diff options
Diffstat (limited to 'deps/npm/node_modules/spdx-expression-parse')
7 files changed, 491 insertions, 0 deletions
diff --git a/deps/npm/node_modules/spdx-expression-parse/AUTHORS b/deps/npm/node_modules/spdx-expression-parse/AUTHORS new file mode 100644 index 0000000000..257a76b948 --- /dev/null +++ b/deps/npm/node_modules/spdx-expression-parse/AUTHORS @@ -0,0 +1,4 @@ +C. Scott Ananian <cscott@cscott.net> (http://cscott.net) +Kyle E. Mitchell <kyle@kemitchell.com> (https://kemitchell.com) +Shinnosuke Watanabe <snnskwtnb@gmail.com> +Antoine Motet <antoine.motet@gmail.com> diff --git a/deps/npm/node_modules/spdx-expression-parse/LICENSE b/deps/npm/node_modules/spdx-expression-parse/LICENSE new file mode 100644 index 0000000000..831618eaba --- /dev/null +++ b/deps/npm/node_modules/spdx-expression-parse/LICENSE @@ -0,0 +1,22 @@ +The MIT License + +Copyright (c) 2015 Kyle E. Mitchell & other authors listed in AUTHORS + +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: + +The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/deps/npm/node_modules/spdx-expression-parse/README.md b/deps/npm/node_modules/spdx-expression-parse/README.md new file mode 100644 index 0000000000..514895b7d3 --- /dev/null +++ b/deps/npm/node_modules/spdx-expression-parse/README.md @@ -0,0 +1,91 @@ +This package parses [SPDX license expression](https://spdx.org/spdx-specification-21-web-version#h.jxpfx0ykyb60) strings describing license terms, like [package.json license strings](https://docs.npmjs.com/files/package.json#license), into consistently structured ECMAScript objects. The npm command-line interface depends on this package, as do many automatic license-audit tools. + +In a nutshell: + +```javascript +var parse = require('spdx-expression-parse') +var assert = require('assert') + +assert.deepEqual( + // Licensed under the terms of the Two-Clause BSD License. + parse('BSD-2-Clause'), + {license: 'BSD-2-Clause'} +) + +assert.throws(function () { + // An invalid SPDX license expression. + // Should be `Apache-2.0`. + parse('Apache 2') +}) + +assert.deepEqual( + // Dual licensed under either: + // - LGPL 2.1 + // - a combination of Three-Clause BSD and MIT + parse('(LGPL-2.1 OR BSD-3-Clause AND MIT)'), + { + left: {license: 'LGPL-2.1'}, + conjunction: 'or', + right: { + left: {license: 'BSD-3-Clause'}, + conjunction: 'and', + right: {license: 'MIT'} + } + } +) +``` + +The syntax comes from the [Software Package Data eXchange (SPDX)](https://spdx.org/), a standard from the [Linux Foundation](https://www.linuxfoundation.org) for shareable data about software package license terms. SPDX aims to make sharing and auditing license data easy, especially for users of open-source software. + +The bulk of the SPDX standard describes syntax and semantics of XML metadata files. This package implements two lightweight, plain-text components of that larger standard: + +1. The [license list](https://spdx.org/licenses), a mapping from specific string identifiers, like `Apache-2.0`, to standard form license texts and bolt-on license exceptions. The [spdx-license-ids](https://www.npmjs.com/package/spdx-exceptions) and [spdx-exceptions](https://www.npmjs.com/package/spdx-license-ids) packages implement the license list. `spdx-expression-parse` depends on and `require()`s them. + + Any license identifier from the license list is a valid license expression: + + ```javascript + var identifiers = [] + .concat(require('spdx-license-ids')) + .concat(require('spdx-license-ids/deprecated')) + + identifiers.forEach(function (id) { + assert.deepEqual(parse(id), {license: id}) + }) + ``` + + So is any license identifier `WITH` a standardized license exception: + + ```javascript + identifiers.forEach(function (id) { + require('spdx-exceptions').forEach(function (e) { + assert.deepEqual( + parse(id + ' WITH ' + e), + {license: id, exception: e} + ) + }) + }) + ``` + +2. The license expression language, for describing simple and complex license terms, like `MIT` for MIT-licensed and `(GPL-2.0 OR Apache-2.0)` for dual-licensing under GPL 2.0 and Apache 2.0. `spdx-expression-parse` itself implements license expression language, exporting a parser. + + ```javascript + assert.deepEqual( + // Licensed under a combination of: + // - the MIT License AND + // - a combination of: + // - LGPL 2.1 (or a later version) AND + // - Three-Clause BSD + parse('(MIT AND (LGPL-2.1+ AND BSD-3-Clause))'), + { + left: {license: 'MIT'}, + conjunction: 'and', + right: { + left: {license: 'LGPL-2.1', plus: true}, + conjunction: 'and', + right: {license: 