diff options
| -rw-r--r-- | lib/license/finder/ext/yarn.rb | 8 | ||||
| -rw-r--r-- | spec/integration/js/yarn_spec.rb | 37 |
2 files changed, 44 insertions, 1 deletions
diff --git a/lib/license/finder/ext/yarn.rb b/lib/license/finder/ext/yarn.rb index dba096b..f9187ce 100644 --- a/lib/license/finder/ext/yarn.rb +++ b/lib/license/finder/ext/yarn.rb @@ -26,7 +26,7 @@ module LicenseFinder :yarn, :install, '--ignore-engines', '--ignore-scripts', '--production' - ]) + ], env: default_env) end end @@ -90,5 +90,11 @@ module LicenseFinder [YarnPackage.new(matches['name'], matches['version'], spec_licenses: ['unknown'])] end + + def default_env + return {} unless shell.custom_certificate_installed? + + { 'NPM_CONFIG_CAFILE' => ENV.fetch('NPM_CONFIG_CAFILE', shell.custom_certificate_path.to_s) } + end end end diff --git a/spec/integration/js/yarn_spec.rb b/spec/integration/js/yarn_spec.rb index 47d340d..1e0eb52 100644 --- a/spec/integration/js/yarn_spec.rb +++ b/spec/integration/js/yarn_spec.rb @@ -149,4 +149,41 @@ RSpec.describe "yarn" do end end end + + context "when scanning a project with dependencies sourced from a custom registry" do + subject { runner.scan(env: { 'ADDITIONAL_CA_CERT_BUNDLE' => fixture_file_content('js/custom-npm.crt') }) } + + before do + runner.add_file(".yarnrc.yml", "npmRegistryServer: \"https://#{private_npm_host}\"") + + runner.add_file("package.json") do + JSON.pretty_generate({ + name: "js-yarn", + version: "1.0.0", + description: "Test project for js-yarn", + dependencies: { + lodash: "4.17.10" + }, + devDependencies: {}, + scripts: { test: "echo 'test'" } + }) + end + runner.add_file("yarn.lock") do + <<-SCRIPT +# THIS IS AN AUTOGENERATED FILE. DO NOT EDIT THIS FILE DIRECTLY. +# yarn lockfile v1 + + +lodash@4.17.10: + version "4.17.10" + resolved "https://#{private_npm_host}/lodash/-/lodash-4.17.10.tgz#1b7793cf7259ea38fb3661d4d38b3260af8ae4e7" + integrity sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg== + SCRIPT + end + end + + specify { expect(subject).to match_schema(version: '2.0') } + specify { expect(subject.dependency_names).to match_array(%w[lodash]) } + specify { expect(subject.licenses_for('lodash')).to match_array(['MIT']) } + end end |