License Checker CI
Wrapper for license-checker, to use it in CI with a whitelist.
Usage
Call from CLI as follows:
$ license-checker-ci [--whitelists relative-path-to-whitelists] [folder1] [folder2] [...]
where by default, relative-path-to-whitelist is ./.license-checker-ci/whitelists.json and only the current working directory is checked.
The call will fail (exit with code 1) if any non-whitelisted packages with a non-whitelisted license are found.
Example:
$ license-checker-ci
[/home/philipp/code/license-checker-ci] amdefine@1.0.1 with license(s) BSD-3-Clause OR MIT not whitelisted.
[/home/philipp/code/license-checker-ci] json-schema@0.2.3 with license(s) AFLv2.1,BSD not whitelisted.
[/home/philipp/code/license-checker-ci] optimist@0.6.1 with license(s) MIT* not whitelisted.
[/home/philipp/code/license-checker-ci] wordwrap@0.0.2 with license(s) MIT* not whitelisted.
License check failed: 5 problems detected.
$ echo $?
1
Note that the working directory must contain a valid package.json and subfolder node_modules.
Whitelists specification
The whitelists file must be a valid json specifying an object with properties packages and licenses. licenses must contain an array of the licenses you want to whitelist, packages must containt an array of the packages including a semver version range that you want to whitelist.
Example:
Multiple licenses
Some packages allow redistribution under combinations of licenses, e.g. (License-1 OR License-2 OR License-3) or (License-1 AND License-2).
You only need to whitelist one of those licenses for OR-combinations and all licenses for AND-combinations. See https://www.npmjs.com/package/spdx-expression-parse for details.
LICENSE
MIT