'BSD-3-Clause'} + } + } + ) + ``` + +The Linux Foundation and its contributors license the SPDX standard under the terms of [the Creative Commons Attribution License 3.0 Unported (SPDX: "CC-BY-3.0")](http://spdx.org/licenses/CC-BY-3.0). "SPDX" is a United States federally registered trademark of the Linux Foundation. The authors of this package license their work under the terms of the MIT License. diff --git a/deps/npm/node_modules/spdx-expression-parse/index.js b/deps/npm/node_modules/spdx-expression-parse/index.js new file mode 100644 index 0000000000..52fab560ae --- /dev/null +++ b/deps/npm/node_modules/spdx-expression-parse/index.js @@ -0,0 +1,8 @@ +'use strict' + +var scan = require('./scan') +var parse = require('./parse') + +module.exports = function (source) { + return parse(scan(source)) +} diff --git a/deps/npm/node_modules/spdx-expression-parse/package.json b/deps/npm/node_modules/spdx-expression-parse/package.json new file mode 100644 index 0000000000..8f7fa1d268 --- /dev/null +++ b/deps/npm/node_modules/spdx-expression-parse/package.json @@ -0,0 +1,97 @@ +{ + "_from": "spdx-expression-parse@^3.0.0", + "_id": "spdx-expression-parse@3.0.0", + "_inBundle": false, + "_integrity": "sha512-Yg6D3XpRD4kkOmTpdgbUiEJFKghJH03fiC1OPll5h/0sO6neh2jqRDVHOQ4o/LMea0tgCkbMgea5ip/e+MkWyg==", + "_location": "/spdx-expression-parse", + "_phantomChildren": {}, + "_requested": { + "type": "range", + "registry": true, + "raw": "spdx-expression-parse@^3.0.0", + "name": "spdx-expression-parse", + "escapedName": "spdx-expression-parse", + "rawSpec": "^3.0.0", + "saveSpec": null, + "fetchSpec": "^3.0.0" + }, + "_requiredBy": [ + "/spdx-correct", + "/validate-npm-package-license" + ], + "_resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.0.tgz", + "_shasum": "99e119b7a5da00e05491c9fa338b7904823b41d0", + "_spec": "spdx-expression-parse@^3.0.0", + "_where": "/Users/rebecca/code/npm/node_modules/validate-npm-package-license", + "author": { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "http://kemitchell.com" + }, + "bugs": { + "url": "https://github.com/jslicense/spdx-expression-parse.js/issues" + }, + "bundleDependencies": false, + "contributors": [ + { + "name": "C. Scott Ananian", + "email": "cscott@cscott.net", + "url": "http://cscott.net" + }, + { + "name": "Kyle E. Mitchell", + "email": "kyle@kemitchell.com", + "url": "https://kemitchell.com" + }, + { + "name": "Shinnosuke Watanabe", + "email": "snnskwtnb@gmail.com" + }, + { + "name": "Antoine Motet", + "email": "antoine.motet@gmail.com" + } + ], + "dependencies": { + "spdx-exceptions": "^2.1.0", + "spdx-license-ids": "^3.0.0" + }, + "deprecated": false, + "description": "parse SPDX license expressions", + "devDependencies": { + "defence-cli": "^2.0.1", + "mocha": "^3.4.2", + "replace-require-self": "^1.0.0", + "standard": "^10.0.2" + }, + "files": [ + "AUTHORS", + "index.js", + "parse.js", + "scan.js" + ], + "homepage": "https://github.com/jslicense/spdx-expression-parse.js#readme", + "keywords": [ + "SPDX", + "law", + "legal", + "license", + "metadata", + "package", + "package.json", + "standards" + ], + "license": "MIT", + "name": "spdx-expression-parse", + "repository": { + "type": "git", + "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git" + }, + "scripts": { + "lint": "standard", + "test": "npm run test:mocha && npm run test:readme", + "test:mocha": "mocha test/index.js", + "test:readme": "defence -i javascript README.md | replace-require-self | node" + }, + "version": "3.0.0" +} diff --git a/deps/npm/node_modules/spdx-expression-parse/parse.js b/deps/npm/node_modules/spdx-expression-parse/parse.js new file mode 100644 index 0000000000..a4a52ce93c --- /dev/null +++ b/deps/npm/node_modules/spdx-expression-parse/parse.js @@ -0,0 +1,138 @@ +'use strict' + +// The ABNF grammar in the spec is totally ambiguous. +// +// This parser follows the operator precedence defined in the +// `Order of Precedence and Parentheses` section. + +module.exports = function (tokens) { + var index = 0 + + function hasMore () { + return index < tokens.length + } + + function token () { + return hasMore() ? tokens[index] : null + } + + function next () { + if (!hasMore()) { + throw new Error() + } + index++ + } + + function parseOperator (operator) { + var t = token() + if (t && t.type === 'OPERATOR' && operator === t.string) { + next() + return t.string + } + } + + function parseWith () { + if (parseOperator('WITH')) { + var t = token() + if (t && t.type === 'EXCEPTION') { + next() + return t.string + } + throw new Error('Expected exception after `WITH`') + } + } + + function parseLicenseRef () { + // TODO: Actually, everything is concatenated into one string + // for backward-compatibility but it could be better to return + // a nice structure. + var begin = index + var string = '' + var t = token() + if (t.type === 'DOCUMENTREF') { + next() + string += 'DocumentRef-' + t.string + ':' + if (!parseOperator(':')) { + throw new Error('Expected `:` after `DocumentRef-...