What is license-checker?
The license-checker npm package is a tool that helps you manage and audit the licenses of the dependencies in your project. It provides detailed information about the licenses of all the packages in your node_modules directory, helping you ensure compliance with open-source license requirements.
What are license-checker's main functionalities?
List all licenses
This feature allows you to list all the licenses of the dependencies in your project. The code sample initializes the license-checker and prints out the licenses of all the packages found in the specified project directory.
const licenseChecker = require('license-checker');
licenseChecker.init({
start: '/path/to/your/project'
}, function(err, packages) {
if (err) {
console.log(err);
} else {
console.log(packages);
}
});
Filter by specific licenses
This feature allows you to filter the dependencies by specific licenses. The code sample initializes the license-checker and filters the packages to only include those with MIT or ISC licenses.
const licenseChecker = require('license-checker');
licenseChecker.init({
start: '/path/to/your/project',
onlyAllow: 'MIT;ISC'
}, function(err, packages) {
if (err) {
console.log(err);
} else {
console.log(packages);
}
});
Custom format output
This feature allows you to customize the output format of the license information. The code sample initializes the license-checker and specifies a custom format for the output, including the name, version, licenses, and repository of each package.
const licenseChecker = require('license-checker');
licenseChecker.init({
start: '/path/to/your/project',
customFormat: {
name: '',
version: '',
licenses: '',
repository: ''
}
}, function(err, packages) {
if (err) {
console.log(err);
} else {
console.log(packages);
}
});
Other packages similar to license-checker
license-report
The license-report package provides a similar functionality to license-checker by generating a report of the licenses of the dependencies in your project. It offers a command-line interface and can output the report in various formats such as JSON, CSV, and plain text. Compared to license-checker, license-report focuses more on generating comprehensive reports.
npm-license-crawler
The npm-license-crawler package crawls through the dependencies of your project and generates a license report. It can be configured to include or exclude specific licenses and can output the report in JSON or CSV format. Compared to license-checker, npm-license-crawler provides more options for customizing the crawling process and the output format.
license-checker-webpack-plugin
The license-checker-webpack-plugin is a Webpack plugin that checks the licenses of the dependencies in your project during the build process. It integrates with Webpack and can be configured to fail the build if any disallowed licenses are found. Compared to license-checker, this package is specifically designed for use with Webpack and provides seamless integration with the build process.
NPM License Checker
Ever needed to see all the license info for a module and it's dependencies?
It's this easy:
npm install -g license-checker
mkdir foo
cd foo
npm install yui-lint
license-checker
You should see something like this:
├─ cli@0.4.3
│ ├─ repository: http://github.com/chriso/cli
│ └─ licenses: MIT
├─ glob@3.1.14
│ ├─ repository: https://github.com/isaacs/node-glob
│ └─ licenses: UNKNOWN
├─ graceful-fs@1.1.14
│ ├─ repository: https://github.com/isaacs/node-graceful-fs
│ └─ licenses: UNKNOWN
├─ inherits@1.0.0
│ ├─ repository: https://github.com/isaacs/inherits
│ └─ licenses: UNKNOWN
├─ jshint@0.9.1
│ └─ licenses: MIT
├─ lru-cache@1.0.6
│ ├─ repository: https://github.com/isaacs/node-lru-cache
│ └─ licenses: MIT
├─ lru-cache@2.0.4
│ ├─ repository: https://github.com/isaacs/node-lru-cache
│ └─ licenses: MIT
├─ minimatch@0.0.5
│ ├─ repository: https://github.com/isaacs/minimatch
│ └─ licenses: MIT
├─ minimatch@0.2.9
│ ├─ repository: https://github.com/isaacs/minimatch
│ └─ licenses: MIT
├─ sigmund@1.0.0
│ ├─ repository: https://github.com/isaacs/sigmund
│ └─ licenses: UNKNOWN
└─ yui-lint@0.1.1
├─ licenses: BSD
└─ repository: http://github.com/yui/yui-lint
An asterisk next to a license name means that it was deduced from
an other file than package.json (README, LICENSE, COPYING, ...)
You could see something like this:
└─ debug@2.0.0
├─ repository: https://github.com/visionmedia/debug
└─ licenses: MIT*
Options
--production
only show production dependencies.--development
only show development dependencies.--unknown
report guessed licenses as unknown licenses.--onlyunknown
only list packages with unknown or guessed licenses.--json
output in json format.--csv
output in csv format.--out [filepath]
write the data to a specific file.--customPath
to add a custom Format file in JSON--exclude [list]
exclude modules which licenses are in the comma-separated list from the output--relativeLicensePath
output the location of the license files as relative paths
Examples
license-checker --json > /path/to/licenses.json
license-checker --csv --out /path/to/licenses.csv
license-checker --unknown
license-checker --customPath customFormatExample.js
license-checker --exclude 'MIT, MIT/X11, BSD, ISC'
license-checker --onlyunknown
Requiring
var checker = require('license-checker');
checker.init({
start: '/path/to/start/looking'
}, function(err, json) {
if (err) {
} else {
}
});
Debugging
license-checker uses debug for internal logging. There’s two internal markers:
license-checker:error
for errorslicense-checker:log
for non-errors
Set the DEBUG
environment variable to one of these to see debug output:
$ export DEBUG=license-checker*; license-checker
scanning ./yui-lint
├─ cli@0.4.3
│ ├─ repository: http://github.com/chriso/cli
│ └─ licenses: MIT
# ...
build status