A linter for NPM package licenses to avoid dependencies that not compatible with license of your software. It can check licenses automatically on CI or on NPM postinstall.
npm install -D @rambler-tech/licenselintor
yarn add -D @rambler-tech/licenselintlicenselint --help
Lint NPM package licenses
Usage
licenselint [dirname]
Options
--production Only lint production dependencies
--development Only lint development dependencies
--summary Output a summary of the license usage
--deny Fail on an occurrence of the licenses of the deny list
--allow Fail on an occurrence of the licenses not in the allow list
--exclude Exclude modules which licenses are in the list
--extends Use custom configuration file
Examples
licenselint
licenselint packages/foo
licenselint --production
licenselint --deny LGPL
licenselint --allow MIT --allow ISC
licenselint --extends shared/licenserc.jsonThen use it for automatically check in CI
...
lint deps:
stage: test
script:
- npm install
- licenselint
...Or on NPM postinstall
{
"name": "app",
"description": "...",
"version": "0.1.2",
"scripts": {
"...": "...",
"postinstall": "licenselint"
},
"...": "..."
}Create .licenserc.json configuration file:
{
"production": true,
"deny": [
"GPL",
"LGPL"
]
}Configuration file supports all CLI flags.
Also you can extends your local setup with shared configuration:
{
"extends": "@shared/licenserc",
"summary": true
}MIT