Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency validate-npm-package-license to ^3.0.3 #5626

Merged
merged 1 commit into from
Apr 12, 2018
Merged

chore(deps): update dependency validate-npm-package-license to ^3.0.3 #5626

merged 1 commit into from
Apr 12, 2018

Conversation

qkdreyer
Copy link
Contributor

@qkdreyer qkdreyer commented Apr 6, 2018

Summary

Updating validate-npm-package-license in order to update its dependencies :

  • spdx-correct
  • spdx-license-ids

This is allowing us to use newer licences such as EUPL-1.2.

kemitchell/validate-npm-package-license.js@v3.0.1...v3.0.3
jslicense/spdx-correct.js@v1.0.2...v3.0.0
jslicense/spdx-license-ids@v1.2.2...v3.0.0

BYK
BYK requested changes Apr 11, 2018
View reviewed changes
Copy link
Member

@BYK BYK left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the lockfile is not updated properly (see the install job's build failure logs). If you can update it I'd be happy to merge this.

A simple integration test that uses the new licenses would also be nice.

@qkdreyer
Copy link
Contributor Author

I've already looked at the ci/circleci build output, and it fails because of :

#!/bin/bash -eo pipefail
yarn install --frozen-lockfile
yarn install v1.1.0
[1/5] Validating package.json...
[2/5] Resolving packages...
error Your lockfile needs to be updated, but yarn was run with `--frozen-lockfile`.
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.
Exited with code 1

From my understanding, we may not run ci/circleci tests if we're updating the yarn.lock file since it's running with the frozen-lockfile option.

@BYK
Copy link
Member

BYK commented Apr 11, 2018

From my understanding, we may not run ci/circleci tests if we're updating the yarn.lock file since it's running with the frozen-lockfile option.

Don't think I understand what you mean. Can you elaborate?

The issue is (the reason why CI fails) the entry in yarn.lock not matching the entry in the package.json file. One says @^3.0.1 and the other says @^3.0.3 so the failure is legit.

@qkdreyer qkdreyer force-pushed the master branch 2 times, most recently from b9eab19 to af2a089 Compare April 11, 2018 16:25
@buildsize
Copy link

buildsize bot commented Apr 11, 2018
edited
Loading

File name Previous Size New Size Change
yarn-[version].noarch.rpm 914.53 KB 907.55 KB -6.97 KB (1%)
yarn-[version].js 3.97 MB 3.94 MB -28.74 KB (1%)
yarn-legacy-[version].js 4.12 MB 4.09 MB -28.74 KB (1%)
yarn-v[version].tar.gz 919.53 KB 912.59 KB -6.94 KB (1%)
yarn_[version]all.deb 678.86 KB 674.35 KB -4.51 KB (1%)

@qkdreyer qkdreyer force-pushed the master branch 2 times, most recently from fdc0dde to 289eb66 Compare April 11, 2018 17:05
@qkdreyer
Copy link
Contributor Author

Could you re-run the test-macos-node6/8 tests that were canceled ?

@qkdreyer
Copy link
Contributor Author

Nevermind, I've force pushed to retrigger it. All checks have passed. Could you merge this please ?
I could also add a few tests but don't know where to add them.

@BYK BYK merged commit 95223b6 into yarnpkg:master Apr 12, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BYK BYK BYK approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@qkdreyer @BYK