From fd2be2a11a778e9c7e35eb68ca554b7110321a12 Mon Sep 17 00:00:00 2001
From: "Kyle E. Mitchell" <kyle@kemitchell.com>
Date: Sun, 1 Sep 2024 21:06:58 -0700
Subject: [PATCH] Define has() helper function to check for undefined (close
 #93)

Previously, Licensee would create a license criteria configuration
object at runtime when options like `--osi` and `--blueoak=` were set.
Unfortunately, the code that did so used constructions like
`option['blueOak'] || undefined`, while logic for checking licenses
based on that configuration used the `hasown` package to check whether
various kinds of license constraints had been set.  This set us up for
errors, like the one reported by @jayvdb in #93, where Licensee attempts
to read constraints that haven't been provided, since they exist as own
properties of the configuration object, but are set to `undefined`.

This PR adds a test replicating #93 and redefines the `has()` helper
function as a wrapper around `hasown` that _also_ checks to make sure
the own property value is _not_ `undefined`.  This avoids the error, and
should for other invocations with similar flags.
---
 index.js                         | 6 +++++-
 tests/osi-flag-pass/package.json | 7 +++++++
 tests/osi-flag-pass/test.js      | 5 +++++
 tests/osi-pass/package.json      | 2 +-
 4 files changed, 18 insertions(+), 2 deletions(-)
 create mode 100644 tests/osi-flag-pass/package.json
 create mode 100644 tests/osi-flag-pass/test.js

diff --git a/index.js b/index.js
index ae21cfc..ee9dcd9 100644
--- a/index.js
+++ b/index.js
@@ -3,7 +3,7 @@ module.exports = licensee
 var Arborist = require('@npmcli/arborist')
 var blueOakList = require('@blueoak/list')
 var correctLicenseMetadata = require('correct-license-metadata')
-var has = require('hasown')
+var hasOwn = require('hasown')
 var npmLicenseCorrections = require('npm-license-corrections')
 var osi = require('spdx-osi')
 var parse = require('spdx-expression-parse')
@@ -281,3 +281,7 @@ function pushMissing (source, sink) {
     if (sink.indexOf(element) === -1) sink.push(element)
   })
 }
+
+function has (object, key) {
+  return hasOwn(object, key) && object[key] !== undefined
+}
diff --git a/tests/osi-flag-pass/package.json b/tests/osi-flag-pass/package.json
new file mode 100644
index 0000000..e740b8d
--- /dev/null
+++ b/tests/osi-flag-pass/package.json
@@ -0,0 +1,7 @@
+{
+  "name": "osi-flag-pass",
+  "dependencies": {
+    "gpl-2.0-licensed": "1.0.0"
+  },
+  "private": true
+}
diff --git a/tests/osi-flag-pass/test.js b/tests/osi-flag-pass/test.js
new file mode 100644
index 0000000..a880854
--- /dev/null
+++ b/tests/osi-flag-pass/test.js
@@ -0,0 +1,5 @@
+var tap = require('tap')
+
+var results = require('../run')(['--osi'], __dirname)
+
+tap.equal(results.status, 0)
diff --git a/tests/osi-pass/package.json b/tests/osi-pass/package.json
index ac0f1f9..75ff404 100644
--- a/tests/osi-pass/package.json
+++ b/tests/osi-pass/package.json
@@ -1,5 +1,5 @@
 {
-  "name": "blue-oak-fail",
+  "name": "osi-pass",
   "dependencies": {
     "gpl-2.0-licensed": "1.0.0"
   },