Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

license-badger

Package Overview
Dependencies
Maintainers
1
Versions
38
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

license-badger - npm Package Compare versions

Comparing version 0.15.0 to 0.16.0

7

CHANGES.md
# CHANGES for license-badger
## 0.16.0
- Docs: Update dev license badges
- npm: Update devDeps and `package-lock.json` (including `npm-consider`
fork support for "OBSD" categorization)
- npm: Switch to maintained `cypress-multi-reporters`
## 0.15.0

@@ -4,0 +11,0 @@

18

package.json
{
"name": "license-badger",
"version": "0.15.0",
"version": "0.16.0",
"description": "Builds a badge indicating your project's license(s) and those of its dependencies.",

@@ -60,4 +60,4 @@ "main": "src/index.js",

"coveradge": "^0.5.0",
"eslint": "^6.8.0",
"eslint-config-ash-nazg": "^20.0.0",
"eslint": "^7.0.0",
"eslint-config-ash-nazg": "^21.0.0",
"eslint-config-standard": "^14.1.1",

@@ -71,5 +71,5 @@ "eslint-plugin-array-func": "^3.1.5",

"eslint-plugin-import": "^2.20.2",
"eslint-plugin-jsdoc": "^24.0.0",
"eslint-plugin-jsdoc": "^25.0.1",
"eslint-plugin-markdown": "^1.0.2",
"eslint-plugin-no-unsanitized": "^3.1.0",
"eslint-plugin-no-unsanitized": "^3.1.1",
"eslint-plugin-no-use-extend-native": "^0.5.0",

@@ -80,6 +80,6 @@ "eslint-plugin-node": "^11.1.0",

"eslint-plugin-standard": "^4.0.1",
"eslint-plugin-unicorn": "^18.0.1",
"mocha": "^7.1.1",
"mocha-badge-generator": "^0.5.2",
"mocha-multi-reporters": "^1.1.7",
"eslint-plugin-unicorn": "^19.0.1",
"mocha": "^7.1.2",
"mocha-badge-generator": "^0.7.0",
"cypress-multi-reporters": "^1.2.4",
"nyc": "^15.0.1",

@@ -86,0 +86,0 @@ "typescript": "^3.8.3"

@@ -262,2 +262,5 @@ # license-badger

`default`)
1. Change the badge-making itself into a reporter, so can be optional,
in case just want to get at aggregated `npm-consider` + `licensee`
info, e.g., to list on command line
1. Use `unapproved`, `nonApproved`, and especially `manuallyCorrected`

@@ -268,2 +271,17 @@ info in reports so users can know whether to report.

missing, manually corrected, etc.
1. Along the lines of <https://www.gnu.org/software/librejs/free-your-javascript.html#step3>/
<https://www.gnu.org/licenses/javascript-labels.html>, might advertise
permissiveness of JS (to a browser add-on which could indicate the
license type(s) automatically). (Would also be nice to settle on a
means of advertising the server-side licenses in use behind a site
as well as info on how to get source.). Could make this as a reporter
which builds the necessary code (probably caching a static copy for
performance reasons)--i.e., build a JS web labels table (being sure
to link to it).
1. Might alternatively provide `<link/a rel>` mechanism to point
to a `package.json` file. (Besides being easier to convert this
code base to work in this manner, would be useful to have a
formal mechanism for finding other meta-data and source
code.) Might have separate `<link>` or `rel` to distinguish
between a package with just JS code and server code?
1. See about using [license-checker](https://github.com/davglass/license-checker)

@@ -273,1 +291,3 @@ for more detection opportunities (e.g., README and License file); see

easier on our end.
1. Utilize `es-file-traverse` to be able to list licenses for files
actually in use.

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc