Hi Thomas,
If you are using webpack for bundling, you could hook into the compiler to get all used (and only those) production assets.
Some time ago, I created a plugin [1] for unide (type b) [2]. That will also list transitive assets, as long as they provide their source and not pre-compiled and bundled distributions.
It also zips the necessary files + license text for the CQs.
Due to a lack of other automation, I had used js unit tests to create CQs from the generated json list. I guess that’s not the recommended way.
For webpack 4+, you might have to change “compiler.plugin('emit', (compilation, callback) => {})” to “compiler.hooks.emit.tapAsync('license-plugin', async(compilation, callback)
=> {})”
[1]
https://github.com/eclipse/unide/blob/master/clients/binsa/conf/webpack-license-plugin.js
[2]
https://projects.eclipse.org/projects/iot.unide/releases/0.2.0
Mit freundlichen Grüßen / Best regards
Axel Meinhardt
Technical Lead PPM Ecosystem (BCI/ECM2)
Bosch Software Innovations GmbH | Ullsteinstr. 128 | 12109 Berlin |
GERMANY |
www.bosch-si.com
Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Dr.-Ing. Thorsten Lücke; Geschäftsführung: Dr. Stefan Ferber, Michael Hahn, Dr. Aleksandar Mitrovic
From: incubation-bounces@xxxxxxxxxxx <incubation-bounces@xxxxxxxxxxx>
On Behalf Of Jaeckle Thomas (INST/ECS1)
Sent: Dienstag, 27. August 2019 09:35
To: Discussions for new Eclipse projects <incubation@xxxxxxxxxxx>
Subject: [incubation] Publishing to npm and handling of CQs for npm/nodejs dependencies
Hi incubation list.
We, the Eclipse Ditto project [1], are currently working on an initial _javascript_ client [2] for our backend.
We would like to publish/release that to npm and are now wondering if there are processes/guides/best practices on how to publish modules to npm.
And, in addition: what is the process of creating CQs for npm dependencies we use in our client?
I saw some CQs which just provide their “package.json” along with all the sources of the dependencies from “node_modules” which npm creates, e.g. [3] or [4]
While that is a really simple way, when doing that we have no chance of reusing/piggybacking on already approved npm dependencies.
On the other side I see that it is really crazy how much transitive dependencies are pulled from some npm modules.
Also, all npm depdencies CQs I saw were “Type A” and our project is currently a “Type B” project and we would like to keep it that way.
Any advice/guidance or experience is much appreciated :-)
[1]
https://www.eclipse.org/ditto/
[2]
https://github.com/eclipse/ditto-clients/issues/2
[3]
https://dev.eclipse.org/ipzilla/show_bug.cgi?id=17757
[4]
https://dev.eclipse.org/ipzilla/show_bug.cgi?id=20490
Mit freundlichen Grüßen / Best regards
Thomas Jaeckle
Engineering Cloud Services 1 Bosch IoT Things (INST/ECS1)
Bosch Software Innovations GmbH | Ziegelei 7 | 88090 Immenstaad |
GERMANY |
www.bosch-si.com
Sitz: Berlin, Registergericht: Amtsgericht Charlottenburg; HRB 148411 B
Aufsichtsratsvorsitzender: Dr.-Ing. Thorsten Lücke; Geschäftsführung: Dr. Stefan Ferber, Michael Hahn, Dr. Aleksandar Mitrovic