🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket

spdx-expression-parse

Package Overview
Dependencies
Maintainers
2
Versions
11
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

spdx-expression-parse

parse SPDX license expressions

4.0.0
latest
Source
npm
Version published
Weekly downloads
43M
25.98%
Maintainers
2
Weekly downloads
 
Created

What is spdx-expression-parse?

The spdx-expression-parse npm package is designed to parse SPDX license expressions. SPDX (Software Package Data Exchange) is a standard format for communicating the licensing information of software packages. This package helps in parsing and validating the syntax of SPDX expressions, making it easier to handle complex licensing scenarios programmatically.

What are spdx-expression-parse's main functionalities?

Parsing SPDX expressions

This feature allows the parsing of SPDX license expressions into a structured format. The code sample demonstrates how to parse a simple SPDX expression that includes an OR operator, indicating dual licensing options.

const parse = require('spdx-expression-parse');
const expression = 'MIT OR Apache-2.0';
const parsedExpression = parse(expression);
console.log(parsedExpression);

Handling complex SPDX expressions

This feature supports the parsing of more complex SPDX expressions, including nested groups and exceptions. The code sample shows how to parse an expression that combines multiple licenses with logical AND and an exception clause.

const parse = require('spdx-expression-parse');
const complexExpression = '(MIT OR Apache-2.0) AND (GPL-2.0+ WITH Classpath-exception-2.0)';
const parsedComplexExpression = parse(complexExpression);
console.log(parsedComplexExpression);

Other packages similar to spdx-expression-parse

Keywords

SPDX

FAQs

Package last updated on 21 Nov 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts