Research
npm Malware Targets Telegram Bot Developers with Persistent SSH Backdoors
Malicious npm packages posing as Telegram bot libraries install SSH backdoors and exfiltrate data from Linux developer machines.
By Kush Pandya - Apr 18, 2025
You're Invited: Meet the Socket team at BSidesSF and RSAC - April 27 - May 1.RSVP →
license-info-webpack-plugin
Advanced tools
license-info-webpack-plugin
Making a list of package's LICENSE information for webpack
license-info-webpack-plugin
license-info-webpack-plugin is a webpack plugin for making a list of package's LICENSE information, inspired by licensify.
$ npm install --save-dev license-info-webpack-plugin
$ yarn add --dev license-info-webpack-plugin
Usage
webpack v4
If you use webpack < 4.2 that has dependency on uglifyjs-webpack-plugin < 1.2.4, you need to set optimization to set uglifyOptions.
const path = require('path');
const LicenseInfoWebpackPlugin = require('license-info-webpack-plugin').default;
const UglifyJsPlugin = require("uglifyjs-webpack-plugin");
module.exports = {
mode: 'production',
entry: './src/js/index.js',
output: {
path: path.join(__dirname, 'dist/js'),
filename: '[name].js'
},
plugins: [
new LicenseInfoWebpackPlugin({
glob: '{LICENSE,license,License}*'
})
]
};
webpack v3
const path = require('path');
const LicenseInfoWebpackPlugin = require('license-info-webpack-plugin').default;
const UglifyJsPlugin = require("uglifyjs-webpack-plugin");
module.exports = {
entry: './src/js/index.js',
output: {
path: path.join(__dirname, 'dist/js'),
filename: '[name].js'
},
plugins: [
new LicenseInfoWebpackPlugin({
glob: '{LICENSE,license,License}*'
}),
new UglifyJsPlugin({
uglifyOptions: {
output: {
comments: /^\**!|@preserve|@license|@cc_on/
}
}
})
]
};
Note
If you use uglifyjs-webpack-plugin@^1.2.4 or webpack has dependency on uglifyjs-webpack-plugin@^1.2.4, you don't need to set uglifyOptions for preserve license comments.
Related: https://github.com/webpack-contrib/uglifyjs-webpack-plugin/pull/250
If you use uglifyjs-webpack-plugin@~1.1, you need to set uglifyOptions for preserve license comments.
Related: https://github.com/webpack-contrib/uglifyjs-webpack-plugin/pull/174
license-info-webpack-plugin needs webpack v3.0 or above
Options
glob- Glob pattern for LICENSE file
- Default:
'{LICENSE,license,License}*'
outputType- Output type:
'banner'or'html''banner': Append comment to top of bundled code'html': Generate html (e.g.license.[name].html)
- Default:
'banner'
- Output type:
includeLicenseFile- Include and put LICENSE file
- Default:
true
LICENSE
MIT
FAQs
Making a list of package's LICENSE information for webpack
The npm package license-info-webpack-plugin receives a total of 3,644 weekly downloads. As such, license-info-webpack-plugin popularity was classified as popular.
We found that license-info-webpack-plugin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 10 Aug 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Python Tools Are Quickly Adopting the New pylock.toml Standard
pip, PDM, pip-audit, and the packaging library are already adding support for Python’s new lock file format.
By Sarah Gooding - Apr 18, 2025
Product
Go Support Is Now Generally Available
Socket's Go support is now generally available, bringing automatic scanning and deep code analysis to all users with Go projects.
By Peter van der Zee, Ryan Eberhardt - Apr 17, 2025