Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/samhammerag/npm-license-check-action

check licenses of npm packages
https://github.com/samhammerag/npm-license-check-action

github-actions

Last synced: 23 days ago
JSON representation

check licenses of npm packages

Awesome Lists containing this project

README

        

# npm-license-check-action
This action checks licenses of npm packages and fails if finding licenses that are not allowed.\
It also shows an overview of packages with license information.\
We are using [license-checker](https://github.com/RSeidelsohn/license-checker-rseidelsohn) to do the checks.

The action checks
- production dependencies (ignores dev dependencies)
- only direct dependencies (ignores subdependencies)
- public packages (ignores private)

## Inputs
see action definition [action.yaml](action.yaml)

## Example usage

```yaml
uses: SamhammerAG/npm-license-check-action@v1
with:
packageDir: 'sources/app'
exportDir: 'sources/app/public'
allowedLicenses: 'MIT;Apache-2.0'
```

## Sample Outputs

Shows which package uses which licenses.
```
| Package | License Type |
|--------------------------------------------------|
| @actions/[email protected] | MIT |
| [email protected] | BSD-3-Clause |
| [email protected] | MIT |
| [email protected] | MIT |
| [email protected] | MIT |
```

Shows which package uses license that is not allowed.
```
Package "@actions/[email protected]" is licensed under "MIT" which is not permitted by the --onlyAllow flag. Exiting.
```