Skip to content
/ liblice Public

๐Ÿ“„ liblice is a module to detect licenses throughout your entire installed dependency tree.

License

MIT license
16 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cutenode/liblice

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

ย 

History

105 Commits
.github/workflows
.github/workflows
ย 
ย 
examples
examples
ย 
ย 
exports
exports
ย 
ย 
lib
lib
ย 
ย 
tests
tests
ย 
ย 
.gitignore
.gitignore
ย 
ย 
.npmrc
.npmrc
ย 
ย 
CHANGELOG.md
CHANGELOG.md
ย 
ย 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
ย 
ย 
LICENSE
LICENSE
ย 
ย 
README.md
README.md
ย 
ย 
index.js
index.js
ย 
ย 
package.json
package.json
ย 
ย 

Repository files navigation

liblice

Greenkeeper badge

liblice is a module to detect licenses throughout your entire installed dependency tree.

liblice crawls node_modules, fetches all package.json files, and parses them. It can return the data it fetches in a few different ways, depending on how you want to consume it.

Installation

npm install liblice

Usage

list Output

Returns an array of all licenses โ€“ plus any invalid licenses โ€“ within the node modules of the passed directory.

const { list } = require('liblice')

list('.') // where the current working directory has node_modules

modules Output

Returns an object of all modules, their license expression, the path to the module, their version, their author, and their conformance information.

const { modules } = require('liblice')

modules('.') // where the current working directory has node_modules

licenses Output

Returns an object the names of every license as a key, with the value being an object of objects that includes:

  • All packages that use the license
  • Conformance information for that license
  • Total number of occurrences of the license
const { licenses }  = require('liblice')

licenses('.') // where the current working directory has node_modules

What is Conformance Information

Conformance information is information that could be useful in the context of license conformance. Specifically, information included is a full list of all individual license IDs in the license expression (often this is identical to the license expression itself, but sometimes it's not), the links to the SPDX-hosted versions of the included licenses, and information that mirrors what can be found in the SPDX license list:

  • The osi property, which indicates if all licenses in the license expression are OSI compliant
  • The fsf property, which indicates if all licenses in the license expression are FSF compliant
  • The fsfAndOSI property, which indicates if all licenses in the license expression are both OSI and FSF compliant
  • The includesDeprecated property, which indicates if one or more licenses in the license expression are deprecated IDs.

Caveats

Currently, liblice excludes searching any directory in node_modules that includes /.bin/ since it is a problematic directory and doesn't actually add any value that is not already otherwise derived.

TODOs

  • Perhaps detect pacakge.json in passed path as validation?
  • Tests. Always tests.

About

๐Ÿ“„ liblice is a module to detect licenses throughout your entire installed dependency tree.

Topics

nodejs npm node module license license-checking

Resources

Readme

License

MIT license

Code of conduct

Code of conduct
Activity
Custom properties

Stars

16 stars

Watchers

0 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 5

Languages