Remove some deps #165
Merged
Remove some deps #165
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Submitted a question to one of the dependencies authors since we basically copied and pasted their MIT licensed code: keithamus/parse-packagejson-name#13 |
allenhsieh
approved these changes
Feb 19, 2020
| * limitations under the License. | ||
| */ | ||
|
|
||
| export const toPurl = (name: string, version: string, group = ''): string => { |
There was a problem hiding this comment.
hahaha that's all there was to packageurl-js!
We left-pad'd ourselves! 🤣
There was a problem hiding this comment.
Yeah, I get why they used it (why not? It's a package that does what they want), but it was simple enough to just implement.
| @@ -302,4 +299,31 @@ export class CycloneDXSbomCreator { | |||
| } | |||
| return undefined; | |||
| } | |||
|
|
|||
| private parsePackageJsonName(name: string): Result { | |||
There was a problem hiding this comment.
reply from creator: keithamus/parse-packagejson-name#13 (comment)
There was a problem hiding this comment.
Yeah, super nice of them!
DarthHater
pushed a commit
that referenced
this pull request
Feb 19, 2020
## [4.0.2](v4.0.1...v4.0.2) (2020-02-19) ### Bug Fixes * Remove some deps ([#165](#165)) ([36d3bde](36d3bde))
|
🎉 This PR is included in version 4.0.2 🎉 The release is available on: Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In some usability testing, we saw a number of dependencies get blocked from downloading, and so this PR aims to remove them!
This pull request makes the following changes:
packageurl-js, crafting our own purl was not too difficult (we were doing shades of it other places)parse-packagejson-name, the code for this package is MIT, so I've implemented the function and crafted it to be more TypeScript friendly, might need to add a source attribution to the license header as a resultprettify-xml, as it seemed like this wasn't actually getting used! The mysteries of the world!cc @bhamail / @DarthHater / @allenhsieh / @ken-duck