jozefizso / generator-license Goto Github PK

When entering year, if you enter a range (e.g. 2013-2015), the result is rendered as NaN in the template instead of range.

According to https://docs.npmjs.com/files/package.json#license:

Finally, if you do not wish to grant others the right to use a private or unpublished package under any terms:
{ "license": "UNLICENSED" }
Consider also setting "private": true to prevent accidental publication.

Sorry if I miss something, but seem to me that license field must exist and, if desired, to prevent accidental publication, private field should by set to true.

Please, consider removing dev dependencies when publishing a package.
This will help reduce the vulnerabilities reported when installing a package to only those that can actually have an impact on our users.

This generator is nice. I'd like to include it in my generator (https://github.com/Hypercubed/generator-commander). I can use the hookFor and peerDependencies to run generator-license from generator-commander but it will ask again for the author name (that I am pulling from github) and license. Is there a way to skip these prompts when using hookFor? One option is to accept an author name and license from the command line arguments in generator-license.

This seams line a common potential use for generator-license. Any ideas?

I suggest to add coveralls.io integration for the project. This would allow us to track code coverage and see which tests are remaining to write. This information would also be displayed in the PRs.

Let me know what you think, I can submit a PR for this.

Sunset the Travis CI build script and move to GitHub Actions.

I would like to use this generator to scaffold a License file in a Python project, which obviously doesn't have a package.json.

Hi. I'm trying to migrate this generator to TypeScript. I get the following error when trying to migrate this generator to TypeScript:

npm run test

> [email protected] test
> node --experimental-vm-modules node_modules/jest/bin/jest.js

 FAIL  __tests__/app.spec.ts
  ● Test suite failed to run

    ReferenceError: exports is not defined

      3 | import { createHelpers } from 'yeoman-test';
      4 |
    > 5 | describe('license:app', () => {
        |                       ^
      6 |   let runResult: any;
      7 |   const helpers = createHelpers({});
      8 |

      at __tests__/app.spec.ts:5:23

Test Suites: 1 failed, 1 total
Tests:       0 total
Snapshots:   0 total
Time:        1.232 s
Ran all test suites.
(node:47283) ExperimentalWarning: VM Modules is an experimental feature and might change at any time
(Use `node --trace-warnings ...` to show where the warning was created)

Building the generator with npm run build works. And the built package is executed as before. I'm just encountering an error in the tests. There might be an issue in the Jest configuration. I managed to fix it in a project using mocha but I'm not a Jest expert.

The branch to test the problem is there: https://github.com/groovytron/generator-license/tree/migrate-to-typescript

Maybe @mischah could give us a hand on this.

Thanks for your help.

Is it somehow possible to get the selected license/licenseId as a return parameter?

As we are getting contributions, I would suggest to setup eslint as part of tests so the code is linted. It will help keeping the codebase clean and make sure the code does not contain anti-patterns.

Please let me know what you think, I could submit a PR for this.

Please add support for the GPLv3

Configure jest to run coverage report and send it to https://coveralls.io/github/jozefizso/generator-license service.

Note

There is bug in jest and the lcov.info will have incorrect path to the app/index.js source code.

We must modify the lcov.info file to have correct path so the coverallsapp/github-action will report all data to coveralls.io service.

See jestjs/jest#9773 and coverallsapp/github-action#153

I'm trying to compose a generator with generator-license but my generator already asks for name and email. I passed these values to composeWith(), but generator-license is still asking for them regardless.

    this.composeWith(
      require.resolve('generator-license', {
        defaultLicense: 'MIT',
        name: this.props.name,
        email: this.props.email
      })
    );

It is also not picking MIT as the default license. Options doesn't seem to be honored at all.

I made a note on the relevant commit, but these lines are breaking this generator: https://github.com/jozefizso/generator-license/blob/master/app/index.js#L69-L72

That is not a valid Inquirer prompt.

Either way, I think we're better not making a prompt out of this. It is verbose and probably no one needs to manually define the year. If you really want one, then create an option as it won't clutter the interface.

generator-license v5.5 declares compatibility with Node.js v10.

We should move to the oldest LTS which is v14 now. Although its maintenance will end in two months, the v14 is a good base runtime for this package.

The yeoman-generator dependency declares compatibility with Node.js v12. Customer still on v12 can use the generator-license v5.5.

See https://endoflife.date/nodejs

See yeoman/generator-webapp#137

Github reports that https://github.com/hapijs/hoek package we use has a vulnerability.

Known vulnerability found
CVE-2018-3728
Moderate severity
hoek node module before 5.0.3 or 4.2.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via...

package-lock.json update suggested:
hoek ~> 4.2.1
Always verify the validity and compatibility of suggestions with your codebase.

We should update the package and make a new release.

Tests awlays fail locally due posttest script in package.json trying to push data to coveralls.

