@nodesecure/ntlp
v3.0.0
Published
npm tarball license parser and conformance checker
Downloads
235
Readme
npm tarball license parser
Fetch all licenses and their SPDX conformance from a given npm tarball.
Requirements
- Node.js v18 or higher
Getting Started
This package is available in the Node Package Repository and can be easily installed with npm or yarn.
$ npm i @nodesecure/ntlp
# or
$ yarn add @nodesecure/ntlp
Usage example
import * as ntlp from "@nodesecure/ntlp";
// Asynchronous
{
const licenses = await ntlp.extractLicenses(process.cwd());
console.log(licenses);
}
// Synchronous
{
const licenses = ntlp.extractLicensesSync(process.cwd());
console.log(licenses);
}
API
extractLicenses(location: string, options?: extractAsyncOptions): Promise< SpdxExtractedResult >
Search and parse all licenses at the given location.
Return all licenses with their SPDX conformance.
import {
spdxLicenseConformance
} from "@nodesecure/licenses-conformance";
export interface SpdxLicenseConformance extends spdxLicenseConformance {
from: string;
}
export interface SpdxExtractedResult {
/**
* List of license (with their SPDX conformance)
*/
licenses: SpdxLicenseConformance[];
/**
* Has multiple unique licenses (MIT, ISC ..)
*/
hasMultipleLicenses: boolean;
/**
* Unique list of license (MIT, ISC). The list cannot contain duplicate.
*/
uniqueLicenseIds: string[];
/**
* List of licenses with no SPDX (or with invalid ids).
*/
invalidLicenseIds: string[];
}
extractLicensesSync(location: string, options?: ExtractSyncOptions): SpdxExtractedResult
Same as extractLicenses
but use synchronous FS API.
Contributors ✨
Thanks goes to these wonderful people (emoji key):
License
MIT