validate-npm-package-license

WebJar for validate-npm-package-license

License

License

GroupId

GroupId

org.webjars.npm
ArtifactId

ArtifactId

validate-npm-package-license
Last Version

Last Version

3.0.4
Release Date

Release Date

Type

Type

jar
Description

Description

validate-npm-package-license
WebJar for validate-npm-package-license
Project URL

Project URL

http://webjars.org
Source Code Management

Source Code Management

https://github.com/kemitchell/validate-npm-package-license.js

Download validate-npm-package-license

How to add to project

<!-- https://jarcasting.com/artifacts/org.webjars.npm/validate-npm-package-license/ -->
<dependency>
    <groupId>org.webjars.npm</groupId>
    <artifactId>validate-npm-package-license</artifactId>
    <version>3.0.4</version>
</dependency>
// https://jarcasting.com/artifacts/org.webjars.npm/validate-npm-package-license/
implementation 'org.webjars.npm:validate-npm-package-license:3.0.4'
// https://jarcasting.com/artifacts/org.webjars.npm/validate-npm-package-license/
implementation ("org.webjars.npm:validate-npm-package-license:3.0.4")
'org.webjars.npm:validate-npm-package-license:jar:3.0.4'
<dependency org="org.webjars.npm" name="validate-npm-package-license" rev="3.0.4">
  <artifact name="validate-npm-package-license" type="jar" />
</dependency>
@Grapes(
@Grab(group='org.webjars.npm', module='validate-npm-package-license', version='3.0.4')
)
libraryDependencies += "org.webjars.npm" % "validate-npm-package-license" % "3.0.4"
[org.webjars.npm/validate-npm-package-license "3.0.4"]

Dependencies

compile (2)

Group / Artifact Type Version
org.webjars.npm : spdx-correct jar [3.0.0,4)
org.webjars.npm : spdx-expression-parse jar [3.0.0,4)

Project Modules

There are no modules declared in this project.

validate-npm-package-license

Give me a string and I'll tell you if it's a valid npm package license string.

var valid = require('validate-npm-package-license');

SPDX license identifiers are valid license strings:

var assert = require('assert');
var validSPDXExpression = {
  validForNewPackages: true,
  validForOldPackages: true,
  spdx: true
};

assert.deepEqual(valid('MIT'), validSPDXExpression);
assert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);
assert.deepEqual(valid('Apache-2.0'), validSPDXExpression);
assert.deepEqual(valid('ISC'), validSPDXExpression);

The function will return a warning and suggestion for nearly-correct license identifiers:

assert.deepEqual(
  valid('Apache 2.0'),
  {
    validForOldPackages: false,
    validForNewPackages: false,
    warnings: [
      'license should be ' +
      'a valid SPDX license expression (without "LicenseRef"), ' +
      '"UNLICENSED", or ' +
      '"SEE LICENSE IN <filename>"',
      'license is similar to the valid expression "Apache-2.0"'
    ]
  }
);

SPDX expressions are valid, too ...

// Simple SPDX license expression for dual licensing
assert.deepEqual(
  valid('(GPL-3.0-only OR BSD-2-Clause)'),
  validSPDXExpression
);

... except if they contain LicenseRef:

var warningAboutLicenseRef = {
  validForOldPackages: false,
  validForNewPackages: false,
  spdx: true,
  warnings: [
    'license should be ' +
    'a valid SPDX license expression (without "LicenseRef"), ' +
    '"UNLICENSED", or ' +
    '"SEE LICENSE IN <filename>"',
  ]
};

assert.deepEqual(
  valid('LicenseRef-Made-Up'),
  warningAboutLicenseRef
);

assert.deepEqual(
  valid('(MIT OR LicenseRef-Made-Up)'),
  warningAboutLicenseRef
);

If you can't describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:

assert.deepEqual(
  valid('SEE LICENSE IN LICENSE.txt'),
  {
    validForNewPackages: true,
    validForOldPackages: true,
    inFile: 'LICENSE.txt'
  }
);

assert.deepEqual(
  valid('SEE LICENSE IN license.md'),
  {
    validForNewPackages: true,
    validForOldPackages: true,
    inFile: 'license.md'
  }
);

If there aren't any licensing terms, use UNLICENSED:

var unlicensed = {
  validForNewPackages: true,
  validForOldPackages: true,
  unlicensed: true
};
assert.deepEqual(valid('UNLICENSED'), unlicensed);
assert.deepEqual(valid('UNLICENCED'), unlicensed);

Versions

Version
3.0.4
3.0.3
3.0.2
3.0.1
3.0.0