Protect your apps from supply chain attacksInstall
The package exports an array of strings. Each string is an identifier for a license exception under the Software Package Data Exchange (SPDX) software license metadata standard.
"SPDX" is a federally registered United States trademark of The Linux Foundation Corporation.
From version 2.0 of the SPDX specification:
Copyright © 2010-2015 Linux Foundation and its Contributors. Licensed under the Creative Commons Attribution License 3.0 Unported. All other rights are expressly reserved.
The Linux Foundation and the SPDX working groups are good people. Only they decide what "SPDX" means, as a standard and otherwise. I respect their work and their rights. You should, too.
I created this package by copying exception identifiers out of the SPDX specification. That work was mechanical, routine, and required no creativity whatsoever. - Kyle Mitchell, package author
United States users concerned about intellectual property may wish to discuss the following Supreme Court decisions with their attorneys:
Baker v. Selden, 101 U.S. 99 (1879)
Feist Publications, Inc., v. Rural Telephone Service Co., 499 U.S. 340 (1991)
list of SPDX standard license exceptions
The npm package spdx-exceptions receives a total of 21,965,886 weekly downloads. As such, spdx-exceptions popularity was classified as popular.
We found that spdx-exceptions demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket installs a GitHub app to automatically flag issues on every pull request and report the health of your dependencies. Find out what is inside your node modules and prevent malicious activity before you update the dependencies.