -4,7 +4,7 @@ ln -sf nodejs.req nodejs_req.py "$(command -v python2 || echo :)" -m doctest nodejs_req.py || exit 1 "$(command -v python3 || echo :)" -m doctest nodejs_req.py || exit 1 -for test in unbundled bundled +for test in unbundled bundled bundled_namespace do sed -e "s|//.*$||" < test/$test/package.json.in > test/$test/package.json