Dead simple license scraper and validator with zero dependencies.

Introduction

npm-license-scraper will scan your package.json and node_modules to generate a JSON file including the licenses of all open source packages that are being used.

Usage

$ npm i -D @inthepocket/npm-license-scraper

# Via npx
$ npx npm-license-scraper

# Directly
$ node node_modules/.bin/npm-license-scraper

Options

• --export [filename]: Export to a JSON file. (default ./licenses.json)
• --includeDev: Include dev dependencies in output (default false)
• --exclude [package|package,package,package]: Ignore certain packages from the check (e.g submodules, monorepo or private packages)

Output format

The exported JSON file has the following format:

type JSON = Array<{
  name: string;
  version: string;
  license: string;
  url: string;
  isValid: boolean;
}>;

Example:

[
  {
    "package": "react",
    "version": "18.0.0",
    "license": "MIT",
    "url": "https://reactjs.org/",
    "isValid": true
  },
  {
    "package": "react-native",
    "version": "0.69.3",
    "license": "MIT",
    "url": "https://npmjs.com/package/react-native",
    "isValid": true
  }
]