{"id":13453641,"url":"https://github.com/davglass/license-checker","last_synced_at":"2025-05-14T00:08:28.889Z","repository":{"id":6375036,"uuid":"7612484","full_name":"davglass/license-checker","owner":"davglass","description":"Check NPM package licenses","archived":false,"fork":false,"pushed_at":"2024-01-29T23:56:03.000Z","size":425,"stargazers_count":1646,"open_issues_count":94,"forks_count":214,"subscribers_count":18,"default_branch":"master","last_synced_at":"2025-05-13T19:14:53.636Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/davglass.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2013-01-14T20:53:59.000Z","updated_at":"2025-05-12T14:08:01.000Z","dependencies_parsed_at":"2024-02-04T16:19:45.190Z","dependency_job_id":"49aa1420-c4b1-42a6-9998-db653eb19c2b","html_url":"https://github.com/davglass/license-checker","commit_stats":{"total_commits":316,"total_committers":51,"mean_commits":6.196078431372549,"dds":0.3987341772151899,"last_synced_commit":"de6e9a42513aa38a58efc6b202ee5281ed61f486"},"previous_names":[],"tags_count":68,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davglass%2Flicense-checker","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davglass%2Flicense-checker/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davglass%2Flicense-checker/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/davglass%2Flicense-checker/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/davglass","download_url":"https://codeload.github.com/davglass/license-checker/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254043997,"owners_count":22005056,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T08:00:44.865Z","updated_at":"2025-05-14T00:08:26.860Z","avatar_url":"https://github.com/davglass.png","language":"JavaScript","funding_links":[],"categories":["Packages","JavaScript","包","Command-line apps","目录","Software"],"sub_categories":["Command-line apps","命令行程序","命令行应用","Tools \u0026 libs"],"readme":"NPM License Checker\n===================\n\n[![Build Status](https://www.travis-ci.org/davglass/license-checker.svg?branch=master)](https://www.travis-ci.org/davglass/license-checker)\n\n*As of v17.0.0 the `failOn` and `onlyAllow` arguments take semicolons as delimeters instead of commas. Some license names contain\ncommas and it messed with the parsing*\n\nEver needed to see all the license info for a module and its dependencies?\n\nIt's this easy:\n\n```shell\nnpm install -g license-checker\n\nmkdir foo\ncd foo\nnpm install yui-lint\nlicense-checker\n```\n\nYou should see something like this:\n\n```\n├─ cli@0.4.3\n│  ├─ repository: http://github.com/chriso/cli\n│  └─ licenses: MIT\n├─ glob@3.1.14\n│  ├─ repository: https://github.com/isaacs/node-glob\n│  └─ licenses: UNKNOWN\n├─ graceful-fs@1.1.14\n│  ├─ repository: https://github.com/isaacs/node-graceful-fs\n│  └─ licenses: UNKNOWN\n├─ inherits@1.0.0\n│  ├─ repository: https://github.com/isaacs/inherits\n│  └─ licenses: UNKNOWN\n├─ jshint@0.9.1\n│  └─ licenses: MIT\n├─ lru-cache@1.0.6\n│  ├─ repository: https://github.com/isaacs/node-lru-cache\n│  └─ licenses: MIT\n├─ lru-cache@2.0.4\n│  ├─ repository: https://github.com/isaacs/node-lru-cache\n│  └─ licenses: MIT\n├─ minimatch@0.0.5\n│  ├─ repository: https://github.com/isaacs/minimatch\n│  └─ licenses: MIT\n├─ minimatch@0.2.9\n│  ├─ repository: https://github.com/isaacs/minimatch\n│  └─ licenses: MIT\n├─ sigmund@1.0.0\n│  ├─ repository: https://github.com/isaacs/sigmund\n│  └─ licenses: UNKNOWN\n└─ yui-lint@0.1.1\n   ├─ licenses: BSD\n      └─ repository: http://github.com/yui/yui-lint\n```\n\nAn asterisk next to a license name means that it was deduced from\nan other file than package.json (README, LICENSE, COPYING, ...)\nYou could see something like this:\n\n```\n└─ debug@2.0.0\n   ├─ repository: https://github.com/visionmedia/debug\n   └─ licenses: MIT*\n```\n\nOptions\n-------\n\n* `--production` only show production dependencies.\n* `--development` only show development dependencies.\n* `--start [path of the initial json to look for]`\n* `--unknown` report guessed licenses as unknown licenses.\n* `--onlyunknown` only list packages with unknown or guessed licenses.\n* `--json` output in json format.