license-ci-checker
Advanced tools
Checks the compatiblity of your license with your dependencies licenses
I'm not a Lawyer and have very little knowledge about licenses. This code is super simpel, but should help against obvious license violations. I am not responsible for possible misjudgments, false explanations and descriptions
# npm
npm install --save-dev license-ci-checker
# yarn
yarn add -D license-ci-checker
{
"scripts": {
"test-licenses": "license-ci-checker --production"
}
}
license-ci-checker --production
Most options are passed through from npm-license-crawler.
| param | default | description |
|---|---|---|
--start directory-path | ["./"] | path to the directory the license search should start from. If omitted the current working directory is assumed. Can be declared multiple for multiple entry points. |
--exclude directory-path | [] | path to a directory to be excluded (and its subdirectories) from the search (behaves like --start) |
--unknown | false | show only licenses that can't be determined or have been guessed. |
--dependencies | false | show only third-party licenses, i.e., only list the dependencies defined in package.json. |
--production | false | show only production dependencies |
--development | false | show only development dependencies |
--onlyDirectDependencies | false | show only direct dependencies licenses, i.e., don't list dependencies of dependencies. |
--omitVersion | false | omit version numbers in result (e.g. "npm-license-crawler@0.1.5" becomes "npm-license-crawler") |
--relativeLicensePath | false | output the relative file path for license files. |
--allow | [] | list of packages that doen't throw an error regardless of there license. Like with the --start argument, you can specify it mutliple times |
Licenses can be categorized with a hierarchie. This package checks which license you are using and in which category it belongs. Then it crawls all your licenses dependencies and checks if there licenses are in the same category as yours or below. If not, it throws an error.
(currently, the implementation is a bit simpler, as explained above)
source: https://janelia-flyem.github.io/
source: https://raw.githubusercontent.com/HansHammel/license-compatibility-checker/
FAQs
Checks the compatiblity of your license with your dependencies licenses
The npm package license-ci-checker receives a total of 0 weekly downloads. As such, license-ci-checker popularity was classified as not popular.
We found that license-ci-checker demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
TypeScript is porting its compiler to Go, delivering 10x faster builds, lower memory usage, and improved editor performance for a smoother developer experience.
Research
Security News
The Socket Research Team has discovered six new malicious npm packages linked to North Korea’s Lazarus Group, designed to steal credentials and deploy backdoors.
Security News
Socket CEO Feross Aboukhadijeh discusses the open web, open source security, and how Socket tackles software supply chain attacks on The Pair Program podcast.