license-reporter
Advanced tools
License-reporter gathers license information and reports them in various formats.
$ npm install license-reporter -g
Example using https://github.com/chalk/chalk
$ git clone https://github.com/chalk/chalk.git
$ cd chalk ; npm install
$ license-reporter console
========= APPROVED LICENSES ==========
name: ansi-styles , version: 3.2.1 , licenses: MIT License
name: escape-string-regexp , version: 1.0.5 , licenses: MIT License
name: supports-color , version: 6.0.0 , licenses: MIT License
========= APPROVED LICENSES ==========
<?xml version='1.0'?>
<licenseSummary>
<project>chalk</project>
<version>2.4.1</version>
<license>MIT</license>
<dependencies>
<dependency>
<packageName>ansi-styles</packageName>
<version>3.2.1</version>
<licenses>
<license>
<name>MIT License</name>
<url>http://www.opensource.org/licenses/MIT</url>
</license>
</licenses>
</dependency>
<dependency>
<packageName>escape-string-regexp</packageName>
<version>1.0.5</version>
<licenses>
<license>
<name>MIT License</name>
<url>http://www.opensource.org/licenses/MIT</url>
</license>
</licenses>
</dependency>
<dependency>
<packageName>supports-color</packageName>
<version>6.0.0</version>
<licenses>
<license>
<name>MIT License</name>
<url>http://www.opensource.org/licenses/MIT</url>
</license>
</licenses>
</dependency>
</dependencies>
</licenseSummary>
license-reporter --help
Usage: license-reporter <command> [options]
Commands:
license-reporter console Shows license information on standard output.
license-reporter merge Merge license XML files.
license-reporter report Creates a HTML report.
license-reporter save Saves license information to a file.
Options:
--help Show help [boolean]
--version Show version number [boolean]
--cwd Change the current working directory
~/Desktop$ mkdir foo
~/Desktop$ cd foo
~/Desktop/foo$ npm init -y
~/Desktop/foo$ npm install express -S
~/Desktop/foo$ license-reporter save --xml license1.xml
========= APPROVED LICENSES ==========
name: express , version: 4.16.4 , licenses: MIT License
========= APPROVED LICENSES ==========
~/Desktop/foo$ cat licenses/license1.xml
<?xml version='1.0'?>
<licenseSummary>
<project>foo</project>
<version>1.0.0</version>
<license>ISC</license>
<dependencies>
<dependency>
<packageName>express</packageName>
<version>4.16.4</version>
<licenses>
<license>
<name>MIT License</name>
<url>http://www.opensource.org/licenses/MIT</url>
</license>
</licenses>
</dependency>
</dependencies>
</licenseSummary>
~/Desktop$ mkdir bar
~/Desktop$ cd bar
~/Desktop/bar$ npm init -y
~/Desktop/bar$ npm install request -S
~/Desktop/bar$ license-reporter save --xml license2.xml
========= APPROVED LICENSES ==========
name: request , version: 2.88.0 , licenses: Apache License 2.0
========= APPROVED LICENSES ==========
~/Desktop/bar$ cat licenses/license2.xml
<?xml version='1.0'?>
<licenseSummary>
<project>bar</project>
<version>1.0.0</version>
<license>ISC</license>
<dependencies>
<dependency>
<packageName>request</packageName>
<version>2.88.0</version>
<licenses>
<license>
<name>Apache License 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0</url>
</license>
</licenses>
</dependency>
</dependencies>
</licenseSummary>
The intention for this functionality is to be able to create an xml file that contains all the licenses for a project that is made up of two or more projects.
So we are going to merge both license1.xml and license2.xml files created by the previous examples.
Inside the example foo root directory run:
~/Desktop/foo$ license-reporter merge --merge-project-name="UberProject" --merge-license-xmls="./licenses/license1.xml,../bar/licenses/license2.xml" --merge-output="merged.xml"
~/Desktop/foo$ cat licenses/merged.xml
<?xml version='1.0'?>
<UberProject>
<project>
<licenseSummary>
<project>foo</project>
<version>1.0.0</version>
<license>ISC</license>
<dependencies>
<dependency>
<packageName>express</packageName>
<version>4.16.4</version>
<licenses>
<license>
<name>MIT License</name>
<url>http://www.opensource.org/licenses/MIT</url>
</license>
</licenses>
</dependency>
</dependencies>
</licenseSummary>
</project>
<project>
<licenseSummary>
<project>bar</project>
<version>1.0.0</version>
<license>ISC</license>
<dependencies>
<dependency>
<packageName>request</packageName>
<version>2.88.0</version>
<licenses>
<license>
<name>Apache License 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0</url>
</license>
</licenses>
</dependency>
</dependencies>
</licenseSummary>
</project>
</UberProject>
Extra information can be found here
Please read the contributing guide
FAQs
License-reporter gathers license information and reports them in various formats.
The npm package license-reporter receives a total of 213 weekly downloads. As such, license-reporter popularity was classified as not popular.
We found that license-reporter demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
vlt's new "reproduce" tool verifies npm packages against their source code, outperforming traditional provenance adoption in the JavaScript ecosystem.
Research
Security News
Socket researchers uncovered a malicious PyPI package exploiting Deezer’s API to enable coordinated music piracy through API abuse and C2 server control.
Research
The Socket Research Team discovered a malicious npm package, '@ton-wallet/create', stealing cryptocurrency wallet keys from developers and users in the TON ecosystem.