\n* `--csv` output in csv format.\n* `--csvComponentPrefix` prefix column for component in csv format.\n* `--out [filepath]` write the data to a specific file.\n* `--customPath` to add a custom Format file in JSON\n* `--exclude [list]` exclude modules which licenses are in the comma-separated list from the output\n* `--relativeLicensePath` output the location of the license files as relative paths\n* `--summary` output a summary of the license usage',\n* `--failOn [list]` fail (exit with code 1) on the first occurrence of the licenses of the semicolon-separated list\n* `--onlyAllow [list]` fail (exit with code 1) on the first occurrence of the licenses not in the semicolon-seperated list\n* `--packages [list]` restrict output to the packages (package@version) in the semicolon-seperated list\n* `--excludePackages [list]` restrict output to the packages (package@version) not in the semicolon-seperated list\n* `--excludePrivatePackages` restrict output to not include any package marked as private\n* `--direct look for direct dependencies only`\n\nExclusions\n----------\nA list of licenses is the simplest way to describe what you want to exclude.\n\nYou can use valid [SPDX identifiers](https://spdx.org/licenses/).\nYou can use valid SPDX expressions like `MIT OR X11`.\nYou can use non-valid SPDX identifiers, like `Public Domain`, since `npm` does\nsupport some license strings that are not SPDX identifiers.\n\nExamples\n--------\n\n```\nlicense-checker --json \u003e /path/to/licenses.json\nlicense-checker --csv --out /path/to/licenses.csv\nlicense-checker --unknown\nlicense-checker --customPath customFormatExample.json\nlicense-checker --exclude 'MIT, MIT OR X11, BSD, ISC'\nlicense-checker --packages 'react@16.3.0;react-dom@16.3.0;lodash@4.3.1'\nlicense-checker --excludePackages 'internal-1;internal-2'\nlicense-checker --onlyunknown\n```\n\nCustom format\n-------------\n\nThe `--customPath` option can be used with CSV to specify the columns. Note that\nthe first column, `module_name`, will always be used.\n\nWhen used with JSON format, it will add the specified items to the usual ones.\n\nThe available items are the following:\n- name\n- version\n- description\n- repository\n- publisher\n- email\n- url\n- licenses\n- licenseFile\n- licenseText\n- licenseModified\n\nYou can also give default values for each item.\nSee an example in [customFormatExample.json](customFormatExample.json).\n\nRequiring\n---------\n\n\n```js\nvar checker = require('license-checker');\n\nchecker.init({\n    start: '/path/to/start/looking'\n}, function(err, packages) {\n    if (err) {\n        //Handle error\n    } else {\n        //The sorted package data\n        //as an Object\n    }\n});\n```\n\nDebugging\n---------\n\nlicense-checker uses [debug](https://www.npmjs.com/package/debug) for internal logging. There’s two internal markers:\n\n* `license-checker:error` for errors\n* `license-checker:log` for non-errors\n\nSet the `DEBUG` environment variable to one of these to see debug output:\n\n```shell\n$ export DEBUG=license-checker*; license-checker\nscanning ./yui-lint\n├─ cli@0.4.3\n│  ├─ repository: http://github.com/chriso/cli\n│  └─ licenses: MIT\n# ...\n```\n\nHow Licenses are Found\n----------------------\n\nWe walk through the `node_modules` directory with the [`read-installed`](https://www.npmjs.org/package/read-installed) module. Once we gathered a list of modules we walk through them and look at all of their `package.json`'s, We try to identify the license with the [`spdx`](https://www.npmjs.com/package/spdx) module to see if it has a valid SPDX license attached. If that fails, we then look into the module for the following files: `LICENSE`, `LICENCE`, `COPYING`, \u0026 `README`.\n\nIf one of the those files are found (in that order) we will attempt to parse the license data from it with a list of known license texts. This will be shown with the `*` next to the name of the license to show that we \"guessed\" at it.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdavglass%2Flicense-checker","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdavglass%2Flicense-checker","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdavglass%2Flicense-checker/lists"}