fix: don't flag a license change when there is no previous version#2792
Open
jp-knj wants to merge 3 commits into
Open
fix: don't flag a license change when there is no previous version#2792jp-knj wants to merge 3 commits into
jp-knj wants to merge 3 commits into
Conversation
Contributor
|
The latest updates on your projects. Learn more about Vercel for GitHub.
2 Skipped Deployments
|
Contributor
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Run ID: 📒 Files selected for processing (1)
📝 WalkthroughSummary by CodeRabbit
WalkthroughThis PR adds a shared license normalisation helper, uses it in the license-change handler and a composable, guards comparisons to only run when a real prior version exists, and adds Vitest coverage for the license-change endpoint covering multiple version/license scenarios. ChangesLicense-change handler fix and validation
Sequence Diagram(s)(omitted — changes are compact and do not require a multi-component sequence diagram) Possibly related PRs
Suggested reviewers
🚥 Pre-merge checks | ✅ 4✅ Passed checks (4 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
Hello! Thank you for opening your first PR to npmx, @jp-knj! 🚀 Here’s what will happen next:
|
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Actionable comments posted: 2
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@server/api/registry/license-change/`[...pkg].get.ts:
- Around line 50-51: Normalize license values the same way as the timeline
handler: instead of using String(...) for currentLicense and previousLicense,
detect if versions[currentVersionIndex]?.license or
versions[previousVersionIndex]?.license is an object and, if so, use its .type
property (fallback to 'UNKNOWN' if missing); otherwise use the string value.
Update the assignments that set currentLicense and previousLicense (referencing
versions, currentVersionIndex, previousVersionIndex) to perform this object
check and extraction so change detection reports the actual license.type rather
than "[object Object]".
In `@test/unit/server/api/registry/license-change/pkg.get.spec.ts`:
- Around line 37-190: Add a new test in this spec to exercise object-shaped
licenses: create a case (similar to the suggested snippet) that sets routerParam
= 'my-pkg', mocks fetchNpmPackageMock via makePackument to return versions where
license values are objects (e.g. { type: 'MIT' } and { type: 'Apache-2.0', url:
'...' }), call handler(fakeEvent), and assert the returned change equals { from:
'MIT', to: 'Apache-2.0' }; this ensures the handler's license normalization
logic (used when reading packument versions) correctly extracts the type field
from object licenses.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: c0f1dfca-89e7-461a-88fa-6539b5ef9d3d
📒 Files selected for processing (2)
server/api/registry/license-change/[...pkg].get.tstest/unit/server/api/registry/license-change/pkg.get.spec.ts
jp-knj
added a commit
to jp-knj/npmx.dev
that referenced
this pull request
May 25, 2026
The license field can be an object ({ type, url }), where String() would
yield "[object Object]". Reuse normalizeLicense (moved from usePackage to
shared/utils/npm) to extract the type, so change detection compares real
license values. Adds an object-license test case.
Addresses review feedback on npmx-dev#2792.
jp-knj
force-pushed
the
fix/2720-license-change-no-previous-version
branch
from
2d1cf32 to
8181098
Compare
…rsion
Don't flag a license change when there's no real previous version (new
single-version packages were diffing against a phantom 'UNKNOWN'), and
normalize object-shaped licenses ({ type, url }) so comparisons use the
real value instead of "[object Object]". Adds unit tests.
Closes npmx-dev#2720
jp-knj
force-pushed
the
fix/2720-license-change-no-previous-version
branch
from
8181098 to
b0e32ce
Compare
jp-knj
force-pushed
the
fix/2720-license-change-no-previous-version
branch
from
f5a8ac1 to
62bdd11
Compare
Contributor
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@test/unit/server/api/registry/license-change/pkg.get.spec.ts`:
- Around line 109-110: The fixtures use `as never` to silence types for the
`license` objects; instead, change the test to use the proper `PackumentLicense`
type so the objects stay type-safe—import `PackumentLicense` and either pass it
as the generic/type parameter to `makePackument` (or annotate the
`versions`/`license` field in the `makePackument` call) so the entries like `{
license: { type: 'MIT' } }` and `{ license: { type: 'Apache-2.0', url:
'https://example.com' } }` are typed as `PackumentLicense` and remove the `as
never` casts. Ensure you update the `makePackument` invocation in this spec to
use that type.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
Run ID: 352fe720-f2be-4d5e-accc-af66a3c789b9
📒 Files selected for processing (4)
app/composables/npm/usePackage.tsserver/api/registry/license-change/[...pkg].get.tsshared/utils/npm.tstest/unit/server/api/registry/license-change/pkg.get.spec.ts
gameroman
added
the
needs review
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #2720.
Summary
Fix false-positive license change warnings for packages that have no previous version.
Added unit tests for the new-package case and normal license-change comparisons.
Test plan
test/unit/server/api/registry/license-change/pkg.get.spec.tspnpm lintcleanpnpm test:typespasses/package/vsxtools/v/0.0.1no longer shows a license-change warning; a multi-version package with an actual license change still does