Discover the license footprint of your application
This is a small command line utlity to figure out the licensing footprint of your project or from a given module name.
npm install -g licensing
licensing [flags]--package [dir] : The location of the package.json to use--registry [url] : The registry we should use to resolve packages--name [name] : Discover the footprint of a module instead--devDependencies : Also include all devDependencies--help : Display this messageexample:licensing --name primus
The module and it's submodules that make this license parsing possible are
instrumented with the
debug logging module. If something doesn't work as expected
you can see some useful output by prefixing the
licensing command with the
DEBUG env variable:
The module where this CLI application is build upon makes heavy use of Github and
it's API for resolving licenses. The GitHub API is rate limited to only
requests per hour. Which isn't enough for bigger projects that have a lot of
dependencies or if you want to resolve devDependencies. In order to go around this
limitation you can supply a
GITHUB_TOKEN env variable which contains a personal
OAuth token from your github account. To generate a token:
- Go to your account page on GitHub: https://github.com/settings/tokens/new
- Make sure you select
public_repoand generate a new token.
- Save the token in
bashrc/.profile/zshrcor use it directly using:
GITHUB_TOKEN="adasfadsfadf08df08afa<your token here if it wasn't obvious>" licensing
Armed with this information we can simply resolve the license footprint of a given
module using the
licenses --name <name> command. The following output is the
result of that for the
Resolving dependencies, this might take a whileprimus is licensed as: MITLicenses information:firstname.lastname@example.org : MITfusing@0.1.x : MITeventemitter3@0.1.x : MITforwardedemail@example.com : MITaccessfirstname.lastname@example.org : MITpredefine@0.0.x : MITsetheader@0.0.x : MITms@~0.6.2 : MITextendable@0.0.x : MITdebug@0.7.x : MITFound a module that is incorrectly or not detected at all but doeshave a valid license? Please report this at:Which is the library that does the actual parsing and detection ofthe license so we can improve it's parsing algorithm and yieldbetter results.
If you're just curious about the license impact of your current project, simply
licensing and it will read out your
package.json and start searching for
licensing information. Here's the license information that got outputted for
Resolving dependencies, this might take a whileLicenses information:email@example.com : MITargh@0.1.x : MITlicenses@0.0.x : MITdebug@0.8.x : MITeventemitter3@0.1.x : MITnpmfirstname.lastname@example.org : MITfusing@0.2.x : MITasync@0.6.x : MITgithulk@0.0.x : MITextractemail@example.com : MITmana@0.1.x : MITsemver@2.2.x : BSD 4-Clausepredefine@0.0.x : MITdebug@0.7.x : MITassign@0.1.x : MITback@0.1.x : MITms@0.6.x : MITrequest@2.34.x : Apache firstname.lastname@example.org : MITfusing@0.0.x : MITqs@~0.6.0 : MITjson-stringify-safe@~5.0.0 : BSD 4-Clauseforever-agent@~0.5.0 : Apache 2.0node-uuid@~1.4.0 : MITmime@~1.2.9 : MITtough-cookie@>=0.12.0 : MITform-data@~0.1.0 : MITtunnel-agent@~0.3.0 : Apache 2.0http-signature@~0.10.0 : MIToauth-sign@~0.3.0 : Apache 2.0hawk@~1.0.0 : BSD 4-Clauseaws-sign2@~0.5.0 : Apache 2.0punycode@>=0.2.0 : MIT, GPLcombined-stream@~0.0.4 : MITmime@~1.2.11 : MITasync@~0.2.9 : MITassertemail@example.com : MITasn1@0.1.11 : MITctype@0.5.2 : MIThoek@1.x.x : BSD 4-Clauseboom@2.x.x : BSD 4-Clausecryptiles@2.x.x : BSD 4-Clausesntp@1.x.x : BSD 4-Clausedelayedfirstname.lastname@example.org : MITFound a module that is incorrectly or not detected at all but doeshave a valid license? Please report this at:Which is the library that does the actual parsing and detection ofthe license so we can improve it's parsing algorithm and yieldbetter results.