Navigation

    Inedo Community Forums

    Forums

    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. p.boeren_9744
    P
    • Profile
    • Following
    • Followers
    • Topics
    • Posts
    • Best
    • Groups

    p.boeren_9744

    @p.boeren_9744

    0
    Reputation
    5
    Posts
    1
    Profile views
    0
    Followers
    0
    Following
    Joined Last Online

    p.boeren_9744 Follow

    Best posts made by p.boeren_9744

    This user hasn't posted anything yet.

    Latest posts made by p.boeren_9744

    • RE: Whitelist npm packages licenses

      When trying to add a license via the API for a certain feed, the license is allowed at all feeds (thus created at global level).

      When I create a license via the api (api/management/licenses/create) with this body:

      {
        "licenseId": "package://@progress/kendo-react-grid/5.0.1/",
        "title": "package://@progress/kendo-react-grid/5.0.1/",
        "urls": [
          "package://@progress/kendo-react-grid/5.0.1/package/LICENSE.md"
        ],
        "allowed": true,
        "allowedFeeds": ["NpmLicenseTest"],
        "blockedFeeds": []
      }
      

      The license is properly created according to the api (api/management/licenses/list):

       {
              "licenseId": "package://@progress/kendo-react-grid/5.0.1/",
              "title": "package://@progress/kendo-react-grid/5.0.1/",
              "urls": [
                  "package://@progress/kendo-react-grid/5.0.1/package/LICENSE.md"
              ],
              "allowed": true,
              "allowedFeeds": [
                  "NpmLicenseTest"
              ],
              "blockedFeeds": []
          },
          {
              "licenseId": "package://@progress/kendo-react-popup/5.0.1/",
              "title": "package://@progress/kendo-react-popup/5.0.1/",
              "urls": [
                  "package://@progress/kendo-react-popup/5.0.1/package/LICENSE.md"
              ],
              "allowed": true,
              "allowedFeeds": [
                  "NpmLicenseTest"
              ],
              "blockedFeeds": []
          },
      

      (the popup, license was added via the UI), but the license is actually created at global level (and thus visible in all other feeds):

      c5926d0e-373b-4716-80dd-f23c57e93548-image.png

      Do I call the API incorrectly, or is this a bug?

      posted in Support
      P
      p.boeren_9744
    • RE: Whitelist npm packages licenses

      Would it be possible to take the "show/hide prerelease" option into account when assigning a license? Now it always takes the latest package (which quite often is a pre-release version) which is a bit confusing. For example (License URL is for a 5.1.0 dev version):

      9df35036-e965-43c1-b71e-d649b927f716-image.png

      posted in Support
      P
      p.boeren_9744
    • RE: Whitelist npm packages licenses

      That's great! Thanks!

      posted in Support
      P
      p.boeren_9744
    • Whitelist npm packages licenses

      I'm currently evaluating ProGet Basic (we're using the free version for some years now), and especially the license filtering, but I'm having issues with packages which don't specify the license correctly.
      We own a commercial license for Kendo-React from Telerik, that consists of a lot of npm packages. For example:

      • https://www.npmjs.com/package/@progress/kendo-react-buttons
      • https://www.npmjs.com/package/@progress/kendo-react-popup
      • https://www.npmjs.com/package/@progress/kendo-react-grid

      They all have a license of "SEE LICENSE IN LICENSE.md" and ProGet seems to only be able to create a licensing rule (I deny everything, and whitelist specific licenses) with that exact SPDX. But that has a big side effect: any package with that license, will be allowed. Which makes the license checking unreliable, since we're losing control over which licenses we really want to allow.

      So my question: is there a feature planned for whitelisting specific packages (preferably with a specific version as well, since licenses can change between versions)?

      While writing I think that a possible workaround would be to create a scoped registry specific for the @progress packages, but that would probably not work well with global license filters. Any other suggestions?

      posted in Support
      P
      p.boeren_9744
    • RE: Npm packages not visible when running onder IIS

      I have sent a Fiddler dump to the mentioned email, hopefully confirming the thoughts of @Dan_Woolf.

      Can you confirm that this is indeed the case? Will save @lockhead some time :)

      posted in Support
      P
      p.boeren_9744