Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Associate node package licenses from node_modules #1152

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 16, 2022
Merged

Associate node package licenses from node_modules #1152

merged 3 commits into from
Aug 16, 2022

Conversation

@kzantow
Copy link
Contributor

@kzantow kzantow commented Aug 9, 2022
edited
Loading

This PR adds a hook in the GenericCataloger which allows post-processing such as searching for licenses, which is also used by the javascript lockfile cataloger to search for package.json files and extract license information, if found.

Closes #845

@kzantow kzantow requested a review from a team August 9, 2022 15:30
wagoodman
wagoodman reviewed Aug 15, 2022
View reviewed changes
wagoodman
wagoodman reviewed Aug 15, 2022
View reviewed changes
@kzantow
Address PR feedback
de357fb 
Signed-off-by: Keith Zantow <[email protected]>
@kzantow kzantow requested a review from wagoodman August 16, 2022 17:02
@kzantow kzantow merged commit 21eb772 into anchore:main Aug 16, 2022
@kzantow kzantow deleted the associate-npm-licenses branch August 16, 2022 18:14
@martin-langhoff
Copy link

Yay!!!

spiffcs added a commit to scothis/syft that referenced this pull request Aug 24, 2022
@spiffcs
Merge branch 'main' into package-private
01836fa 
* main:
  Update syft bootstrap tools to latest versions. (anchore#1171)
  Fix update-bootstrap-tools workflow (anchore#1170)
  workflow to create automated PRs to update bootstrap tools (anchore#1167)
  feat: add support for licenses in package-lock json v2 (anchore#1164)
  External sources configuration (anchore#1158)
  feat: add support for pnpm (anchore#1166)
  Prevent symlinks causing duplicate package-file relationships (anchore#1168)
  Associate node package licenses from node_modules (anchore#1152)
  Give the contributing guide a substantial rework (anchore#1155)

Signed-off-by: Christopher Phillips <[email protected]>
spiffcs added a commit that referenced this pull request Aug 25, 2022
@spiffcs
Merge branch 'main' into 1095-convert-option-error
ca445f8 
* main:
  Update syft bootstrap tools to latest versions. (#1176)
  enhance development support on macOS ARM (#1163)
  Capture if a node module is private (#1161)
  Find version numbers from jars with different naming conventions (#1174)
  Update syft bootstrap tools to latest versions. (#1171)
  Fix update-bootstrap-tools workflow (#1170)
  workflow to create automated PRs to update bootstrap tools (#1167)
  feat: add support for licenses in package-lock json v2 (#1164)
  External sources configuration (#1158)
  feat: add support for pnpm (#1166)
  Prevent symlinks causing duplicate package-file relationships (#1168)
  Associate node package licenses from node_modules (#1152)
aiwantaozi pushed a commit to aiwantaozi/syft that referenced this pull request Oct 20, 2022
@kzantow @aiwantaozi
Associate node package licenses from node_modules (anchore#1152)
7ca61d7
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@kzantow
Associate node package licenses from node_modules (anchore#1152)
a281da5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wagoodman wagoodman wagoodman approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

No licenses included in scan with yarn.lock

3 participants

@kzantow @martin-langhoff @wagoodman