`') + } + } + t = token() + if (t.type === 'LICENSEREF') { + next() + string += 'LicenseRef-' + t.string + return {license: string} + } + index = begin + } + + function parseLicense () { + var t = token() + if (t && t.type === 'LICENSE') { + next() + var node = {license: t.string} + if (parseOperator('+')) { + node.plus = true + } + var exception = parseWith() + if (exception) { + node.exception = exception + } + return node + } + } + + function parseParenthesizedExpression () { + var left = parseOperator('(') + if (!left) { + return + } + + var expr = parseExpression() + + if (!parseOperator(')')) { + throw new Error('Expected `)`') + } + + return expr + } + + function parseAtom () { + return ( + parseParenthesizedExpression() || + parseLicenseRef() || + parseLicense() + ) + } + + function makeBinaryOpParser (operator, nextParser) { + return function parseBinaryOp () { + var left = nextParser() + if (!left) { + return + } + + if (!parseOperator(operator)) { + return left + } + + var right = parseBinaryOp() + if (!right) { + throw new Error('Expected expression') + } + return { + left: left, + conjunction: operator.toLowerCase(), + right: right + } + } + } + + var parseAnd = makeBinaryOpParser('AND', parseAtom) + var parseExpression = makeBinaryOpParser('OR', parseAnd) + + var node = parseExpression() + if (!node || hasMore()) { + throw new Error('Syntax error') + } + return node +} diff --git a/deps/npm/node_modules/spdx-expression-parse/scan.js b/deps/npm/node_modules/spdx-expression-parse/scan.js new file mode 100644 index 0000000000..d0567f494b --- /dev/null +++ b/deps/npm/node_modules/spdx-expression-parse/scan.js @@ -0,0 +1,131 @@ +'use strict' + +var licenses = [] + .concat(require('spdx-license-ids')) + .concat(require('spdx-license-ids/deprecated')) +var exceptions = require('spdx-exceptions') + +module.exports = function (source) { + var index = 0 + + function hasMore () { + return index < source.length + } + + // `value` can be a regexp or a string. + // If it is recognized, the matching source string is returned and + // the index is incremented. Otherwise `undefined` is returned. + function read (value) { + if (value instanceof RegExp) { + var chars = source.slice(index) + var match = chars.match(value) + if (match) { + index += match[0].length + return match[0] + } + } else { + if (source.indexOf(value, index) === index) { + index += value.length + return value + } + } + } + + function skipWhitespace () { + read(/[ ]*/) + } + + function operator () { + var string + var possibilities = ['WITH', 'AND', 'OR', '(', ')', ':', '+'] + for (var i = 0; i < possibilities.length; i++) { + string = read(possibilities[i]) + if (string) { + break + } + } + + if (string === '+' && index > 1 && source[index - 2] === ' ') { + throw new Error('Space before `+`') + } + + return string && { + type: 'OPERATOR', + string: string + } + } + + function idstring () { + return read(/[A-Za-z0-9-.]+/) + } + + function expectIdstring () { + var string = idstring() + if (!string) { + throw new Error('Expected idstring at offset ' + index) + } + return string + } + + function documentRef () { + if (read('DocumentRef-')) { + var string = expectIdstring() + return {type: 'DOCUMENTREF', string: string} + } + } + + function licenseRef () { + if (read('LicenseRef-')) { + var string = expectIdstring() + return {type: 'LICENSEREF', string: string} + } + } + + function identifier () { + var begin = index + var string = idstring() + + if (licenses.indexOf(string) !== -1) { + return { + type: 'LICENSE', + string: string + } + } else if (exceptions.indexOf(string) !== -1) { + return { + type: 'EXCEPTION', + string: string + } + } + + index = begin + } + + // Tries to read the next token. Returns `undefined` if no token is + // recognized. + function parseToken () { + // Ordering matters + return ( + operator() || + documentRef() || + licenseRef() || + identifier() + ) + } + + var tokens = [] + while (hasMore()) { + skipWhitespace() + if (!hasMore()) { + break + } + + var token = parseToken() + if (!token) { + throw new Error('Unexpected `' + source[index] + + '` at offset ' + index) + } + + tokens.push(token) + } + return tokens +} |