|
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113 |
- validate-npm-package-license
- ============================
-
- Give me a string and I'll tell you if it's a valid npm package license string.
-
- ```javascript
- var valid = require('validate-npm-package-license');
- ```
-
- SPDX license identifiers are valid license strings:
-
- ```javascript
-
- var assert = require('assert');
- var validSPDXExpression = {
- validForNewPackages: true,
- validForOldPackages: true,
- spdx: true
- };
-
- assert.deepEqual(valid('MIT'), validSPDXExpression);
- assert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);
- assert.deepEqual(valid('Apache-2.0'), validSPDXExpression);
- assert.deepEqual(valid('ISC'), validSPDXExpression);
- ```
- The function will return a warning and suggestion for nearly-correct license identifiers:
-
- ```javascript
- assert.deepEqual(
- valid('Apache 2.0'),
- {
- validForOldPackages: false,
- validForNewPackages: false,
- warnings: [
- 'license should be ' +
- 'a valid SPDX license expression (without "LicenseRef"), ' +
- '"UNLICENSED", or ' +
- '"SEE LICENSE IN <filename>"',
- 'license is similar to the valid expression "Apache-2.0"'
- ]
- }
- );
- ```
-
- SPDX expressions are valid, too ...
-
- ```javascript
- // Simple SPDX license expression for dual licensing
- assert.deepEqual(
- valid('(GPL-3.0-only OR BSD-2-Clause)'),
- validSPDXExpression
- );
- ```
-
- ... except if they contain `LicenseRef`:
-
- ```javascript
- var warningAboutLicenseRef = {
- validForOldPackages: false,
- validForNewPackages: false,
- spdx: true,
- warnings: [
- 'license should be ' +
- 'a valid SPDX license expression (without "LicenseRef"), ' +
- '"UNLICENSED", or ' +
- '"SEE LICENSE IN <filename>"',
- ]
- };
-
- assert.deepEqual(
- valid('LicenseRef-Made-Up'),
- warningAboutLicenseRef
- );
-
- assert.deepEqual(
- valid('(MIT OR LicenseRef-Made-Up)'),
- warningAboutLicenseRef
- );
- ```
-
- If you can't describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:
-
- ```javascript
- assert.deepEqual(
- valid('SEE LICENSE IN LICENSE.txt'),
- {
- validForNewPackages: true,
- validForOldPackages: true,
- inFile: 'LICENSE.txt'
- }
- );
-
- assert.deepEqual(
- valid('SEE LICENSE IN license.md'),
- {
- validForNewPackages: true,
- validForOldPackages: true,
- inFile: 'license.md'
- }
- );
- ```
-
- If there aren't any licensing terms, use `UNLICENSED`:
-
- ```javascript
- var unlicensed = {
- validForNewPackages: true,
- validForOldPackages: true,
- unlicensed: true
- };
- assert.deepEqual(valid('UNLICENSED'), unlicensed);
- assert.deepEqual(valid('UNLICENCED'), unlicensed);
- ```
|
