{"id":13725211,"url":"https://github.com/franciscop/legally","last_synced_at":"2025-05-16T18:08:20.780Z","repository":{"id":47642831,"uuid":"49115417","full_name":"franciscop/legally","owner":"franciscop","description":":books: Check the licenses for the NPM packages that you use","archived":false,"fork":false,"pushed_at":"2021-08-18T22:04:40.000Z","size":1046,"stargazers_count":427,"open_issues_count":6,"forks_count":22,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-05-15T09:41:19.241Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/franciscop.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null},"funding":{"custom":"https://www.paypal.me/franciscopresencia/19"}},"created_at":"2016-01-06T05:46:15.000Z","updated_at":"2025-05-08T23:00:38.000Z","dependencies_parsed_at":"2022-09-23T14:52:09.284Z","dependency_job_id":null,"html_url":"https://github.com/franciscop/legally","commit_stats":null,"previous_names":[],"tags_count":41,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franciscop%2Flegally","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franciscop%2Flegally/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franciscop%2Flegally/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/franciscop%2Flegally/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/franciscop","download_url":"https://codeload.github.com/franciscop/legally/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254582907,"owners_count":22095518,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-03T01:02:15.904Z","updated_at":"2025-05-16T18:08:20.736Z","avatar_url":"https://github.com/franciscop.png","language":"JavaScript","funding_links":["https://www.paypal.me/franciscopresencia/19"],"categories":["JavaScript"],"sub_categories":[],"readme":"# Legally [![npx legally](https://img.shields.io/badge/npx-legally-blue.svg)](https://www.npmjs.com/package/legally) [![test badge](https://github.com/franciscop/legally/workflows/tests/badge.svg)](https://github.com/franciscop/legally/blob/master/.github/workflows/tests.yml)\n\n\u003e Disclaimer: I am not a lawyer and this is not legal advice\n\nDiscover the license of npm packages that you are using in an easy way:\n\n```bash\nnpm install legally -g    # Make it work everywhere\nlegally                   # Check licenses of current directory\nlegally express           # Check an npm library's licenses\n```\n\nIt will display first those node_modules' licenses:\n\n![Licenses](images/packages.png)\n\n\u003e `-` means the license couldn't be found and `?` that it was found but couldn't be parsed\n\nAnd then the license count in your project (different example from the one above):\n\n![License count](images/licenses.png)\n\nFinally, you will get a small report stating whether everything is correct or not:\n\n![License count](images/reports-clear.png)\n\n![License count](images/reports-error.png)\n\n\u003e If you want to understand what the licenses mean, [Elad Nava](https://eladnava.com/) created [tldrlegal](https://github.com/eladnava/tldrlegal) based on `legally`.\n\n\n\n## Documentation\n\n\u003e You can use this library programmatically with Node.js as well: [Node.js API](#nodejs-api)\n\nThe plain command will perform an analysis in-depth of your installed packages and report everything, and that's likely all that you will need:\n\n```bash\nlegally\n```\n\n\n### Remote packages\n\nTo check a package's license before adding it to your project name it and legally will analyze it. Let's check `express`'s licenses':\n\n```bash\nlegally express\n```\n\nIt will take a while since it has to download it and its dependencies and then it will perform the same analysis as if it was the only package in your repository. You can also check many at the same time:\n\n```bash\nlegally express body-parser formidable\n```\n\n\n### Selective analysis\n\nTo show only a part of the analysis, pass the name of the part that you want to show\n\n```bash\n# List of packages and their licenses\nlegally -p\nlegally --show packages\n\n# Breakdown of what licenses your dependencies have\nlegally -l\nlegally --show licenses\n\n# Overview with actionable points\nlegally -r\nlegally --show reports\n```\n\nYou can also combine them with:\n\n```bash\nlegally -lr   # licenses and reports\nlegally --show licenses --show reports  # same\n```\n\n\n\n### Type and filter\n\nYou can perform two kind of filters; strict filter (`type`) or soft filter (`filter`) both of them case-insensitive. The **type** will match only those passed literally, while the **filter** will look for the name within the license type:\n\n```bash\nlegally --type mit  # match \"MIT\"\nlegally --filter cc   # match \"cc0\", \"cc-by 