{"id":19068806,"url":"https://github.com/cutenode/conformance","last_synced_at":"2025-04-28T13:48:17.769Z","repository":{"id":46926146,"uuid":"199503955","full_name":"cutenode/conformance","owner":"cutenode","description":"☑️ Module to check SPDX license expression conformance and surface meta information about license expressions","archived":false,"fork":false,"pushed_at":"2023-01-04T05:42:57.000Z","size":752,"stargazers_count":10,"open_issues_count":14,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-04-23T00:38:43.746Z","etag":null,"topics":["conformance","depth","fsf","insight","licenses","osi","spdx"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/cutenode.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-07-29T18:09:11.000Z","updated_at":"2024-09-14T21:04:19.000Z","dependencies_parsed_at":"2023-02-01T23:30:34.478Z","dependency_job_id":null,"html_url":"https://github.com/cutenode/conformance","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cutenode%2Fconformance","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cutenode%2Fconformance/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cutenode%2Fconformance/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/cutenode%2Fconformance/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/cutenode","download_url":"https://codeload.github.com/cutenode/conformance/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251321984,"owners_count":21570831,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["conformance","depth","fsf","insight","licenses","osi","spdx"],"created_at":"2024-11-09T01:12:03.980Z","updated_at":"2025-04-28T13:48:17.738Z","avatar_url":"https://github.com/cutenode.png","language":"JavaScript","readme":"# Conformance\n\nA module that helps you get insight into licenses included in the SPDX license list.\n\n## Usage\n\nIf you just want to see if a specific license ID or license string is conformant:\n\n```js\nconst conformance = require('conformance')\n\nconformance('MIT')\nconformance('ISC OR GPL-2.0-with-GCC-exception')\n```\n\n## What\n\nThis module will spit out an object at you with a suite of information about an SPDX license expression you pass in. In general, it will look something like this:\n\n```json\n{\n  \"uniqueLicenseIds\": [\n    \"MIT\"\n  ],\n  \"spdxLicenseLinks\": [\n    \"https://spdx.org/licenses/MIT.html#licenseText\"\n  ],\n  \"spdx\": {\n    \"osi\": true,\n    \"fsf\": true,\n    \"fsfAndOsi\": true,\n    \"deprecated\": false\n  }\n}\n```\n\n## API\n\nCurrent usage looks like this:\n\n```js\nconst conformance = require('conformance')\n\nconformance(\u003cspdx expression\u003e, [options])\n```\n\nWhere:\n\n- `\u003cspdx expression`\u003e is a required string.\n  - Can be any valid [SPDX license expression](https://spdx.org/spdx-specification-21-web-version#h.jxpfx0ykyb60), which will be parsed by [spdx-expression-parse](https://www.npmjs.com/package/spdx-expression-parse).\n- `[options]` is an optional object that contains the following properties:\n  - `throwOnError`: a `Boolean` that indicates whether or not you want to throw on errors.\n\n## Why\n\nThis is something I've wanted to see for a long time. I've personally seen how high of a barrier licensing can be for larger teams. By increasing insight into license structure across applications, we can hopefully lower the barrier for further adoption across industries ❤️\n\n## Limitations\n\n- License expression depth is currently limited to three licenses. For example, `MIT AND (CC0-1.0 OR ISC)` is the current maximum depth. This will return 3 licenses, as you'd expect. This isn't a hard limit, it's just the depth that's been written in the context of licenses on npm. To date, I've not seen a license expression that goes further than this. If this ends up being rewritten, it should just be a recursive function that continues to check regardless of depth.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcutenode%2Fconformance","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcutenode%2Fconformance","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcutenode%2Fconformance/lists"}