Added copyright info for NPM packages

Copyrights are extracted by checking if common licensing file names
exists in the package and if they are found the content is then
returned.

As the scanning is split between container and host (due to the jq
tool availability) the package path is left trimmed to remove first
'/' - effectively converting it to relative path which can then be
resolved correctly from the current working directory of host
command.

More license files to check can be added in the future by extending
the "files" variable

Resolves: #958
Signed-off-by: Matej Zachar <[email protected]>

Author: mzachar

tern/analyze/default/command_lib/base.yml

@@ -421,6 +421,17 @@ npm:
         host:
           - "jq -r '.. | objects | select(has(\"name\") and has(\"version\")) | .repository | if type == \"string\" then . else .url end | . // \"Unknown\"' npm-global.json"
     delimiter: "\n"
+  copyrights:
+    invoke:
+      1:
+        container:
+          - "npm list -g --json --long --depth=1000 > npm-global.json"
+      2:
+        host:
+          - "paths=`jq -r '.. | objects | select(has(\"name\") and has(\"version\")) | .path // \"Unknown\" | ltrimstr(\"/\")' npm-global.json`"
+          - "files=\"license license.md LICENSE LICENSE.md copying copying.md COPYING COPYING.md\""
+          - "for p in $paths; do for f in $files; do if [ -f $p/$f ]; then cat $p/$f; break; fi done; echo \"LICF\"; done"
+    delimiter: "LICF"
 # golang----------------------------------------------------------------------
 go:
   pkg_format: ''