Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/trustbit/licenseguard

Command line tool for running license checks to guard you from using packages with blacklisted licenses. Integrates well into your ci workflow.
https://github.com/trustbit/licenseguard

ci jenkins license-checking license-scan nodejs

Last synced: about 1 year ago
JSON representation

Command line tool for running license checks to guard you from using packages with blacklisted licenses. Integrates well into your ci workflow.

Awesome Lists containing this project

README 

          
# License Guard



Command line tool for running license checks to guard you from using packages with blacklisted licenses. Integrates well into your ci workflow.

Uses [license-checker](https://www.npmjs.com/package/license-checker) under the hood.



[![Build Status](https://travis-ci.org/Softwarepark/licenseguard.svg?branch=master)](https://travis-ci.org/Softwarepark/licenseguard)



[![Coverage Status](https://coveralls.io/repos/github/Softwarepark/licenseguard/badge.svg?branch=master)](https://coveralls.io/github/Softwarepark/licenseguard?branch=master)



## Install



```bash

npm i licenseguard -g

```



## Usage



```bash

Usage: licenseguard [options]



Options:

  --production              Test only production dependencies

  --development             Test only development dependencies

  --blacklist      Test that license is not used in any npm dependency

  --ignore         Ignore package matching  allows star patterns

  --path              Test "path" for license violations. Defaults to current directory

  --reporter                Reporter to use. Supported reporters: "text", "junit" and "silent" to supress output

  --nofail                  Exit with error code 0 even if blacklisted licenses were found

  --licenses                Print a list of valid license names that can be used in blacklist

  --help                    Print help



Examples:



  Test that no "beerware license" dependency was used            $ licenseguard --blacklist Beerware

  List of blacklisted licenses                                   $ licenseguard --blacklist beerware --blacklist AGPL-3.0

  Ignore a dependency                                            $ licenseguard --ignore yargs@10.0.3

  Ignore multiple dependencies                                   $ licenseguard --ignore yargs@10.0.3 --ignore doctrine@2.1.0

```



## The `licenseguardrc` file



You can configure blacklist and ignore dependencies in a `.licenseguardrc` file in the directory you wish to license test



*Example*



```json

{

    "blacklist": ["Apache-2.0", "CC-BY-3.0"],

    "ignore": ["rc@1.2.3"]

}

```



Ignores dependency `rc@1.2.3` and blacklists licenses `Apache-2.0`, `CC-BY-3.0`.



## Valid License Ids



You can print a list of valid SPDX license ids `licenseguard --licenses`



## Integration with Jenkins



licenseguard comes with an integrated JUnit reporter. You will need to install [JUnit Plugin](https://wiki.jenkins.io/display/JENKINS/JUnit+Plugin).



*Add a build step*



Add a "Execute Windows batch command" or "Execute shell" build step and configure the command like this to use the `junit` reporter and pipe the output to a file.



```bash

licenseguard --reporter junit > licenseguard-results.xml

```



*Add a post build action*



Add a "Publish JUnit test result report" post build action and specify a file pattern matching the output file of the build step before.



After you run a build you should see something like this in jenkins project



![Test Result Trend](https://github.com/Softwarepark/licenseguard/blob/master/assets/jenkins-test-overview.png)



![Test Result](https://github.com/Softwarepark/licenseguard/blob/master/assets/jenkins-test-detail.png)