This should be changed so only travis runs this, otherwise the tests fail locally.

Add support for AGPLv3

Hey, would you merge a major pull request rehauling this generator to allow easy composability?

We're completely redoing the official generator-node, and we'd love to compose with this generator. But the code in here is pretty old and will not play super well with our.

Tried running yo license and chose the Unlicense option.

AssertionError: Trying to copy from a source that does not exist: /home/hutson/Workspace/generator-license/app/templates/Unlicense.txt

Travis builds are failing because of error Client request error: getaddrinfo ENOTFOUND api.nodesecurity.io

https://travis-ci.org/jozefizso/generator-license/jobs/410780764

npm WARN deprecated [email protected]: The Node Security Platform service is shutting down 9/30 - https://blog.npmjs.org/post/175511531085/the-node-security-platform-service-is-shutting

npm audit report

json-schema  <0.4.0
Severity: critical
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
fix available via `npm audit fix`
node_modules/json-schema
  jsprim  0.3.0 - 1.4.1 || 2.0.0 - 2.0.1
  Depends on vulnerable versions of json-schema
  node_modules/jsprim

path-parse  <1.0.7
Severity: moderate
Regular Expression Denial of Service in path-parse - https://github.com/advisories/GHSA-hj48-42vr-x3v9
fix available via `npm audit fix`
node_modules/resolve/node_modules/path-parse

qs  6.5.0 - 6.5.2
Severity: high
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix`
node_modules/qs

4 vulnerabilities (1 moderate, 1 high, 2 critical)

It'd be nice to have this generator fill the license field in package.json.

From npm documentation:

The simplest way, assuming you're using a common license such as BSD-3-Clause or MIT, is to just specify the standard SPDX ID of the license you're using

Here are the ID https://spdx.org/licenses/

It's already available to the generator as this.user.git.name() and this.user.git.email().

The Generator Just Converts false, null etc. to a string.

I am composing it in my own generator

I decided to open an issue to discuss addition of a few more licenses:

• LGPL 3.0 GNU Lesser General Public License - allows use and distribution of modified software without revealing the source code. Useful permissive license for some libraries.
• Eclipse Public License 1.0 - an Open Source Initiative approve license, derived from CPL (Common Public License). Endorsed and used by Eclipse Foundation.

1. I can issue issue a PR for LGPL 3.0.With LGPL 3.0 would then have all the licenses from choosealicense.com

2. I can issue a PR for ( Eclipse Public License 1.0 if you think it would be worth including it.

This would make most popular and open-source initiative approved / OSD compliante licenses available in the generator.

Feel free to use this to discuss what licenses can be added.
Looking forward to comments.

p.s. I just published my Creative Commons LICENSE generator which was inspired by this one. Feel free to check it if you are using Creative Commons LICENSES (they are good to license documentation or written material, but not for actual code): https://github.com/ek9/generator-license-cc

The code does not work on NodeJS 4 anymore.

We should update .travis.yml, remove the NodeJS 4 and test on NodeJS 10.

Original report on yeoman/generator-generator#143

Seems to be an error with the filename:

events.js:85
      throw er; // Unhandled 'error' event
            ^
AssertionError: Trying to copy from a source that does not exist: /home/username/node_modules/lib/node_modules/generator-generator/node_modules/generator-node/node_modules/generator-license/app/templates/Unlicense.txt
    at EditionInterface.exports._copySingle (/home/username/node_modules/lib/node_modules/generator-generator/node_modules/generator-node/node_modules/generator-license/node_modules/yeoman-generator/node_modules/mem-fs-editor/actions/copy.js:44:3)
    at EditionInterface.exports.copy (/home/username/node_modules/lib/node_modules/generator-generator/node_modules/generator-node/node_modules/generator-license/node_modules/yeoman-generator/node_modules/mem-fs-editor/actions/copy.js:22:17)
    at EditionInterface.module.exports [as copyTpl] (/home/username/node_modules/lib/node_modules/generator-generator/node_modules/generator-node/node_modules/generator-license/node_modules/yeoman-generator/node_modules/mem-fs-editor/actions/copy-tpl.js:9:8)
    at module.exports.generators.Base.extend.writing.license (/home/username/node_modules/lib/node_modules/generator-generator/node_modules/generator-node/node_modules/generator-license/app/index.js:98:15)
    at /home/username/node_modules/lib/node_modules/generator-generator/node_modules/generator-node/node_modules/generator-license/node_modules/yeoman-generator/lib/base.js:421:16
    at processImmediate [as _immediateCallback] (timers.js:367:17)

I would like to set website and defaultLicense globally for my convenience. I tried adding a .yo-rc.json to my home directory with { "generator-license": ... } but yo license still doesn't show these values in the prompts. Is this supported?

I tried to use your generator with mine using composeWith and a bit hard. Can you add small instruction how to use it with other generators?