update before first release

Signed-off-by: Marc Dumais <[email protected]>

Author: marcdumais-work

.github/workflows/license-check.yml

@@ -51,7 +51,7 @@ jobs:
           # build a local npm package "payload" and install it
           npm pack
           npm install
-          npm install --no-save ./dash-licenses-wrapper-*.tgz
+          npm install --no-save ./eclipse-dash-nodejs-wrapper-*.tgz 
           npx dash-licenses-wrapper --inputFile=package-lock.json
         env:
           DASH_LICENSES_PAT: ${{ secrets.DASH_LICENSES_PAT }}

.gitignore

@@ -1,4 +1,4 @@
 node_modules
 download
-dependency-check-summary.txt
+dependency-check-summary*
 license-check-summary*

NOTICE.md

@@ -0,0 +1,45 @@
+# Notices for Eclipse Dash
+
+This content is produced and maintained by the Eclipse Dash project.
+
+* Project home: https://projects.eclipse.org/projects/technology.dash
+
+## Trademarks
+
+Eclipse Dash™ is a trademark of the Eclipse Foundation.
+
+## Copyright
+
+All content is the property of the respective authors or their employers. For
+more information regarding authorship of content, please consult the listed
+source code repository logs.
+
+## Declared Project Licenses
+
+This program and the accompanying materials are made available under the terms
+of the Eclipse Public License v. 2.0 which is available at
+https://www.eclipse.org/legal/epl-2.0.
+
+SPDX-License-Identifier: EPL-2.0
+
+## Source Code
+
+The project maintains the following source code repositories:
+
+* https://github.com/eclipse-dash/.github
+* https://github.com/eclipse-dash/nodejs-wrapper
+* https://github.com/eclipse/dash-licenses
+* https://gitlab.eclipse.org/eclipse/technology/dash/eclipse-api-for-java.git
+* https://gitlab.eclipse.org/eclipse/technology/dash/eclipse-project-code.git
+* https://gitlab.eclipse.org/eclipse/technology/dash/license-tool/nodejs-wrapper.git
+* https://gitlab.eclipse.org/eclipse/technology/dash/org.eclipse.dash.handbook.git
+
+## Cryptography
+
+Content may contain encryption software. The country in which you are currently
+may have restrictions on the import, possession, and use, and/or re-export to
+another country, of encryption software. BEFORE using any encryption software,
+please check the country's laws, regulations and policies concerning the import,
+possession, or use, and re-export of encryption software, to see if this is
+permitted.
+

README.md

@@ -1,4 +1,4 @@
-# dash-licenses nodejs-wrapper
+# Eclipse dash-licenses nodejs-wrapper
 
 This wrapper makes it easy to integrate and run the Eclipse [Dash Licenses](https://github.com/eclipse/dash-licenses) Tool in Eclipse Foundation project repositories, both locally and during CI on GitHub (i.e. on Pull Requests). Doing so is the best way to catch early, any 3PP components that has incompatible or have unclear licenses. Optionally, `dash-licenses` can be run in `automatic IP review mode`, to automatically create IP Check tickets, on the Eclipse Foundation Gitlab instance, one for each 3PP component that fails the check, for further scrutiny. These tickets can often be approved automatically in minutes.
 
@@ -15,19 +15,17 @@ This wrapper makes it easy to integrate and run the Eclipse [Dash Licenses](http
 
 ## How to install and use
 
-(Note: This wrapper is planned to soon be made available as a `npm package` - until then the below will not work )
-
-This npm package contains the `dash-licenses-wrapper.js` script that uses `dash-licenses` under-the-hood, an example GitHub workflow that uses the wrapper and some example configuration files.
+The npm package produced from this repository contains the `dash-licenses-wrapper.js` script that uses `dash-licenses` under-the-hood, an example GitHub workflow that uses the wrapper and some example configuration files.
 
 To install this package as a "devDependency" in your project, use one of the following commands from the root of your project, according to the project's npm client:
 
 ```bash
 # yarn:
 # note: if prompted to do so, you may need to add option "--ignore-workspace-root-check"
-yarn add dash-licenses-wrapper --dev
+yarn add @eclipse-dash/nodejs-wrapper --dev
 
 # npm:
-npm install dash-licenses-wrapper --save-dev
+npm install @eclipse-dash/nodejs-wrapper --save-dev
 ```
 
