Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Socket
Sign inDemoInstall

license-report

Package Overview
Dependencies
Maintainers
2
Versions
28
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

license-report - npm Package Compare versions

Comparing version 2.1.3 to 2.2.0

11

index.js

@@ -28,2 +28,3 @@ #!/usr/bin/env node

var exclusions = Array.isArray(config.exclude) ? config.exclude : [config.exclude]
/*

@@ -35,7 +36,7 @@ an index of all the dependencies

if(!config.only || config.only.indexOf('prod') > -1) {
addAll(deps, depsIndex)
addAll(deps, depsIndex, exclusions)
}
if(!config.only || config.only.indexOf('dev') > -1) {
addAll(devDeps, depsIndex)
addAll(devDeps, depsIndex, exclusions)
}

@@ -120,6 +121,10 @@

*/
function addAll(packages, packageIndex) {
function addAll(packages, packageIndex, exclusions) {
// iterate over packages and prepare urls before I call the registry
for (var p in packages) {
if (_.indexOf(exclusions, p) !== -1) {
continue
}
if(p.indexOf('@') === 0) {

@@ -126,0 +131,0 @@ p = p.substring(p.indexOf('/') + 1, p.length)

1

lib/getPackageJson.js

@@ -6,3 +6,2 @@ var request = require('request')

var get = module.exports = function(name, versionOrCallback, callback) {

@@ -9,0 +8,0 @@ var uri = config.registry + name

5

package.json
{
"name": "license-report",
"version": "2.1.3",
"version": "2.2.0",
"description": "creates a short report about project's dependencies (license, url etc)",

@@ -23,2 +23,3 @@ "main": "index.js",

"dependencies": {
"@kessler/exponential-backoff": "^2.0.0",
"async": "^0.9.0",

@@ -30,3 +31,3 @@ "debug": "^3.1.0",

"semver": "^5.4.1",
"stubborn": "^1.2.4",
"stubborn": "^1.2.5",
"text-table": "^0.2.0",

@@ -33,0 +34,0 @@ "visit-values": "^1.0.1"

33

README.md

@@ -6,3 +6,3 @@ # license report tool

```
npm install -g license-report
npm install -g license-report
```

@@ -13,4 +13,4 @@

```
> cd your/project/
> license-report
> cd your/project/
> license-report
```

@@ -20,33 +20,33 @@ by default, `license-report` outputs all licenses from `dependencies` and `devDependencies`.

```
> license-report --only=dev
> license-report --only=dev
```
```
> license-report --only=prod
> license-report --only=prod
```
explicit package.json:
```
license-report --package=/path/to/package.json
license-report --package=/path/to/package.json
```
customize a field's label:
```
license-report --report.label.department=division
license-report --report.label.department=division
```
customize a default value (only applicable for some fields):
```
license-report --department.label=division --department.value=ninjaSquad
license-report --department.label=division --department.value=ninjaSquad
```
another registry:
```
license-report --registry=https://myregistry.com/
license-report --registry=https://myregistry.com/
```
different outputs:
```
license-report --output=table
license-report --output=json
license-report --output=csv
license-report --output=csv --delimiter="|"
license-report --output=table
license-report --output=json
license-report --output=csv
license-report --output=csv --delimiter="|"
```
exclude (TBD):
exclude:
```
license-report --excluse=async --exclude=rc
license-report --excluse=async --exclude=rc
```

@@ -66,5 +66,4 @@

### TODO
1. complete exclude libraries feature
2. refactor getPackageJson and getPackageReportData to be usable for both local filesystem and npm
1. refactor getPackageJson and getPackageReportData to be usable for both local filesystem and npm
![ironSource logo](ironsource.png)
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc