diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 29ee04fdff..f2a28d3096 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -53,6 +53,8 @@ jobs: run: yarn run lint:lit --quiet - name: Run prettier run: yarn run lint:prettier + - name: Check dependency licenses + run: yarn run lint:licenses test: name: Run tests runs-on: ubuntu-latest diff --git a/package.json b/package.json index 8f2a10229c..50ce30da21 100644 --- a/package.json +++ b/package.json @@ -14,6 +14,7 @@ "format:prettier": "prettier . --cache --write", "lint:types": "tsc", "lint:lit": "lit-analyzer \"{.,*}/src/**/*.ts\"", + "lint:licenses": "node --no-deprecation script/check-licenses", "lint": "yarn run lint:eslint && yarn run lint:prettier && yarn run lint:types && yarn run lint:lit", "format": "yarn run format:eslint && yarn run format:prettier", "postinstall": "husky", @@ -162,6 +163,7 @@ "@types/leaflet": "1.9.21", "@types/leaflet-draw": "1.0.13", "@types/leaflet.markercluster": "1.5.6", + "@types/license-checker": "^25", "@types/lodash.merge": "4.6.9", "@types/luxon": "3.7.1", "@types/mocha": "10.0.10", @@ -195,6 +197,7 @@ "husky": "9.1.7", "jsdom": "29.0.1", "jszip": "3.10.1", + "license-checker": "25.0.1", "lint-staged": "16.4.0", "lit-analyzer": "2.0.3", "lodash.merge": "4.6.2", diff --git a/script/check-licenses b/script/check-licenses new file mode 100755 index 0000000000..7ad8584550 --- /dev/null +++ b/script/check-licenses @@ -0,0 +1,97 @@ +#!/usr/bin/env node +// Checks that all production dependencies use approved open-source licenses. +// +// To allow a new license type, add its SPDX identifier to ALLOWED_LICENSES. +// To allow a specific package that cannot be relicensed (e.g. a dual-license +// package where the reported identifier is non-standard), add it to +// ALLOWED_PACKAGES with a comment explaining why. + +import checker from "license-checker"; +import { createRequire } from "module"; +import { fileURLToPath } from "url"; +import path from "path"; + +const require = createRequire(import.meta.url); +const root = path.resolve(fileURLToPath(import.meta.url), "../../"); + +// Permissive licenses that are compatible with distribution in a compiled wheel. +// Copyleft licenses (GPL, LGPL, AGPL, EUPL, etc.) must NOT be added here. +const ALLOWED_LICENSES = new Set([ + "MIT", + "MIT*", + "ISC", + "BSD-2-Clause", + "BSD-3-Clause", + "BSD*", + "Apache-2.0", + "0BSD", + "CC0-1.0", + "(MIT OR CC0-1.0)", + "(MIT AND Zlib)", + "Python-2.0", // argparse - Python Software Foundation License (permissive) + "Public Domain", + "W3C-20150513", // wicg-inert - W3C Software and Document License (permissive) + "Unlicense", + "CC-BY-4.0", +]); + +// Packages whose license identifier is ambiguous or non-standard but have been +// manually verified as permissive. Add only when strictly necessary. +const ALLOWED_PACKAGES = { + // No entries currently needed. +}; + +checker.init( + { + start: root, + production: true, + excludePrivatePackages: true, + }, + (err, packages) => { + if (err) { + console.error("license-checker failed:", err); + process.exit(1); + } + + const violations = []; + + for (const [nameAtVersion, info] of Object.entries(packages)) { + if (nameAtVersion in ALLOWED_PACKAGES) { + continue; + } + + const license = info.licenses; + + if (!ALLOWED_LICENSES.has(license)) { + violations.push({ package: nameAtVersion, license }); + } + } + + if (violations.length > 0) { + console.error( + "The following packages have licenses that are not on the allowlist:\n" + ); + for (const { package: pkg, license } of violations) { + console.error(` ${pkg}: ${license}`); + } + console.error( + "\nIf the license is permissive and appropriate for distribution, add it" + ); + console.error( + "to ALLOWED_LICENSES in script/check-licenses. If it is a specific" + ); + console.error( + "package with an ambiguous identifier, add it to ALLOWED_PACKAGES." + ); + console.error( + "\nDo NOT add copyleft licenses (GPL, LGPL, AGPL, etc.) to the allowlist." + ); + process.exit(1); + } + + const count = Object.keys(packages).length; + console.log( + `License check passed: all ${count} production dependencies use approved licenses.` + ); + } +); diff --git a/yarn.lock b/yarn.lock index 4a6665449a..f39b0daf82 100644 --- a/yarn.lock +++ b/yarn.lock @@ -4910,6 +4910,13 @@ __metadata: languageName: node linkType: hard +"@types/license-checker@npm:^25": + version: 25.0.6 + resolution: "@types/license-checker@npm:25.0.6" + checksum: 10/9446f2ed96dae685b9a0e018a5b5bf12ffba4aa59aaa4383f18158a9614f2f129612e6655b4419add12d388c5ee5cb2795e4bfbefecaafd1b4d5d701b7c06173 + languageName: node + linkType: hard + "@types/lodash.merge@npm:4.6.9": version: 4.6.9 resolution: "@types/lodash.merge@npm:4.6.9" @@ -5524,6 +5531,13 @@ __metadata: languageName: node linkType: hard +"abbrev@npm:1": + version: 1.1.1 + resolution: "abbrev@npm:1.1.1" + checksum: 10/2d882941183c66aa665118bafdab82b7a177e9add5eb2776c33e960a4f3c89cff88a1b38aba13a456de01d0dd9d66a8bea7c903268b21ea91dd1097e1e2e8243 + languageName: node + linkType: hard + "abbrev@npm:^4.0.0": version: 4.0.0 resolution: "abbrev@npm:4.0.0" @@ -5837,6 +5851,13 @@ __metadata: languageName: node linkType: hard +"array-find-index@npm:^1.0.2": + version: 1.0.2 + resolution: "array-find-index@npm:1.0.2" + checksum: 10/aac128bf369e1ac6c06ff0bb330788371c0e256f71279fb92d745e26fb4b9db8920e485b4ec25e841c93146bf71a34dcdbcefa115e7e0f96927a214d237b7081 + languageName: node + linkType: hard + "array-flatten@npm:1.1.1": version: 1.1.1 resolution: "array-flatten@npm:1.1.1" @@ -5921,6 +5942,13 @@ __metadata: languageName: node linkType: hard +"asap@npm:^2.0.0": + version: 2.0.6 + resolution: "asap@npm:2.0.6" + checksum: 10/b244c0458c571945e4b3be0b14eb001bea5596f9868cc50cc711dc03d58a7e953517d3f0dad81ccde3ff37d1f074701fa76a6f07d41aaa992d7204a37b915dda + languageName: node + linkType: hard + "assertion-error@npm:^2.0.1": version: 2.0.1 resolution: "assertion-error@npm:2.0.1" @@ -6570,7 +6598,7 @@ __metadata: languageName: node linkType: hard -"chalk@npm:^2.4.2": +"chalk@npm:^2.4.1, chalk@npm:^2.4.2": version: 2.4.2 resolution: "chalk@npm:2.4.2" dependencies: @@ -7170,7 +7198,7 @@ __metadata: languageName: node linkType: hard -"debug@npm:^3.2.7": +"debug@npm:^3.1.0, debug@npm:^3.2.7": version: 3.2.7 resolution: "debug@npm:3.2.7" dependencies: @@ -7191,6 +7219,13 @@ __metadata: languageName: node linkType: hard +"debuglog@npm:^1.0.1": + version: 1.0.1 + resolution: "debuglog@npm:1.0.1" + checksum: 10/942a3196951ef139e3c19dc55583c1f9532fad92e293ffc6cbf8bb67562ea1aa013b5b86b4a89c2dd89e5e1c16e00b975e5ba3aa0a11070a3577e81162e6e29d + languageName: node + linkType: hard + "decamelize@npm:^1.2.0": version: 1.2.0 resolution: "decamelize@npm:1.2.0" @@ -7368,6 +7403,16 @@ __metadata: languageName: node linkType: hard +"dezalgo@npm:^1.0.0": + version: 1.0.4 + resolution: "dezalgo@npm:1.0.4" + dependencies: + asap: "npm:^2.0.0" + wrappy: "npm:1" + checksum: 10/895389c6aead740d2ab5da4d3466d20fa30f738010a4d3f4dcccc9fc645ca31c9d10b7e1804ae489b1eb02c7986f9f1f34ba132d409b043082a86d9a4e745624 + languageName: node + linkType: hard + "dialog-polyfill@npm:0.5.6": version: 0.5.6 resolution: "dialog-polyfill@npm:0.5.6" @@ -8692,6 +8737,13 @@ __metadata: languageName: node linkType: hard +"fs.realpath@npm:^1.0.0": + version: 1.0.0 + resolution: "fs.realpath@npm:1.0.0" + checksum: 10/e703107c28e362d8d7b910bbcbfd371e640a3bb45ae157a362b5952c0030c0b6d4981140ec319b347bce7adc025dd7813da1ff908a945ac214d64f5402a51b96 + languageName: node + linkType: hard + "fsevents@npm:~2.3.2, fsevents@npm:~2.3.3": version: 2.3.3 resolution: "fsevents@npm:2.3.3" @@ -8948,6 +9000,20 @@ __metadata: languageName: node linkType: hard +"glob@npm:^7.1.1": + version: 7.2.3 + resolution: "glob@npm:7.2.3" + dependencies: + fs.realpath: "npm:^1.0.0" + inflight: "npm:^1.0.4" + inherits: "npm:2" + minimatch: "npm:^3.1.1" + once: "npm:^1.3.0" + path-is-absolute: "npm:^1.0.0" + checksum: 10/59452a9202c81d4508a43b8af7082ca5c76452b9fcc4a9ab17655822e6ce9b21d4f8fbadabe4fe3faef448294cec249af305e2cd824b7e9aaf689240e5e96a7b + languageName: node + linkType: hard + "global-modules@npm:^1.0.0": version: 1.0.0 resolution: "global-modules@npm:1.0.0" @@ -9302,6 +9368,7 @@ __metadata: "@types/leaflet": "npm:1.9.21" "@types/leaflet-draw": "npm:1.0.13" "@types/leaflet.markercluster": "npm:1.5.6" + "@types/license-checker": "npm:^25" "@types/lodash.merge": "npm:4.6.9" "@types/luxon": "npm:3.7.1" "@types/mocha": "npm:10.0.10" @@ -9362,6 +9429,7 @@ __metadata: leaflet: "npm:1.9.4" leaflet-draw: "patch:leaflet-draw@npm%3A1.0.4#./.yarn/patches/leaflet-draw-npm-1.0.4-0ca0ebcf65.patch" leaflet.markercluster: "npm:1.5.3" + license-checker: "npm:25.0.1" lint-staged: "npm:16.4.0" lit: "npm:3.3.2" lit-analyzer: "npm:2.0.3" @@ -9425,6 +9493,13 @@ __metadata: languageName: node linkType: hard +"hosted-git-info@npm:^2.1.4": + version: 2.8.9 + resolution: "hosted-git-info@npm:2.8.9" + checksum: 10/96da7d412303704af41c3819207a09ea2cab2de97951db4cf336bb8bce8d8e36b9a6821036ad2e55e67d3be0af8f967a7b57981203fbfb88bc05cd803407b8c3 + languageName: node + linkType: hard + "hosted-git-info@npm:^9.0.0": version: 9.0.2 resolution: "hosted-git-info@npm:9.0.2" @@ -9731,6 +9806,23 @@ __metadata: languageName: node linkType: hard +"inflight@npm:^1.0.4": + version: 1.0.6 + resolution: "inflight@npm:1.0.6" + dependencies: + once: "npm:^1.3.0" + wrappy: "npm:1" + checksum: 10/d2ebd65441a38c8336c223d1b80b921b9fa737e37ea466fd7e253cb000c64ae1f17fa59e68130ef5bda92cfd8d36b83d37dab0eb0a4558bcfec8e8cdfd2dcb67 + languageName: node + linkType: hard + +"inherits@npm:2, inherits@npm:^2.0.1, inherits@npm:^2.0.3, inherits@npm:^2.0.4, inherits@npm:~2.0.3, inherits@npm:~2.0.4": + version: 2.0.4 + resolution: "inherits@npm:2.0.4" + checksum: 10/cd45e923bee15186c07fa4c89db0aace24824c482fb887b528304694b2aa6ff8a898da8657046a5dcf3e46cd6db6c61629551f9215f208d7c3f157cf9b290521 + languageName: node + linkType: hard + "inherits@npm:2.0.3": version: 2.0.3 resolution: "inherits@npm:2.0.3" @@ -9738,13 +9830,6 @@ __metadata: languageName: node linkType: hard -"inherits@npm:^2.0.1, inherits@npm:^2.0.3, inherits@npm:^2.0.4, inherits@npm:~2.0.3, inherits@npm:~2.0.4": - version: 2.0.4 - resolution: "inherits@npm:2.0.4" - checksum: 10/cd45e923bee15186c07fa4c89db0aace24824c482fb887b528304694b2aa6ff8a898da8657046a5dcf3e46cd6db6c61629551f9215f208d7c3f157cf9b290521 - languageName: node - linkType: hard - "ini@npm:^1.3.4, ini@npm:~1.3.0": version: 1.3.8 resolution: "ini@npm:1.3.8" @@ -10724,6 +10809,26 @@ __metadata: languageName: node linkType: hard +"license-checker@npm:25.0.1": + version: 25.0.1 + resolution: "license-checker@npm:25.0.1" + dependencies: + chalk: "npm:^2.4.1" + debug: "npm:^3.1.0" + mkdirp: "npm:^0.5.1" + nopt: "npm:^4.0.1" + read-installed: "npm:~4.0.3" + semver: "npm:^5.5.0" + spdx-correct: "npm:^3.0.0" + spdx-expression-parse: "npm:^3.0.0" + spdx-satisfies: "npm:^4.0.0" + treeify: "npm:^1.1.0" + bin: + license-checker: ./bin/license-checker + checksum: 10/e3435d9e6f8975fcdd73c09f9b0c9a038e3eb29ea71f10fe1c5b7f5bec3182a8d9ac85badea6188f2e89717631377fc3646c97431608f7ba1e7a76df62c452de + languageName: node + linkType: hard + "lie@npm:~3.3.0": version: 3.3.0 resolution: "lie@npm:3.3.0" @@ -11342,7 +11447,7 @@ __metadata: languageName: node linkType: hard -"minimatch@npm:3.1.5, minimatch@npm:^3.1.2, minimatch@npm:^3.1.5": +"minimatch@npm:3.1.5, minimatch@npm:^3.1.1, minimatch@npm:^3.1.2, minimatch@npm:^3.1.5": version: 3.1.5 resolution: "minimatch@npm:3.1.5" dependencies: @@ -11452,6 +11557,17 @@ __metadata: languageName: node linkType: hard +"mkdirp@npm:^0.5.1": + version: 0.5.6 + resolution: "mkdirp@npm:0.5.6" + dependencies: + minimist: "npm:^1.2.6" + bin: + mkdirp: bin/cmd.js + checksum: 10/0c91b721bb12c3f9af4b77ebf73604baf350e64d80df91754dc509491ae93bf238581e59c7188360cec7cb62fc4100959245a42cfe01834efedc5e9d068376c2 + languageName: node + linkType: hard + "ms@npm:2.0.0": version: 2.0.0 resolution: "ms@npm:2.0.0" @@ -11623,6 +11739,18 @@ __metadata: languageName: node linkType: hard +"nopt@npm:^4.0.1": + version: 4.0.3 + resolution: "nopt@npm:4.0.3" + dependencies: + abbrev: "npm:1" + osenv: "npm:^0.1.4" + bin: + nopt: bin/nopt.js + checksum: 10/037a9274c8f038a8e6ac026d14cd798bbfa9a98a5d958f4829e13b6381b44cb8576d070d4dc6d83ba514068eea7b2ceae023a3b6b63a3dbff331ad2167b611c2 + languageName: node + linkType: hard + "nopt@npm:^9.0.0": version: 9.0.0 resolution: "nopt@npm:9.0.0" @@ -11634,6 +11762,18 @@ __metadata: languageName: node linkType: hard +"normalize-package-data@npm:^2.0.0": + version: 2.5.0 + resolution: "normalize-package-data@npm:2.5.0" + dependencies: + hosted-git-info: "npm:^2.1.4" + resolve: "npm:^1.10.0" + semver: "npm:2 || 3 || 4 || 5" + validate-npm-package-license: "npm:^3.0.1" + checksum: 10/644f830a8bb9b7cc9bf2f6150618727659ee27cdd0840d1c1f97e8e6cab0803a098a2c19f31c6247ad9d3a0792e61521a13a6e8cd87cc6bb676e3150612c03d4 + languageName: node + linkType: hard + "normalize-path@npm:3.0.0, normalize-path@npm:^3.0.0, normalize-path@npm:~3.0.0": version: 3.0.0 resolution: "normalize-path@npm:3.0.0" @@ -11668,6 +11808,13 @@ __metadata: languageName: node linkType: hard +"npm-normalize-package-bin@npm:^1.0.0": + version: 1.0.1 + resolution: "npm-normalize-package-bin@npm:1.0.1" + checksum: 10/b61593d1afc2b05258afe791043d1b665376ec91ae56dfcf6c67bb802acfc2c249136d3fb600f356562ef013f9e46a009c5e4769693bf13bcabf99fb5e806e6a + languageName: node + linkType: hard + "npm-normalize-package-bin@npm:^5.0.0": version: 5.0.0 resolution: "npm-normalize-package-bin@npm:5.0.0" @@ -11881,7 +12028,7 @@ __metadata: languageName: node linkType: hard -"once@npm:^1.4.0": +"once@npm:^1.3.0, once@npm:^1.4.0": version: 1.4.0 resolution: "once@npm:1.4.0" dependencies: @@ -11951,6 +12098,30 @@ __metadata: languageName: node linkType: hard +"os-homedir@npm:^1.0.0": + version: 1.0.2 + resolution: "os-homedir@npm:1.0.2" + checksum: 10/af609f5a7ab72de2f6ca9be6d6b91a599777afc122ac5cad47e126c1f67c176fe9b52516b9eeca1ff6ca0ab8587fe66208bc85e40a3940125f03cdb91408e9d2 + languageName: node + linkType: hard + +"os-tmpdir@npm:^1.0.0": + version: 1.0.2 + resolution: "os-tmpdir@npm:1.0.2" + checksum: 10/5666560f7b9f10182548bf7013883265be33620b1c1b4a4d405c25be2636f970c5488ff3e6c48de75b55d02bde037249fe5dbfbb4c0fb7714953d56aed062e6d + languageName: node + linkType: hard + +"osenv@npm:^0.1.4": + version: 0.1.5 + resolution: "osenv@npm:0.1.5" + dependencies: + os-homedir: "npm:^1.0.0" + os-tmpdir: "npm:^1.0.0" + checksum: 10/779d261920f2a13e5e18cf02446484f12747d3f2ff82280912f52b213162d43d312647a40c332373cbccd5e3fb8126915d3bfea8dde4827f70f82da76e52d359 + languageName: node + linkType: hard + "own-keys@npm:^1.0.1": version: 1.0.1 resolution: "own-keys@npm:1.0.1" @@ -12210,6 +12381,13 @@ __metadata: languageName: node linkType: hard +"path-is-absolute@npm:^1.0.0": + version: 1.0.1 + resolution: "path-is-absolute@npm:1.0.1" + checksum: 10/060840f92cf8effa293bcc1bea81281bd7d363731d214cbe5c227df207c34cd727430f70c6037b5159c8a870b9157cba65e775446b0ab06fd5ecc7e54615a3b8 + languageName: node + linkType: hard + "path-is-inside@npm:1.0.2": version: 1.0.2 resolution: "path-is-inside@npm:1.0.2" @@ -12607,6 +12785,36 @@ __metadata: languageName: node linkType: hard +"read-installed@npm:~4.0.3": + version: 4.0.3 + resolution: "read-installed@npm:4.0.3" + dependencies: + debuglog: "npm:^1.0.1" + graceful-fs: "npm:^4.1.2" + read-package-json: "npm:^2.0.0" + readdir-scoped-modules: "npm:^1.0.0" + semver: "npm:2 || 3 || 4 || 5" + slide: "npm:~1.1.3" + util-extend: "npm:^1.0.1" + dependenciesMeta: + graceful-fs: + optional: true + checksum: 10/1aa05f7fcf6173f726cbae2450bebb45a87914b2fbdad1ffe4bea6c854465866fc94d300d6d63eee3e6d36b735aa67af156a0d32f1123a7c519595a8466cad99 + languageName: node + linkType: hard + +"read-package-json@npm:^2.0.0": + version: 2.1.2 + resolution: "read-package-json@npm:2.1.2" + dependencies: + glob: "npm:^7.1.1" + json-parse-even-better-errors: "npm:^2.3.0" + normalize-package-data: "npm:^2.0.0" + npm-normalize-package-bin: "npm:^1.0.0" + checksum: 10/52a5590a9c5677108f3452dc6f91253b9615bc411b42477f27b66f4820d889ef448c70ba6ddfe1a98695b1d6451e963f92c016264b2396e4096c5ca73c352395 + languageName: node + linkType: hard + "readable-stream@npm:2 || 3, readable-stream@npm:3, readable-stream@npm:^3.0.6, readable-stream@npm:^3.4.0": version: 3.6.2 resolution: "readable-stream@npm:3.6.2" @@ -12655,6 +12863,18 @@ __metadata: languageName: node linkType: hard +"readdir-scoped-modules@npm:^1.0.0": + version: 1.1.0 + resolution: "readdir-scoped-modules@npm:1.1.0" + dependencies: + debuglog: "npm:^1.0.1" + dezalgo: "npm:^1.0.0" + graceful-fs: "npm:^4.1.2" + once: "npm:^1.3.0" + checksum: 10/6d9f334e40dfd0f5e4a8aab5e67eb460c95c85083c690431f87ab2c9135191170e70c2db6d71afcafb78e073d23eb95dcb3fc33ef91308f6ebfe3197be35e608 + languageName: node + linkType: hard + "readdirp@npm:~3.6.0": version: 3.6.0 resolution: "readdirp@npm:3.6.0" @@ -12875,7 +13095,7 @@ __metadata: languageName: node linkType: hard -"resolve@npm:^1.20.0, resolve@npm:^1.22.1, resolve@npm:^1.22.11, resolve@npm:^1.22.4": +"resolve@npm:^1.10.0, resolve@npm:^1.20.0, resolve@npm:^1.22.1, resolve@npm:^1.22.11, resolve@npm:^1.22.4": version: 1.22.11 resolution: "resolve@npm:1.22.11" dependencies: @@ -12901,7 +13121,7 @@ __metadata: languageName: node linkType: hard -"resolve@patch:resolve@npm%3A^1.20.0#optional!builtin, resolve@patch:resolve@npm%3A^1.22.1#optional!builtin, resolve@patch:resolve@npm%3A^1.22.11#optional!builtin, resolve@patch:resolve@npm%3A^1.22.4#optional!builtin": +"resolve@patch:resolve@npm%3A^1.10.0#optional!builtin, resolve@patch:resolve@npm%3A^1.20.0#optional!builtin, resolve@patch:resolve@npm%3A^1.22.1#optional!builtin, resolve@patch:resolve@npm%3A^1.22.11#optional!builtin, resolve@patch:resolve@npm%3A^1.22.4#optional!builtin": version: 1.22.11 resolution: "resolve@patch:resolve@npm%3A1.22.11#optional!builtin::version=1.22.11&hash=c3c19d" dependencies: @@ -13195,7 +13415,7 @@ __metadata: languageName: node linkType: hard -"semver@npm:^5.7.2": +"semver@npm:2 || 3 || 4 || 5, semver@npm:^5.5.0, semver@npm:^5.7.2": version: 5.7.2 resolution: "semver@npm:5.7.2" bin: @@ -13516,6 +13736,13 @@ __metadata: languageName: node linkType: hard +"slide@npm:~1.1.3": + version: 1.1.6 + resolution: "slide@npm:1.1.6" + checksum: 10/3bf19297b9798a31cda0c1c81f98f6f439b34ab011f73474b3f38b680a7fe9a1326b401d00b9fee08655f545c2d3ee0a0f45c46abd79293f6fabf5580ffacb5d + languageName: node + linkType: hard + "smart-buffer@npm:^4.2.0": version: 4.2.0 resolution: "smart-buffer@npm:4.2.0" @@ -13672,6 +13899,27 @@ __metadata: languageName: node linkType: hard +"spdx-compare@npm:^1.0.0": + version: 1.0.0 + resolution: "spdx-compare@npm:1.0.0" + dependencies: + array-find-index: "npm:^1.0.2" + spdx-expression-parse: "npm:^3.0.0" + spdx-ranges: "npm:^2.0.0" + checksum: 10/7d8b55b31163ba8e7abeaf69d8d7accba5aee324dd55e22a796a685ec4d5e3c3cbc2683b9a2edff5543ee6f6242f4ec22c15dc2e493eb807690fb65e1051e5eb + languageName: node + linkType: hard + +"spdx-correct@npm:^3.0.0": + version: 3.2.0 + resolution: "spdx-correct@npm:3.2.0" + dependencies: + spdx-expression-parse: "npm:^3.0.0" + spdx-license-ids: "npm:^3.0.0" + checksum: 10/cc2e4dbef822f6d12142116557d63f5facf3300e92a6bd24e907e4865e17b7e1abd0ee6b67f305cae6790fc2194175a24dc394bfcc01eea84e2bdad728e9ae9a + languageName: node + linkType: hard + "spdx-exceptions@npm:^2.1.0": version: 2.5.0 resolution: "spdx-exceptions@npm:2.5.0" @@ -13679,6 +13927,16 @@ __metadata: languageName: node linkType: hard +"spdx-expression-parse@npm:^3.0.0": + version: 3.0.1 + resolution: "spdx-expression-parse@npm:3.0.1" + dependencies: + spdx-exceptions: "npm:^2.1.0" + spdx-license-ids: "npm:^3.0.0" + checksum: 10/a1c6e104a2cbada7a593eaa9f430bd5e148ef5290d4c0409899855ce8b1c39652bcc88a725259491a82601159d6dc790bedefc9016c7472f7de8de7361f8ccde + languageName: node + linkType: hard + "spdx-expression-parse@npm:^4.0.0": version: 4.0.0 resolution: "spdx-expression-parse@npm:4.0.0" @@ -13696,6 +13954,24 @@ __metadata: languageName: node linkType: hard +"spdx-ranges@npm:^2.0.0": + version: 2.1.1 + resolution: "spdx-ranges@npm:2.1.1" + checksum: 10/f807bd915aa2975bcebd9c4b4805661f248efcd4953ee62557626452fcd2933183f5b1a307d65507d8be6b9519b4e46dce05b61db0fbd5fce253b8f6d69bbbad + languageName: node + linkType: hard + +"spdx-satisfies@npm:^4.0.0": + version: 4.0.1 + resolution: "spdx-satisfies@npm:4.0.1" + dependencies: + spdx-compare: "npm:^1.0.0" + spdx-expression-parse: "npm:^3.0.0" + spdx-ranges: "npm:^2.0.0" + checksum: 10/a44c3665b1eb991285b6c1019d97a3df43290b39436e7a914dc99498580039cfe7d20e0680856c1d420ffa365fd7de3c39ee534abd3130a6fec6c2bd24259cca + languageName: node + linkType: hard + "spdy-transport@npm:^3.0.0": version: 3.0.0 resolution: "spdy-transport@npm:3.0.0" @@ -14437,6 +14713,13 @@ __metadata: languageName: node linkType: hard +"treeify@npm:^1.1.0": + version: 1.1.0 + resolution: "treeify@npm:1.1.0" + checksum: 10/5241976a751168fb9894a12d031299f1f6337b7f2cbd3eff22ee86e6777620352a69a1cab0d4709251317ff307eeda0dc45918850974fc44f4c7fc50e623b990 + languageName: node + linkType: hard + "treeverse@npm:^3.0.0": version: 3.0.0 resolution: "treeverse@npm:3.0.0" @@ -14868,6 +15151,13 @@ __metadata: languageName: node linkType: hard +"util-extend@npm:^1.0.1": + version: 1.0.3 + resolution: "util-extend@npm:1.0.3" + checksum: 10/da57f399b331f40fe2cea5409b1f4939231433db9b52dac5593e4390a98b7b0d1318a0daefbcc48123fffe5026ef49f418b3e4df7a4cd7649a2583e559c608a5 + languageName: node + linkType: hard + "utils-merge@npm:1.0.1": version: 1.0.1 resolution: "utils-merge@npm:1.0.1" @@ -14891,6 +15181,16 @@ __metadata: languageName: node linkType: hard +"validate-npm-package-license@npm:^3.0.1": + version: 3.0.4 + resolution: "validate-npm-package-license@npm:3.0.4" + dependencies: + spdx-correct: "npm:^3.0.0" + spdx-expression-parse: "npm:^3.0.0" + checksum: 10/86242519b2538bb8aeb12330edebb61b4eb37fd35ef65220ab0b03a26c0592c1c8a7300d32da3cde5abd08d18d95e8dabfad684b5116336f6de9e6f207eec224 + languageName: node + linkType: hard + "validate-npm-package-name@npm:^7.0.0": version: 7.0.2 resolution: "validate-npm-package-name@npm:7.0.2"