 Once installed, you can run a license check, from the repo root, with the following command:
@@ -73,7 +71,7 @@ A configuration file can be used. Values defined therein will override wrapper d
     "inputFile": "./package-lock.json",
     "batch": "50",
     "timeout": "240",
-    "exclusionsFile": "configs/dashLicensesExclusions.json",
+    "exclusionsFile": "configs/license-check-exclusions.json",
     "summaryFile": "dash-licenses-summary.txt"
 }
 ```
@@ -99,7 +97,7 @@ The `exclusions file` contains one dependency per line, with an optional comment
 
 Example scenario: an important Pull Request (PR) adds a 3PP dependency, whose license is believed by the project to be compatible, but for which `dash-licenses` disagrees (e.g. because of a low score). The dependency is submitted the IP team for further analysis but can't be automatically approved, quickly. In the meantime, to avoid delaying merging the important PR or merging and having the "License Check" CI job fail until the dependency is officially approved, it may be added to the `exclusions file`:
 
-Let's say the project's exclusion file is `configs/dashLicensesExclusions.json`
+Let's say the project's exclusion file is `configs/license-check-exclusions.json`
 
 The following entry is added: the first field is the 3PP as reported by `dash-licenses` and the second field is an optional comment, that can be used to track the reason for excluding the dependency from failing the license check. e.g.:
 
@@ -110,14 +108,14 @@ The following entry is added: the first field is the 3PP as reported by `dash-li
 And then the wrapper can be called with CLI parameter `--exclusions` pointing to the `exclusions` file, like so:
 
 ```bash
-npx dash-licenses-wrapper --inputFile=./package-lock.json --exclusions=configs/dashLicensesExclusions.json
+npx dash-licenses-wrapper --inputFile=./package-lock.json --exclusions=configs/license-check-exclusions.json
 ```
 
 Exclusion file: `<repo_root>/dependency-check-baseline.json`
 
 ## GitHub workflow
 
-An example workflow, that runs the license check, is provided in directory `examples` (by default under `node_modules/dash-licenses-wrapper/examples/license-check-workflow.yml`). It can be copied to a GitHub project's directory `<repo root>/.github/workflows` and adapted for the given project.
+An example workflow, that runs the license check, is provided in directory `examples` (by default under `node_modules/@eclipse-dash/nodejs-wrapper/examples/license-check-workflow.yml`). It can be copied to a GitHub project's directory `<repo root>/.github/workflows` and adapted for the given project.
 
 If the project has added a `scripts` entry in the root `package.json` to run the license check, that may be used instead of `npx dash-licenses-wrapper [...]`. E.g. `yarn license:check [...]`.
 

dash-licenses-wrapper-1.0.0.tgz

@@ -4,6 +4,6 @@
     "inputFile": "examples/package-lock.json",
     "batch": 51,
     "timeout": 241,
-    "exclusions": "examples/dashLicensesExclusions.json",
-    "summary": "dependency-check-summary.txt"
+    "exclusions": "examples/license-check-exclusions.json",
+    "summary": "license-check-summary.txt"
 }

examples/dashLicensesConfig.json examples/license-check-config.jsonexamples/dashLicensesConfig.json renamed to examples/license-check-config.json

@@ -1,16 +1,25 @@
 {
-  "name": "dash-licenses-wrapper",
-  "version": "1.0.0",
+  "name": "@eclipse-dash/nodejs-wrapper",
+  "version": "0.0.0",
   "description": "Node.js wrapper for dash-licenses, that makes it easier to perform license checks for JS/TS Eclipse Foundation projects",
   "publishConfig": {
-    "access": "public"
+    "access": "public",
+    "registry": "https://registry.npmjs.org"
   },
   "bin": {
     "dash-licenses-wrapper": "src/dash-licenses-wrapper.js"
   },
   "scripts": {
-    "test": "mocha --reporter spec"
+    "start": "node src/dash-licenses-wrapper.js",
+    "test": "mocha --reporter spec",
+    "publish": "npm run test && npm publish --registry=https://registry.npmjs.org/"
   },
+  "files": [
+    "src/*",
+    "NOTICE.md",
+    "SECURITY.md",
+    "examples/license-check-*"
+  ],
   "devDependencies": {
     "chai": "^4.3.10",
     "mocha": "^10.2.0"

examples/dashLicensesExclusions.json examples/license-check-exclusions.jsonexamples/dashLicensesExclusions.json renamed to examples/license-check-exclusions.json

@@ -1,4 +1,4 @@
-# Publishing `dash-licenses-wrapper`
+# Publishing `@eclipse-dash/nodejs-wrapper`
 
 ```bash
 # Setup npm token. e.g.

package.json

@@ -295,7 +295,7 @@ function printHelp() {
     help('  npx dash-licenses-wrapper --dry-run --configFile=configs/dashLicensesConfig.json');
     help('  npx dash-licenses-wrapper --inputFile=package-lock.json --summary=/tmp/license-check-summary.txt --review');
     help('  npx dash-licenses-wrapper --summary=license-check-summary.txt --review --project=ecd.theia');
-    help('  npx dash-licenses-wrapper --summary=license-check-summary.txt --review --project=ecd.theia --exclusions=license-check-exclusions.json');
+    help('  npx dash-licenses-wrapper --summary=license-check-summary.txt --review --project=ecd.theia --exclusions=configs/license-check-exclusions.json');
 }
 
 function getPrintableConfig(configObj) {