Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BC: Properly exclude external packages when preparing this library for web browsers #880

Merged
merged 5 commits into from
Jul 2, 2023
Merged

BC: Properly exclude external packages when preparing this library for web browsers #880

merged 5 commits into from
Jul 2, 2023

Conversation

jkowalleck
Copy link
Member

@jkowalleck jkowalleck commented Jul 2, 2023
edited
Loading

fixes #883

In fact, this fixes the non-working LicenseFactory and PackageUrlFactory.
Both were unable to load external packages/structs (spdx-expression-parser, PackageURL) and therefore worked incorrectle, without any warning.

This behavior was changed, now the library will crash in browsers, if the externals are not fetched properly.

after the fix, the license is SPDX expression, and the purl is present

{"$schema":"http://cyclonedx.org/schema/bom-1.5.schema.json","bomFormat":"CycloneDX","specVersion":"1.5","version":1,"metadata":{"component":{"type":"application","name":"MyProject","bom-ref":"BomRef.3lr3il32iug.rtg99q9kgg","licenses":[{"expression":"MIT OR Apache-2.0"}]}},"components":[{"type":"library","name":"myComponentA","group":"acme","version":"1.33.7","bom-ref":"BomRef.b15pj468j14.scmk07ernt","licenses":[{"license":{"id":"Apache-2.0"}}],"purl":"pkg:npm/acme/myComponentA@1.33.7?"}],"dependencies":[{"ref":"BomRef.3lr3il32iug.rtg99q9kgg","dependsOn":["BomRef.b15pj468j14.scmk07ernt"]},{"ref":"BomRef.b15pj468j14.scmk07ernt"}]}
<bom xmlns="http://cyclonedx.org/schema/bom/1.5" version="1"><metadata><component type="application" bom-ref="BomRef.adtvbq0lig8.o5vk9r7ankk"><name>MyProject</name><licenses><expression>MIT OR Apache-2.0</expression></licenses></component></metadata><components><component type="library" bom-ref="BomRef.fb5p2994am8.8kfa2anmgtc"><group>acme</group><name>myComponentA</name><version>1.33.7</version><licenses><license><id>Apache-2.0</id></license></licenses><purl>pkg:npm/acme/myComponentA@1.33.7?</purl></component></components><dependencies><dependency ref="BomRef.adtvbq0lig8.o5vk9r7ankk"><dependency ref="BomRef.fb5p2994am8.8kfa2anmgtc"/></dependency><dependency ref="BomRef.fb5p2994am8.8kfa2anmgtc"/></dependencies></bom>

@jkowalleck jkowalleck requested a review from a team as a code owner July 2, 2023 11:27
@jkowalleck jkowalleck force-pushed the fix-webpack-externals branch 2 times, most recently from 53e8179 to d73513a Compare July 2, 2023 11:33
@jkowalleck jkowalleck added the bug Something isn't working label Jul 2, 2023
@codacy-production
Copy link

codacy-production bot commented Jul 2, 2023
edited
Loading

Coverage summary from Codacy

Merging #880 (f83a788) into main (50de7f6) - See PR on Codacy

Coverage variation Diff coverage
+0.00% (target: -1.00%) (target: 90.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (50de7f6) 6993 6872 98.27%
Head commit (f83a788) 6993 (+0) 6872 (+0) 98.27% (+0.00%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#880) 0 0 ∅ (not applicable)

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

@jkowalleck jkowalleck force-pushed the fix-webpack-externals branch 3 times, most recently from 7600458 to 09e264e Compare July 2, 2023 12:53
@jkowalleck jkowalleck marked this pull request as draft July 2, 2023 12:53
@jkowalleck
BC: Properly exclude external packages when preparing this library fo…
77b4bc6 
…r web browsers

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
@jkowalleck
Fix webpack externals parcel (#884)
95cce97 
* example parcel

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>

* example parcel

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>

---------

Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
@jkowalleck jkowalleck marked this pull request as ready for review July 2, 2023 14:03
@jkowalleck
HISTORY
a64fc90 
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
@jkowalleck
docs
aaf80cd 
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
@jkowalleck
moved examples
f83a788 
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
@jkowalleck jkowalleck added QA CI javascript Pull requests that update Javascript code documentation Improvements or additions to documentation labels Jul 2, 2023
@jkowalleck jkowalleck merged commit 048b1b2 into main Jul 2, 2023
@jkowalleck jkowalleck deleted the fix-webpack-externals branch July 2, 2023 15:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
breaking change bug Something isn't working CI documentation Improvements or additions to documentation javascript Pull requests that update Javascript code QA
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

factories in web browser not working as expected
1 participant
@jkowalleck