license-checker
Advanced tools
license-checker - npm Package Compare versions
Comparing version 0.0.5 to 0.0.6
@@ -10,2 +10,4 @@ | ||
| var data = {}; | ||
| var fs = require('fs'); | ||
| var path = require('path'); | ||
| var read = require('read-installed'); | ||
@@ -17,9 +19,8 @@ var treeify = require('treeify'); | ||
| var moduleInfo = {licenses: UNKNOWN}, | ||
| licenseData; | ||
| licenseData, files; | ||
| data[json.name + '@' + json.version] = moduleInfo; | ||
| if (json.repository) { | ||
| if (typeof json.repository === 'object') { | ||
| if (typeof json.repository === 'object' && typeof json.repository.url === 'string') { | ||
| moduleInfo.repository = json.repository.url.replace('git://github.com', 'https://github.com').replace('.git', ''); | ||
@@ -49,5 +50,20 @@ } | ||
| } | ||
| } else if (json.readme){ | ||
| moduleInfo.licenses = license(json.readme) || UNKNOWN; | ||
| } else if (license(json.readme)) { | ||
| moduleInfo.licenses = license(json.readme); | ||
| } else { | ||
| files = fs.readdirSync(json.path).filter(function(filename) { | ||
| return filename.indexOf('LICENSE') > -1; | ||
| }); | ||
| files.forEach(function(filename) { | ||
| moduleInfo.licenses = license(fs.readFileSync(path.join(json.path, filename), {encoding: 'utf8'})); | ||
| }); | ||
| } | ||
| if (Array.isArray(moduleInfo.licenses)) { | ||
| if (moduleInfo.licenses.length === 1) { | ||
| moduleInfo.licenses = moduleInfo.licenses[0]; | ||
| } | ||
| } | ||
| if (json.dependencies) { | ||
@@ -54,0 +70,0 @@ Object.keys(json.dependencies).forEach(function(name) { |
@@ -0,3 +1,23 @@ | ||
| var MIT_LICENSE = ["Permission is hereby granted, free of charge, to any person obtaining", | ||
| "a copy of this software and associated documentation files (the", | ||
| "'Software'), to deal in the Software without restriction, including", | ||
| "without limitation the rights to use, copy, modify, merge, publish,", | ||
| "distribute, sublicense, and/or sell copies of the Software, and to", | ||
| "permit persons to whom the Software is furnished to do so, subject to", | ||
| "the following conditions:", | ||
| "", | ||
| "The above copyright notice and this permission notice shall be", | ||
| "included in all copies or substantial portions of the Software.", | ||
| "", | ||
| "THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,", | ||
| "EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF", | ||
| "MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.", | ||
| "IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY", | ||
| "CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,", | ||
| "TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE", | ||
| "SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE."].join('\n'); | ||
| module.exports = function(str) { | ||
| if (str.indexOf('MIT') > -1) { | ||
| if (str.indexOf('MIT') > -1 || str.indexOf(MIT_LICENSE) > -1) { | ||
| return 'MIT*'; | ||
@@ -8,3 +28,3 @@ } else if (str.indexOf('BSD') > -1) { | ||
| return 'Apache*'; | ||
| } else if (str.indexOf('DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE') > -1) { | ||
| } else if (str.indexOf('DO WHAT THE FUCK YOU WANT TO PUBLIC LICENSE') > -1 || str.indexOf('WTFPL') > -1) { | ||
| return 'WTF*'; | ||
@@ -11,0 +31,0 @@ } |
| { | ||
| "name": "license-checker", | ||
| "description": "Check license info for a pacakge", | ||
| "author": "Dav Glass <davglass@gmail.com>", | ||
| "version": "0.0.5", | ||
| "dependencies": { | ||
| "mkdirp": "*", | ||
| "treeify": "*", | ||
| "nopt": "*", | ||
| "read-installed": "*" | ||
| }, | ||
| "devDependencies": { | ||
| "yui-lint": "~0.1.1", | ||
| "jshint": "~1.1.0", | ||
| "vows": "*", | ||
| "istanbul": "*" | ||
| }, | ||
| "keywords": [ | ||
| "license", "cli", "checker", "oss" | ||
| ], | ||
| "main": "./lib/index.js", | ||
| "bin": { | ||
| "license-checker": "./bin/license-checker" | ||
| }, | ||
| "scripts": { | ||
| "pretest": "jshint --config ./node_modules/yui-lint/jshint.json ./lib/", | ||
| "test": "istanbul cover --print both vows -- --spec ./tests/*.js" | ||
| }, | ||
| "preferGlobal": "true", | ||
| "bugs": { "url" : "http://github.com/davglass/license-checker/issues" }, | ||
| "licenses":[ | ||
| { | ||
| "type" : "BSD", | ||
| "url" : "https://github.com/davglass/license-checker/blob/master/LICENSE" | ||
| } | ||
| ], | ||
| "repository": { | ||
| "type":"git", | ||
| "url":"http://github.com/davglass/license-checker.git" | ||
| "name": "license-checker", | ||
| "description": "Check license info for a pacakge", | ||
| "author": "Dav Glass <davglass@gmail.com>", | ||
| "version": "0.0.6", | ||
| "dependencies": { | ||
| "mkdirp": "^0.3.5", | ||
| "treeify": "^1.0.1", | ||
| "nopt": "^2.2.0", | ||
| "read-installed": "^1.0.0" | ||
| }, | ||
| "devDependencies": { | ||
