License Checker CI
Wrapper for license-checker, to use it in CI with a whitelist.
Usage
Call from CLI as follows:
$ license-checker-ci [--whitelists relative-path-to-whitelists] [folder1] [folder2] [...]
where by default, relative-path-to-whitelist
is ./.license-checker-ci/whitelists.json
and only the current working directory is checked.
The call will fail (exit with code 1) if any non-whitelisted packages with a non-whitelisted license are found.
Example:
$ license-checker-ci
[/home/philipp/code/license-checker-ci] amdefine@1.0.1 with license(s) BSD-3-Clause OR MIT not whitelisted.
[/home/philipp/code/license-checker-ci] json-schema@0.2.3 with license(s) AFLv2.1,BSD not whitelisted.
[/home/philipp/code/license-checker-ci] optimist@0.6.1 with license(s) MIT* not whitelisted.
[/home/philipp/code/license-checker-ci] wordwrap@0.0.2 with license(s) MIT* not whitelisted.
License check failed: 5 problems detected.
$ echo $?
1
Note that the working directory must contain a valid package.json
and subfolder node_modules
.
Whitelists specification
The whitelists file must be a valid json specifying an object with properties packages
and licenses
. licenses
must contain an array of the licenses you want to whitelist, packages
must containt an array of the packages including a semver version range that you want to whitelist.
Example:
Multiple licenses
Some packages allow redistribution under combinations of licenses, e.g. (License-1 OR License-2 OR License-3)
or (License-1 AND License-2)
.
You only need to whitelist one of those licenses for OR
-combinations and all licenses for AND
-combinations. See https://www.npmjs.com/package/spdx-expression-parse for details.
LICENSE
MIT