npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

license-ripper

v0.8.2

Published

Rips license text from LICENSE and README files.

Downloads

17

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

arthurcosearthurcose

Keywords

licensecli

Readme

License Ripper

Searches node_modules for licenses within loosely matched NOTICE, LICENSE/LICENCE, COPYING, and README files to automate most of the license compliance work, resolving package repositories and downloading copies if necessary.

Output should still be checked as it's possible for incomplete or incorrect data to pass through, some alternate package managers such as yarn are not yet supported, and some packages may even be skipped with globally installed packages. When used as a CLI program, it will warn when license text does not appear to match with the license type, or if any license type was resolved using license text instead of package.toml (marked with a * at the end). These warnings can be resolved through the overrides config option to clear up any issues.

Similar tools exist such as license-checker and license-report exist, however the primary purpose of these other tools is to report the license type of other packages and will at most allow you to see where you can access the license.

If you're using webpack, webpack-license-plugin is a more mature library that provides license text and hooks into webpack to resolve only the packages that make it to the final build, useful when there's package licenses you can't comply with (such as GPL/LGPL) that are only used as development tools or server side.

Supported Package Managers

  • npm
  • pnpm
  • yarn classic

CLI

npm install -g license-ripper or npm install -D license-ripper for package local usage with npx.

Usage: license-ripper [OPTIONS] [PROJECT_ROOT]

Options:
  -o, --output <FILE_NAME>   Writes output to a file rather than stdout
      --config <FILE_NAME>   Passes the file as ripAll's options parameter
      --compress             Changes output to recycle license text, replacing the value with a key
      --include-dev          Includes dev dependencies in the output
      --include-homepage     Adds a homepage key containing a URL string for relevant packages
      --include-repository   Adds a repository key containing a URL string for relevant packages
      --include-funding      Adds a funding key containing a list of URL strings for relevant packages
      --include-description  Adds a description key containing containing the description stored in package.json
      --include <NAMES>      Include only packages with a match in NAMES, a comma separated list of package names
      --exclude <NAMES>      Exclude packages matching NAMES, a comma separated list of package names
      --summary              Changes output to count licenses grouped by name
      --clean                Deletes cached licenses instead of resolving licenses
  -v, --version
  -h, --help

Config/Options:

export type Options = {
  /** Adds a homepage key containing a URL string for relevant packages, defaults to false */
  includeHomepage?: boolean;
  /** Adds a repository key containing a URL string for relevant packages, defaults to false */
  includeRepository?: boolean;
  /** Adds a funding key containing a list of URL strings for relevant packages, defaults to false */
  includeFunding?: boolean;
  /** Adds a description key containing the description stored in package.json, defaults to false */
  includeDescription?: boolean;
  /** Includes devDependencies in the output, defaults to false */
  includeDev?: boolean;
  /** List of package names to exclude from results, used when the license is only provided from a parent package */
  exclude?: string[];
  /** When defined, any packages not in this list are excluded */
  include?: string[];
  /** Useful for getting rid of warnings and handling cases where the tool fails to grab the license */
  overrides?: {
    [packageName: string]: {
      licenseExpression: string;
      licenses?: ForcedLicense[];
    };
  };
  /** Add anything not picked up by the tool */
  append?: {
    name: string;
    version?: string;
    path?: string;
    licenseExpression?: string;
    licenses?: ForcedLicense[];
    homepage?: string;
    repository?: string;
    funding?: string[];
    description?: string;
  }[];
  /** Defaults to [projectRoot]/node_modules/.cache/license-ripper */
  cacheFolder?: string;
};

export type ForcedLicense = {
  expression?: string;
  text?: string;
  file?: string;
};

Library Usage

import { ripAll } from "./dist/index.js";

const projectRoot = "";
const options = { includeRepository: true };
const results = await ripAll(projectRoot, options);

console.log(JSON.stringify(results.resolved, null, 2));
// [
//   {
//     "name": "array-find-index",
//     "version": "1.0.2",
//     "path": "node_modules/array-find-index",
//     "licenseExpression": "MIT",
//     "licenses": [
//       {
//         "expression": "MIT",
//         "source": "license",
//         "text": "The MIT License (MIT) ..."
//       },
//       {
//         "expression": "UNKNOWN",
//         "source": "readme",
//         "text": "## License\n\nMIT © [Sindre Sorhus](https://sindresorhus.com)\n"
//       }
//     ],
//     "repository": "https://github.com/sindresorhus/array-find-index"
//   },
//   ...
//