feat: add a warning when the package license changes#2188
feat: add a warning when the package license changes#2188aisiklar wants to merge 23 commits intonpmx-dev:mainfrom
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
2 Skipped Deployments
|
Lunaria Status Overview🌕 This pull request will trigger status changes. Learn moreBy default, every PR changing files present in the Lunaria configuration's You can change this by adding one of the keywords present in the Tracked Files
Warnings reference
|
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughThis change introduces a license-change detection and notification system for package versions. A new composable fetches npm registry metadata for a given package, extracts and chronologically sorts all versions, then compares licenses between consecutive versions to identify transitions. When changes are detected, they are displayed via a warning component that renders an amber alert panel with formatted change details. Supporting internationalization strings have been added to the schema and locale files in English and Turkish. Suggested reviewers
🚥 Pre-merge checks | ✅ 3✅ Passed checks (3 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
ghostdevv
changed the title
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: f7c1c88e-8b86-4447-9fdb-bfbc10c1ff70
📒 Files selected for processing (6)
app/components/LicenseDisplay.vueapp/composables/useLicenseChanges.tsapp/pages/package/[[org]]/[name].vuei18n/locales/en.jsoni18n/locales/tr-TR.jsoni18n/schema.json
hi @ghostdevv |
|
Awesome! I'll mark this as draft for now, and you can mark it as ready when you want me to take another look! |
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
…sorting versions to date of release
|
Hi @ghostdevv |
There was a problem hiding this comment.
Actionable comments posted: 2
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 274b5e5e-8053-43ca-946d-f111b04b96f3
📒 Files selected for processing (5)
app/components/LicenseDisplay.vueapp/composables/useLicenseChanges.tsi18n/locales/en.jsoni18n/locales/tr-TR.jsoni18n/schema.json
✅ Files skipped from review due to trivial changes (2)
- i18n/locales/en.json
- i18n/schema.json
🚧 Files skipped from review as they are similar to previous changes (2)
- i18n/locales/tr-TR.json
- app/composables/useLicenseChanges.ts
app/components/LicenseDisplay.vue
Outdated
| aria-hidden="true" | ||
| /> | ||
| </span> | ||
| <div |
There was a problem hiding this comment.
Hey, the warning should be here like the package size increase one
app/composables/useLicenseChanges.ts
Outdated
| let prevLicense: string | undefined = undefined | ||
|
|
||
| // `data.versions` is an object with version keys | ||
| const versions = Object.values(data.versions) as NpmRegistryVersion[] |
There was a problem hiding this comment.
I think we should only compare to the last version, there is some logic here that could be reused (you can move it into its own utility file in shared too
npmx.dev/app/composables/useInstallSizeDiff.ts
Lines 19 to 39 in 1dd1be9
|
Hi @ghostdevv thanks for the comments. I am working on them. |
Co-authored-by: James Garbutt <[email protected]>
|
to help just confirm the UX, wording, etc. do you have an example package that changed license? so we can see how the notice looks since your changes |
Hi @43081j edit: i also added the Turkish translation |
|
Strange, that's the one I tried since it's what's in your screenshot. But I don't see a notice on the preview for it. edit: ignore me, its the vercel deployment comment misbehaving |
Hello @43081j In case there is a problem please return. thanks 
|
|
yup i did approve it because the code looked good 👍 sorry it is my mistake, somehow i ended up on the live site rather than the preview. once i can see this in a preview i think the PR is good. |
|
ok here: this. this doesn't show the notice. edit: ok super weird - sometimes it shows. |
If we compute the license change in the warning component, it is possible the fetch resolves _after_ SSR completes it seems. So this means the result is null and no notice is shown (via SSR). When you later navigate to a version, the client does an actual fetch and the notice is now shown. To fix this, I've moved the license change call to the page which is how all other composables in this page work. The license warning component then just consumes the change data.
Co-authored-by: James Garbutt <[email protected]>
Co-authored-by: James Garbutt <[email protected]>
Hi @43081j Regarding the race condition, my humble thoughts are below: |
| getKey: event => { | ||
| const pkg = getRouterParam(event, 'pkg') ?? '' | ||
| const query = getQuery(event) | ||
|
|
||
| // 1. remove the /'s from the package name | ||
| const cleanPkg = pkg.replace(/\/+$/, '').trim() | ||
|
|
||
| // 2. Get the version (default to 'latest' if not provided) | ||
| const version = query.version || 'latest' | ||
|
|
||
| // 3. Create a unique string including the version | ||
| // Result: "license-change:v1:lodash:4.17.21" | ||
| return `license-change:v2:${cleanPkg}:${version}` | ||
| }, |
There was a problem hiding this comment.
The other getKey fns seem to be less complex, is there a reason for the additions?
e.g.
npmx.dev/server/api/registry/analysis/[...pkg].get.ts
Lines 61 to 64 in 7f1e259
There was a problem hiding this comment.
Hi @ghostdevv
Checking something, will return you ASAP.
3 participants
🔗 Linked issue
fixes #1826
🧭 Context
added info/warning beneath the license info, "changed!" if there is a change in the license with additional tooltip which shows info about the change, similar to "from x to y at version a.b".
Also modified the Turkish language support too.
📚 Description
as mentioned in the issue, sometimes license changes and it is important to notify the potential user of the package. This pull request is done to make sure that if there is a change in the license the user will be able to see it and also will get info about the details of the change (like from x license to y license and at version a.b.c)
The following changes are done to the codebase:
modified the [name].vue file: added a new props to LicenseDisplay component.
new composable, useLicenseChanges is written.
In the LicenseDisplay component, changes were made to use this composable and add new element for displaying info about the changed license.
Additionally, en.json and tr-TR.json and schema.json files are modified, to add i18n infrastructure and add Turkish language support (for other languages, additional changes are required)
before:
after:
