TripSit/TripSit_Suite
Archived
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
This repository has been archived on 2020-11-02. You can view files and clone it, but cannot push or open issues or pull requests.
ed23347e56
TripSit_Suite/node_modules/validate-npm-package-license
History
cranberry ed23347e56 Initial comission of TheLounge base files
2020-11-01 22:46:04 +00:00
..
index.js Initial comission of TheLounge base files 2020-11-01 22:46:04 +00:00
LICENSE Initial comission of TheLounge base files 2020-11-01 22:46:04 +00:00
package.json Initial comission of TheLounge base files 2020-11-01 22:46:04 +00:00
README.md Initial comission of TheLounge base files 2020-11-01 22:46:04 +00:00

README.md

validate-npm-package-license

Give me a string and Ill tell you if its a valid npm package license string.

var valid = require('validate-npm-package-license');

SPDX license identifiers are valid license strings:


var assert = require('assert');
var validSPDXExpression = {
  validForNewPackages: true,
  validForOldPackages: true,
  spdx: true
};

assert.deepEqual(valid('MIT'), validSPDXExpression);
assert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);
assert.deepEqual(valid('Apache-2.0'), validSPDXExpression);
assert.deepEqual(valid('ISC'), validSPDXExpression);

The function will return a warning and suggestion for nearly-correct license identifiers:

assert.deepEqual(
  valid('Apache 2.0'),
  {
    validForOldPackages: false,
    validForNewPackages: false,
    warnings: [
      'license should be ' +
      'a valid SPDX license expression (without "LicenseRef"), ' +
      '"UNLICENSED", or ' +
      '"SEE LICENSE IN <filename>"',
      'license is similar to the valid expression "Apache-2.0"'
    ]
  }
);

SPDX expressions are valid, too …

// Simple SPDX license expression for dual licensing
assert.deepEqual(
  valid('(GPL-3.0-only OR BSD-2-Clause)'),
  validSPDXExpression
);

… except if they contain LicenseRef:

var warningAboutLicenseRef = {
  validForOldPackages: false,
  validForNewPackages: false,
  spdx: true,
  warnings: [
    'license should be ' +
    'a valid SPDX license expression (without "LicenseRef"), ' +
    '"UNLICENSED", or ' +
    '"SEE LICENSE IN <filename>"',
  ]
};

assert.deepEqual(
  valid('LicenseRef-Made-Up'),
  warningAboutLicenseRef
);

assert.deepEqual(
  valid('(MIT OR LicenseRef-Made-Up)'),
  warningAboutLicenseRef
);

If you cant describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:

assert.deepEqual(
  valid('SEE LICENSE IN LICENSE.txt'),
  {
    validForNewPackages: true,
    validForOldPackages: true,
    inFile: 'LICENSE.txt'
  }
);

assert.deepEqual(
  valid('SEE LICENSE IN license.md'),
  {
    validForNewPackages: true,
    validForOldPackages: true,
    inFile: 'license.md'
  }
);

If there arent any licensing terms, use UNLICENSED:

var unlicensed = {
  validForNewPackages: true,
  validForOldPackages: true,
  unlicensed: true
};
assert.deepEqual(valid('UNLICENSED'), unlicensed);
assert.deepEqual(valid('UNLICENCED'), unlicensed);