| "yui-lint": "~0.1.1", | ||
| "jshint": "~1.1.0", | ||
| "vows": "*", | ||
| "istanbul": "*", | ||
| "request": "^2.34.0", | ||
| "queue": "^1.0.0" | ||
| }, | ||
| "keywords": [ | ||
| "license", | ||
| "cli", | ||
| "checker", | ||
| "oss" | ||
| ], | ||
| "main": "./lib/index.js", | ||
| "bin": { | ||
| "license-checker": "./bin/license-checker" | ||
| }, | ||
| "scripts": { | ||
| "pretest": "jshint --config ./node_modules/yui-lint/jshint.json ./lib/", | ||
| "test": "istanbul cover --print both vows -- --spec ./tests/*.js" | ||
| }, | ||
| "preferGlobal": "true", | ||
| "bugs": { | ||
| "url": "http://github.com/davglass/license-checker/issues" | ||
| }, | ||
| "licenses": [ | ||
| { | ||
| "type": "BSD", | ||
| "url": "https://github.com/davglass/license-checker/blob/master/LICENSE" | ||
| } | ||
| ], | ||
| "repository": { | ||
| "type": "git", | ||
| "url": "http://github.com/davglass/license-checker.git" | ||
| } | ||
| } |
@@ -10,3 +10,3 @@ NPM License Checker | ||
| ``` | ||
| npm -g license-checker | ||
| npm install -g license-checker | ||
@@ -13,0 +13,0 @@ mkdir foo |
| var vows = require('vows'), | ||
| assert = require('assert'), | ||
| path = require('path'), | ||
| checker = require('../lib/index'); | ||
@@ -16,2 +17,33 @@ | ||
| } | ||
| }, | ||
| 'should parse local with unknown': { | ||
| topic: function () { | ||
| var self = this; | ||
| checker.init({ | ||
| start: path.join(__dirname, '../') | ||
| }, function (sorted) { | ||
| self.callback(null, sorted); | ||
| }); | ||
| }, | ||
| 'and give us results': function (d) { | ||
| assert.isTrue(Object.keys(d).length > 70); | ||
| assert.equal(d['abbrev@1.0.4'].licenses, 'MIT'); | ||
| }, | ||
| 'should parse local without unknown': { | ||
| topic: function () { | ||
| var self = this; | ||
| checker.init({ | ||
| start: path.join(__dirname, '../'), | ||
| unknown: true | ||
| }, function (sorted) { | ||
| self.callback(null, sorted); | ||
| }); | ||
| }, | ||
| 'and give us results': function (d) { | ||
| assert.equal(d['vows@0.7.0'].licenses, 'BSD*'); | ||
| assert.isTrue(Object.keys(d).length > 20); | ||
| } | ||
| } | ||
| } | ||
@@ -18,0 +50,0 @@ }; |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
Mixed license
License(Experimental) Package contains multiple licenses.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Wildcard dependency
QualityPackage has a dependency with a floating version range. This can cause issues if the dependency publishes a new major version.
Found 4 instances in 1 package
Unidentified License
License(Experimental) Something that seems like a license was found, but its contents could not be matched with a known license.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by25.4%
13743
- Lines of code
- increased by31.96%
256
- Number of medium quality alerts
- decreased by-100%
0
Worsened metrics
- Dev dependency count
- increased by50%
6
- Number of low supply chain risk alerts
- increased byInfinity%
1
Dependency changes
+ Addedabbrev@1.1.1(transitive)
+ Addedgithub-url-from-git@1.5.0(transitive)
+ Addedgithub-url-from-username-repo@1.0.2(transitive)
+ Addedglob@5.0.15(transitive)
+ Addedgraceful-fs@2.0.3(transitive)
+ Addedjju@1.4.0(transitive)
+ Addedjson-parse-helpfulerror@1.0.3(transitive)
+ Addedmkdirp@0.3.5(transitive)
+ Addednopt@2.2.1(transitive)
+ Addednormalize-package-data@1.0.3(transitive)
+ Addedread-installed@1.0.1(transitive)
+ Addedread-package-json@1.3.3(transitive)
+ Addedsemver@2.3.2(transitive)
- Removedabbrev@2.0.0(transitive)
- Removedasap@2.0.6(transitive)
- Removeddebuglog@1.0.1(transitive)
- Removeddezalgo@1.0.4(transitive)
- Removedfs.realpath@1.0.0(transitive)
- Removedfunction-bind@1.1.2(transitive)
- Removedglob@7.2.3(transitive)
- Removedgraceful-fs@4.2.11(transitive)
- Removedhasown@2.0.2(transitive)
- Removedhosted-git-info@2.8.9(transitive)
- Removedis-core-module@2.15.1(transitive)
- Removedjson-parse-even-better-errors@2.3.1(transitive)
- Removedmkdirp@3.0.1(transitive)
- Removednopt@8.0.0(transitive)
- Removednormalize-package-data@2.5.0(transitive)
- Removednpm-normalize-package-bin@1.0.1(transitive)
- Removedpath-parse@1.0.7(transitive)
- Removedread-installed@4.0.3(transitive)
- Removedread-package-json@2.1.2(transitive)
- Removedreaddir-scoped-modules@1.1.0(transitive)
- Removedresolve@1.22.8(transitive)
- Removedsemver@5.7.2(transitive)
- Removedspdx-correct@3.2.0(transitive)
- Removedspdx-exceptions@2.5.0(transitive)
- Removedspdx-expression-parse@3.0.1(transitive)
- Removedspdx-license-ids@3.0.20(transitive)
- Removedsupports-preserve-symlinks-flag@1.0.0(transitive)
- Removedutil-extend@1.0.3(transitive)
- Removedvalidate-npm-package-license@3.0.4(transitive)
Updatedmkdirp@^0.3.5
Updatednopt@^2.2.0
Updatedread-installed@^1.0.0
Updatedtreeify@^1.0.1