Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/tophat/yarn-plugin-licenses

Audit your dependency licenses with this yarn berry plugin
https://github.com/tophat/yarn-plugin-licenses

npm yarn2

Last synced: 3 months ago
JSON representation

Audit your dependency licenses with this yarn berry plugin

Host: GitHub
URL: https://github.com/tophat/yarn-plugin-licenses
Owner: tophat
License: apache-2.0
Created: 2021-02-25T14:58:05.000Z (almost 4 years ago)
Default Branch: master
Last Pushed: 2024-09-25T23:06:25.000Z (3 months ago)
Last Synced: 2024-09-30T16:36:37.919Z (3 months ago)
Topics: npm, yarn2
Language: TypeScript
Homepage:
Size: 4.11 MB
Stars: 26
Watchers: 2
Forks: 7
Open Issues: 11
Metadata Files:
- Readme: README.md
- License: LICENSE
- Code of conduct: CODE_OF_CONDUCT.md

Awesome Lists containing this project

awesome-list - yarn-plugin-licenses

README

        # yarn-plugin-licenses

[![Discord](https://img.shields.io/discord/809577721751142410)](https://discord.gg/YhK3GFcZrk)

Yarn Berry plugin to enforce valid licenses used in a project. Requires Yarn 4+.

## Usage

Define a `licenses.config.js` file:

```js

module.exports = {

    isValidLicense: (license) => {

        const valid = new RegExp('\\b(mit|apache\\b.*2|bsd|isc|unlicense)\\b', 'i')

        return valid.test(license)

    }

}

```

or

```js

module.exports = {

    isValidLicense: new RegExp('\\b(mit|apache\\b.*2|bsd|isc|unlicense)\\b', 'i'),

    ignorePackages: ['react'],

}

```

or

```js

module.exports = {

    isValidLicense: new RegExp('\\b(mit|apache\\b.*2|bsd|isc|unlicense)\\b', 'i'),

    // You can also provide a function for ignorePackages for more complex cases

    ignorePackages: (packageName, license) => packageName === 'scss-parser' && license === 'SEE LICENSE IN README',

}

```

and then:

```

yarn plugin import https://raw.githubusercontent.com/tophat/yarn-plugin-licenses/master/bundles/@yarnpkg/plugin-licenses-audit.js

yarn licenses audit --output-file=licenses.junit.xml --output-csv=licenses.csv --config=licenses.config.js --summary

```

this outputs a junit report to licenses.junit.xml, a CSV report to licenses.csv, and a summary of any violations to

the console.  You can omit some options to change which files are created or what is output, and if you pass `-` as

a filename it will output to stdout instead of to a file.

You can use `yarn licenses audit --summary` for a human readable report for local dev.

By default license files are not traversed since there's no simple heuristic to parse the file, and developers often put custom wording inside. For this reason, if you would like to parse the license files, pass the `--loose` flag to the CLI.

## Contributors

  

    

      
_Noah
💻 🚇

      
_{Kurt von Laven}
💻

      
_{Dobes Vandermeer}
💻

      
_Sarah
💻 🐛

    

  

To add a contributor to the README, signal the [all-contributors](https://allcontributors.org/) bot by adding comments in your PRs like so:

```

@all-contributors please add  for 

```