Commit 3877896
committed
fix(node): Fix a mistake in
ORT runs `npm list --depth Infinity` to obtain a de-duplicated
or rather truncated dependency tree. The data model for the tree
nodes is the `ModuleInfo` class. Truncated nodes have the dependencies
stripped, which is why `undoDeduplication()` patches up any truncated
node by copying the `dependencies` from a non-truncated node
corresponding to the same package.
However, the truncated node not just lacks the dependencies, but also
has further properties not set. So, adjust the logic to cover all
properties to ensure each truncated node is patched up completely.
This fixes an issue where a patched node accidentally had `resolved` set
to `null`, which lead to `isProject` returning `false`, which in turn
lead to `NpmDependencyHandler.createPackage()` returning `null`. As
result the analyzer aborted with [^1].
[^1]: Exception in thread "main" java.lang.IllegalArgumentException:
The following references do not actually refer to packages:
'$PACKAGE'.
at org.ossreviewtoolkit.model.utils.DependencyGraphBuilder
.checkReferences()
Signed-off-by: Frank Viernau <frank.viernau@gmail.com>undoDeduplication()
1 parent 5dc8acb commit 3877896
1 file changed
Lines changed: 6 additions & 5 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
244 | 244 | | |
245 | 245 | | |
246 | 246 | | |
247 | | - | |
248 | | - | |
249 | | - | |
250 | | - | |
| 247 | + | |
251 | 248 | | |
252 | | - | |
| 249 | + | |
| 250 | + | |
| 251 | + | |
| 252 | + | |
| 253 | + | |
253 | 254 | | |
254 | 255 | | |
255 | 256 | | |
| |||
0 commit comments