3.0\", etc\n```\n\nYou can also combine them\n\n```bash\n# Display MIT and BSD family\nlegally --type mit --filter bsd\n```\n\nOr just put several filters\n\n```bash\n# Display MIT and BSD families\nlegally --filter mit --filter bsd\n```\n\n\n\n\n### Styles\n\nYou can change the style of the table with the `--border` option. Try the `ascii` option if the table is not displayed correctly by default:\n\n```bash\nlegally --border thin\nlegally --border bold\nlegally --border double\nlegally --border ascii  # This will work in most systems\n```\n\n![ASCII style](images/borders.png)\n\nYou can use the `--plain` option for output without any [ANSI escape codes](https://en.wikipedia.org/wiki/ANSI_escape_code):\n\n```bash\nlegally --plain\nlegally --plain \u003e license-report.txt\n```\n\nLastly, you can also add a width if not all of your licenses are displayed correctly and will adjust it *approximately*. Make sure to adjust your terminal size accordingly. It defaults to `80`:\n\n```bash\nlegally --width 100\n```\n\n\n## Node.js API\n\n```js\nconst legally = require('legally');\n\n(async () =\u003e {\n  const licenses = await legally('express');\n  console.log(licenses);\n  // {\n  //   'accepts@1.3.5': { package: [ 'MIT' ], license: [ 'MIT' ], readme: [] },\n  //   'array-flatten@1.1.1': { package: [ 'MIT' ], license: [ 'MIT' ], readme: [] },\n  //   ...\n  // }\n})();\n```\n\nNote: to avoid your Node.js process from exiting too early if you copy-paste the above example, [see this StackOverflow answer (by myself)](https://stackoverflow.com/a/50451612/938236):\n\n```js\nconst legally = require('legally');\n\nvar done = (function wait () { if (!done) setTimeout(wait, 1000) })();\n\n(async () =\u003e {\n  const licenses = await legally('express');\n  console.log(licenses);\n  // {\n  //   'accepts@1.3.5': { package: [ 'MIT' ], license: [ 'MIT' ], readme: [] },\n  //   'array-flatten@1.1.1': { package: [ 'MIT' ], license: [ 'MIT' ], readme: [] },\n  //   ...\n  // }\n  done = true;\n})();\n```\n\nYou can put each package with a single license string like `MIT` or `MIT+ISC`:\n\n```js\nconst legally = require('legally');\n\nconst unique = (value, index, self) =\u003e self.indexOf(value) === index;\nconst toStr = lic =\u003e [...lic.package, ...lic.license, ...lic.readme].filter(unique).join('+');\nconst plain = licenses =\u003e Object.entries(licenses).reduce((obj, [pack, lic]) =\u003e ({\n  ...obj, [pack]: toStr(lic)\n}), {});\n\n(async () =\u003e {\n  const licenses = await legally('express');\n  console.log(plain(licenses));\n  // {\n  //   'accepts@1.3.5': 'MIT',\n  //   'array-flatten@1.1.1': 'MIT',\n  //   ...\n  // }\n})();\n```\n\n\n\n## FAQ\n\n**WTF does this license mean?**\n\nThere's a service called [TL;DR Legal](https://tldrlegal.com/) that helps you navigate those licenses and [Elad Nava](https://eladnava.com/) created [**tldrlegal**](https://github.com/eladnava/tldrlegal) based on that and built on top of `legally`.\n\n\n**It says `'No modules installed'`**\n\nMake sure that you are in the root folder for your project; doing `ls` you should be able to see `node_modules`\n\n\n**I have more licenses than dependencies**\n\nThat could happen. While we only account for one license type per project, a project can have (and many do it) several licenses at the same time.\n\nIn the Packages table, you can see this is indicated with a `+`. For example, `JSONStream` has these licenses [parsed out of `package.json`](https://github.com/dominictarr/JSONStream/blob/master/package.json#L10): `MIT + Apache 2`\n\n\n**Does it check all modules by npm?**\n\nYes, it will check all of the modules in `node_modules` and the nested ones except for folders starting with `.`.\n\n\n**What licenses does it check?**\n\nIt attempts to find Apache, BSD (2 and 3 Clause), CC0, ISC and MIT. It will also attempt to clean existing ones. The list *is* short, so please feel free to expand it adding a new file in `/licenses`:\n\n```js\n// File /licenses/mit.js\nmodule.exports.name = 'MIT';\nmodule.exports.regex = /(?:The )?MIT(?: (L|l)icense)/;\nmodule.exports.text = `\n  Permission is hereby granted, free of charge, to any person obtaining a copy\n  ...\n  furnished to do so, subject to the following conditions:\n\n  The above copyright notice and this permission notice shall be included in\n  all copies or substantial portions of the Software.\n`;\nmodule.exports.fragments = module.exports.text.split(/\\n\\n/);\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffranciscop%2Flegally","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffranciscop%2Flegally","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffranciscop%2Flegally/lists"}