spdx-satisfies

What is spdx-satisfies?

The spdx-satisfies npm package is used to determine if a given SPDX license expression satisfies another SPDX license expression. This is particularly useful for license compliance checks in software projects.

What are spdx-satisfies's main functionalities?

Check if a license satisfies another license

This feature allows you to check if one license satisfies another license. In this example, the MIT license satisfies the 'MIT OR Apache-2.0' license expression.

const spdxSatisfies = require('spdx-satisfies');

const license1 = 'MIT';
const license2 = 'MIT OR Apache-2.0';

const result = spdxSatisfies(license1, license2);
console.log(result); // true

Check if a complex license expression satisfies another

This feature allows you to check if a complex license expression satisfies another complex license expression. In this example, the '(MIT AND Apache-2.0)' license expression satisfies the '(MIT AND Apache-2.0) OR GPL-3.0' license expression.

const spdxSatisfies = require('spdx-satisfies');

const license1 = '(MIT AND Apache-2.0)';
const license2 = '(MIT AND Apache-2.0) OR GPL-3.0';

const result = spdxSatisfies(license1, license2);
console.log(result); // true

Other packages similar to spdx-satisfies

spdx-expression-validate

The spdx-expression-validate package is used to validate SPDX license expressions. While it does not check if one license satisfies another, it ensures that the license expressions are valid according to the SPDX specification.

spdx-correct

The spdx-correct package is used to correct common mistakes in SPDX license expressions. It helps in ensuring that the license expressions are correctly formatted but does not provide functionality to check if one license satisfies another.

spdx-license-ids

The spdx-license-ids package provides a list of all valid SPDX license identifiers. It is useful for validating and listing license identifiers but does not offer the functionality to check if one license satisfies another.

README

var assert = require('assert')
var satisfies = require('spdx-satisfies')

assert(satisfies('MIT', 'MIT'))

assert(satisfies('MIT', '(ISC OR MIT)'))
assert(satisfies('Zlib', '(ISC OR (MIT OR Zlib))'))
assert(!satisfies('GPL-3.0', '(ISC OR MIT)'))

assert(satisfies('GPL-2.0', 'GPL-2.0+'))
assert(satisfies('GPL-3.0', 'GPL-2.0+'))
assert(satisfies('GPL-1.0+', 'GPL-2.0+'))
assert(!satisfies('GPL-1.0', 'GPL-2.0+'))
assert(satisfies('GPL-2.0-only', 'GPL-2.0-only'))
assert(satisfies('GPL-3.0-only', 'GPL-2.0+'))
assert(satisfies('LGPL-3.0-only', 'LGPL-3.0-or-later'))
assert(satisfies('GPL-2.0', 'GPL-2.0+'))
assert(satisfies('GPL-2.0-only', 'GPL-2.0+'))
assert(satisfies('GPL-2.0', 'GPL-2.0-or-later'))

assert(!satisfies(
  'GPL-2.0',
  'GPL-2.0+ WITH Bison-exception-2.2'
))

assert(satisfies(
  'GPL-3.0 WITH Bison-exception-2.2',
  'GPL-2.0+ WITH Bison-exception-2.2'
))

assert(satisfies('(MIT OR GPL-2.0)', '(ISC OR MIT)'))
assert(satisfies('(MIT AND GPL-2.0)', '(MIT AND GPL-2.0)'))
assert(satisfies('MIT AND GPL-2.0 AND ISC', 'MIT AND GPL-2.0 AND ISC'))
assert(satisfies('MIT AND GPL-2.0 AND ISC', 'ISC AND GPL-2.0 AND MIT'))
assert(satisfies('(MIT OR GPL-2.0) AND ISC', 'MIT AND ISC'))
assert(satisfies('MIT AND ISC', '(MIT OR GPL-2.0) AND ISC'))
assert(satisfies('MIT AND ISC', '(MIT AND GPL-2.0) OR ISC'))
assert(satisfies('(MIT OR Apache-2.0) AND (ISC OR GPL-2.0)', 'Apache-2.0 AND ISC'))
assert(satisfies('(MIT OR Apache-2.0) AND (ISC OR GPL-2.0)', 'Apache-2.0 OR ISC'))
assert(satisfies('(MIT AND GPL-2.0)', '(MIT OR GPL-2.0)'))
assert(satisfies('(MIT AND GPL-2.0)', '(GPL-2.0 AND MIT)'))
assert(satisfies('MIT', '(GPL-2.0 OR MIT) AND (MIT OR ISC)'))
assert(satisfies('MIT AND ICU', '(MIT AND GPL-2.0) OR (ISC AND (Apache-2.0 OR ICU))'))
assert(!satisfies('(MIT AND GPL-2.0)', '(ISC OR GPL-2.0)'))
assert(!satisfies('MIT AND (GPL-2.0 OR ISC)', 'MIT'))
assert(!satisfies('(MIT OR Apache-2.0) AND (ISC OR GPL-2.0)', 'MIT'))