8839075805
Implements Phases 1-8 of the TFTSR implementation plan. Rust backend (Tauri 2.x, src-tauri/): - Multi-provider AI: OpenAI-compatible, Anthropic, Gemini, Mistral, Ollama - PII detection engine: 11 regex patterns with overlap resolution - SQLCipher AES-256 encrypted database with 10 versioned migrations - 28 Tauri IPC commands for triage, analysis, document, and system ops - Ollama: hardware probe, model recommendations, pull/delete with events - RCA and blameless post-mortem Markdown document generators - PDF export via printpdf - Audit log: SHA-256 hash of every external data send - Integration stubs for Confluence, ServiceNow, Azure DevOps (v0.2) Frontend (React 18 + TypeScript + Vite, src/): - 9 pages: full triage workflow NewIssue→LogUpload→Triage→Resolution→RCA→Postmortem→History+Settings - 7 components: ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI primitives - 3 Zustand stores: session, settings (persisted), history - Type-safe tauriCommands.ts matching Rust backend types exactly - 8 IT domain system prompts (Linux, Windows, Network, K8s, DB, Virt, HW, Obs) DevOps: - .woodpecker/test.yml: rustfmt, clippy, cargo test, tsc, vitest on every push - .woodpecker/release.yml: linux/amd64 + linux/arm64 builds, Gogs release upload Verified: - cargo check: zero errors - tsc --noEmit: zero errors - vitest run: 13/13 unit tests passing Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
114 lines
2.5 KiB
Markdown
114 lines
2.5 KiB
Markdown
validate-npm-package-license
|
|
============================
|
|
|
|
Give me a string and I'll tell you if it's a valid npm package license string.
|
|
|
|
```javascript
|
|
var valid = require('validate-npm-package-license');
|
|
```
|
|
|
|
SPDX license identifiers are valid license strings:
|
|
|
|
```javascript
|
|
|
|
var assert = require('assert');
|
|
var validSPDXExpression = {
|
|
validForNewPackages: true,
|
|
validForOldPackages: true,
|
|
spdx: true
|
|
};
|
|
|
|
assert.deepEqual(valid('MIT'), validSPDXExpression);
|
|
assert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);
|
|
assert.deepEqual(valid('Apache-2.0'), validSPDXExpression);
|
|
assert.deepEqual(valid('ISC'), validSPDXExpression);
|
|
```
|
|
The function will return a warning and suggestion for nearly-correct license identifiers:
|
|
|
|
```javascript
|
|
assert.deepEqual(
|
|
valid('Apache 2.0'),
|
|
{
|
|
validForOldPackages: false,
|
|
validForNewPackages: false,
|
|
warnings: [
|
|
'license should be ' +
|
|
'a valid SPDX license expression (without "LicenseRef"), ' +
|
|
'"UNLICENSED", or ' +
|
|
'"SEE LICENSE IN <filename>"',
|
|
'license is similar to the valid expression "Apache-2.0"'
|
|
]
|
|
}
|
|
);
|
|
```
|
|
|
|
SPDX expressions are valid, too ...
|
|
|
|
```javascript
|
|
// Simple SPDX license expression for dual licensing
|
|
assert.deepEqual(
|
|
valid('(GPL-3.0-only OR BSD-2-Clause)'),
|
|
validSPDXExpression
|
|
);
|
|
```
|
|
|
|
... except if they contain `LicenseRef`:
|
|
|
|
```javascript
|
|
var warningAboutLicenseRef = {
|
|
validForOldPackages: false,
|
|
validForNewPackages: false,
|
|
spdx: true,
|
|
warnings: [
|
|
'license should be ' +
|
|
'a valid SPDX license expression (without "LicenseRef"), ' +
|
|
'"UNLICENSED", or ' +
|
|
'"SEE LICENSE IN <filename>"',
|
|
]
|
|
};
|
|
|
|
assert.deepEqual(
|
|
valid('LicenseRef-Made-Up'),
|
|
warningAboutLicenseRef
|
|
);
|
|
|
|
assert.deepEqual(
|
|
valid('(MIT OR LicenseRef-Made-Up)'),
|
|
warningAboutLicenseRef
|
|
);
|
|
```
|
|
|
|
If you can't describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:
|
|
|
|
```javascript
|
|
assert.deepEqual(
|
|
valid('SEE LICENSE IN LICENSE.txt'),
|
|
{
|
|
validForNewPackages: true,
|
|
validForOldPackages: true,
|
|
inFile: 'LICENSE.txt'
|
|
}
|
|
);
|
|
|
|
assert.deepEqual(
|
|
valid('SEE LICENSE IN license.md'),
|
|
{
|
|
validForNewPackages: true,
|
|
validForOldPackages: true,
|
|
inFile: 'license.md'
|
|
}
|
|
);
|
|
```
|
|
|
|
If there aren't any licensing terms, use `UNLICENSED`:
|
|
|
|
```javascript
|
|
var unlicensed = {
|
|
validForNewPackages: true,
|
|
validForOldPackages: true,
|
|
unlicensed: true
|
|
};
|
|
assert.deepEqual(valid('UNLICENSED'), unlicensed);
|
|
assert.deepEqual(valid('UNLICENCED'), unlicensed);
|
|
```
|