Node License Finder (nlf)
nlf is a utility for attempting to identify the licenses of modules in a node.js project.
It looks for license information in package.json, readme and license files in the project. Please note, in many cases
the utility is looking
for standard strings in these files, such as MIT, BSD, Apache, GPL etc - this is not error free, so if you have any
concerns at all about the accuracy of the results, you will need to perform a detailed manual review of the project
and its dependencies, reading all terms of any included or referenced license.
Use
nlf can be used programmatically, or from the command line.
Options
directory
(String) - where to lookproduction
(Boolean) (Default:false) - only traverse dependencies, no dev-dependenciesdepth
(Number) (Default: Infinity) - how deep to traverse packages where 0 is the current package.json onlysummaryMode
(String: off|simple|detail) (Default: simple)
CLI
To install:
$ npm install -g nlf
To use:
$ cd my-module
$ nlf
Example output:
archy@0.0.2 [license(s): MIT/X11]
└── package.json: MIT/X11
commander@0.6.1 [license(s): MIT]
└── readme files: MIT
glob@3.2.3 [license(s): BSD]
├── package.json: BSD
└── license files: BSD
json-stringify-safe@5.0.0 [license(s): BSD]
├── package.json: BSD
└── license files: BSD
read-installed@0.2.2 [license(s): BSD]
└── license files: BSD
should@1.2.2 [license(s): MIT]
└── readme files: MIT
LICENSES: BSD, MIT, MIT/X11
For output in CSV format use the -c (or --csv) switch:
$ cd my-module
$ nlf -c
To exclude development dependencies and only analyze dependencies for production:
$ cd my-module
$ nlf -d
Summary Mode
--summary <mode>
option, which can be set to "off", "simple" or "detail". This option controls what will be printed in summary in standard format.
off
turns off summary outputsimple
shows a list of licenses used in the project, the default behaviordetail
shows all modules in current project and group by licenses. As example below:
LICENSES:
├─┬ BSD
│ ├── amdefine@1.0.0
│ ├── boom@0.4.2
│ ├── cryptiles@0.2.2
│ └── diff@1.4.0
├─┬ BSD-2-Clause
│ └── normalize-package-data@2.3.5
├─┬ Apache-2.0
│ ├── request@2.40.0
│ ├── spdx-correct@1.0.2
│ └── validate-npm-package-license@3.0.1
├─┬ (MIT AND CC-BY-3.0)
│ └── spdx-expression-parse@1.0.1
└─┬ MPL
└── tough-cookie@2.2.1
Programmatically
var nlf = require('nlf');
nlf.find({ directory: '/User/me/my-project' }, function (err, data) {
console.log(JSON.stringify(data));
});
nlf.find({
directory: '/User/me/my-project',
production: true
}, function (err, data) {
console.log(JSON.stringify(data));
});
The data returned from find() is an array of modules, each of which is represented by an object as the following example:
{
"id": "example@0.2.9",
"name": "example",
"version": "0.2.9",
"repository": "http:\/\/github.com\/iandotkelly\/example",
"directory": "\/Users\/ian\/example",
"licenseSources": {
"package": {
"sources": [
{
"license": "MIT",
"url": "http://opensource.org/MIT"
}
]
},
"license": {
"sources": [
{
"filePath": "\/Users\/ian\/Personal\/example\/LICENSE",
"text": "the text of the license file",
"name": function() { // function that returns the name of the license if known }
}
]
},
"readme": {
"sources": [
{
"filePath": "\/Users\/ian\/Personal\/example\/readme.md",
"text": "text of the readme"
"name": function() { // function that returns the name of the license if known }
}
]
}
}
}
Each
Tests
To run the unit tests, install development dependencies and run tests with 'gulp'. Requires gulp.js to be installed globally.
$ npm install -g gulp
$ cd nlf
$ npm install
$ gulp
If you contribute to the project, tests are written in mocha, using should.js or the node.js assert module.