New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

spdx-license-list

Package Overview
Dependencies
Maintainers
1
Versions
19
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

spdx-license-list

List of SPDX licenses

  • 6.9.0
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
296K
decreased by-9.5%
Maintainers
1
Weekly downloads
 
Created

What is spdx-license-list?

The spdx-license-list npm package provides a list of SPDX license identifiers and their associated metadata. It is useful for validating, listing, and retrieving information about software licenses in a standardized format.

What are spdx-license-list's main functionalities?

List all SPDX license identifiers

This feature allows you to retrieve and list all available SPDX license identifiers. The code sample demonstrates how to import the package and log all license identifiers to the console.

const spdxLicenseList = require('spdx-license-list');
console.log(Object.keys(spdxLicenseList));

Get license details by identifier

This feature allows you to get detailed information about a specific license by its identifier. The code sample shows how to retrieve and log details for the 'MIT' license.

const spdxLicenseList = require('spdx-license-list');
const licenseDetails = spdxLicenseList['MIT'];
console.log(licenseDetails);

Check if a license identifier is valid

This feature allows you to check if a given license identifier is valid according to the SPDX license list. The code sample demonstrates how to check if 'MIT' is a valid license identifier.

const spdxLicenseList = require('spdx-license-list');
const isValid = 'MIT' in spdxLicenseList;
console.log(isValid);

Other packages similar to spdx-license-list

    spdx-correct

    The spdx-correct package helps correct common misspellings and variations of SPDX license identifiers. It is useful for ensuring that license identifiers conform to the SPDX standard, but it does not provide detailed license metadata like spdx-license-list.

    spdx-expression-parse

    The spdx-expression-parse package parses SPDX license expressions into a structured format. It is useful for analyzing complex license expressions, but it does not provide a list of licenses or their metadata like spdx-license-list.

    spdx-satisfies

    The spdx-satisfies package checks if a given license expression satisfies another license expression. It is useful for license compatibility checks, but it does not provide a list of licenses or their metadata like spdx-license-list.

Keywords

FAQs

Package last updated on 21 Feb 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious PyPI Package Exploits Deezer API for Coordinated Music Piracy

Research

Security News

Malicious PyPI Package Exploits Deezer API for Coordinated Music Piracy

Socket researchers uncovered a malicious PyPI package exploiting Deezer’s API to enable coordinated music piracy through API abuse and C2 server control.

By Kirill Boychenko  -  Feb 25, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc