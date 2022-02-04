NPM License Checker

Introduction

This is a fork of davglass' license-checker v.25.0.1 - Since that code doesn't seem to be updated regularly, I created this fork for being able to adding new features and fixing bugs.

I changed the original exclude argument to excludeLicenses in order to prevent confusion and better align it with the excludePackages argument. Also, the argument includeLicenses has been added for listing only packages that include the licenses listed.

Please notice: Version 1.2.2 is the last version working fine on node v12. From Version 2 on, you will need at least Node v14 to run this NPM license checker. Thanks to @daniel-schulz for pointing this out!

Ever needed to see all the license info for a module and its dependencies?

It's this easy:

npm install -g license-checker-rseidelsohn mkdir foo cd foo npm install yui-lint license-checker-rseidelsohn

You should see something like this:

├─ cli@0.4.3 │ ├─ repository: http://github.com/chriso/cli │ └─ licenses: MIT ├─ glob@3.1.14 │ ├─ repository: https://github.com/isaacs/node-glob │ └─ licenses: UNKNOWN ├─ graceful-fs@1.1.14 │ ├─ repository: https://github.com/isaacs/node-graceful-fs │ └─ licenses: UNKNOWN ├─ inherits@1.0.0 │ ├─ repository: https://github.com/isaacs/inherits │ └─ licenses: UNKNOWN ├─ jshint@0.9.1 │ └─ licenses: MIT ├─ lru-cache@1.0.6 │ ├─ repository: https://github.com/isaacs/node-lru-cache │ └─ licenses: MIT ├─ lru-cache@2.0.4 │ ├─ repository: https://github.com/isaacs/node-lru-cache │ └─ licenses: MIT ├─ minimatch@0.0.5 │ ├─ repository: https://github.com/isaacs/minimatch │ └─ licenses: MIT ├─ minimatch@0.2.9 │ ├─ repository: https://github.com/isaacs/minimatch │ └─ licenses: MIT ├─ sigmund@1.0.0 │ ├─ repository: https://github.com/isaacs/sigmund │ └─ licenses: UNKNOWN └─ yui-lint@0.1.1 ├─ licenses: BSD └─ repository: http://github.com/yui/yui-lint

An asterisk next to a license name means that it was deduced from an other file than package.json (README, LICENSE, COPYING, ...) You could see something like this:

└─ debug @ 2 . 0 . 0 ├─ repository: https://github.com/visionmedia/debug └─ licenses: MIT*

Changes

Version 3.1.0

Add new option --limitAttributes . Example usage: node bin/license-checker-rseidelsohn --limitAttributes publisher,email will only list the publisher and email attributes for every dependency.

Version 3.0.1

Fix the --direct option.

Version 3.0.0

From now on, when you give the --files option, this tool outputs the path to the copied license files rather than to the originals. When the relativeLicensePath option is given, this path will either be relative to the working directory or - if also the out option is given - relative to the out path.

When using the --out option, you will not see output in the console, as the output goes into the file specified by --out . When using the --files option without --out option, you will now get console output, which was not the case before.

All options in alphabetical order:

Exclusions

A list of licenses is the simplest way to describe what you want to exclude.

You can use valid SPDX identifiers. You can use valid SPDX expressions like MIT OR X11 . You can use non-valid SPDX identifiers, like Public Domain , since npm does support some license strings that are not SPDX identifiers.

Examples

Examples

license-checker-rseidelsohn
license-checker-rseidelsohn
license-checker-rseidelsohn
license-checker-rseidelsohn
license-checker-rseidelsohn
license-checker-rseidelsohn
license-checker-rseidelsohn
license-checker-rseidelsohn

Custom format

The --customPath option can be used with CSV to specify the columns. Note that the first column, module_name , will always be used.

When used with JSON format, it will add the specified items to the usual ones.

The available items are the following:

copyright

description

email

licenseFile

licenseModified

licenses

licenseText

name

publisher

repository

url

version

You can also give default values for each item. See an example in customFormatExample.json.

Requiring

var checker = require ( 'license-checker' ); checker.init( { start : '/path/to/start/looking' , }, function ( err, packages ) { if (err) { } else { } }, );

Debugging

license-checker uses debug for internal logging. There’s two internal markers:

license-checker-rseidelsohn:error for errors

for errors license-checker-rseidelsohn:log for non-errors

Set the DEBUG environment variable to one of these to see debug output:

export DEBUG=license-checker-rseidelsohn*; license-checker-rseidelsohn scanning ./yui-lint ├─ cli@0.4.3 │ ├─ repository: http://github.com/chriso/cli │ └─ licenses: MIT ...

How Licenses are Found

We walk through the node_modules directory with the read-installed-packages module. Once we gathered a list of modules we walk through them and look at all of their package.json 's, We try to identify the license with the spdx module to see if it has a valid SPDX license attached. If that fails, we then look into the module for the following files: LICENSE , LICENCE , COPYING , & README .

If one of the those files are found (in that order) we will attempt to parse the license data from it with a list of known license texts. This will be shown with the * next to the name of the license to show that we "guessed" at it.

