Bachir Soussi Chiadmi cefd1c2ad0 updated sys and created publi | 6 years ago | |
---|---|---|
.. | ||
AUTHORS | 7 years ago | |
LICENSE | 7 years ago | |
README.md | 7 years ago | |
index.js | 7 years ago | |
package.json | 6 years ago | |
parser.js | 7 years ago |
This package parses SPDX license expression strings describing license terms, like package.json license strings, into consistently structured ECMAScript objects. The npm command-line interface depends on this package, as do many automatic license-audit tools.
In a nutshell:
var parse = require('spdx-expression-parse')
var assert = require('assert')
assert.deepEqual(
// Licensed under the terms of the Two-Clause BSD License.
parse('BSD-2-Clause'),
{license: 'BSD-2-Clause'}
)
assert.throws(function () {
// An invalid SPDX license expression.
// Should be `Apache-2.0`.
parse('Apache 2')
})
assert.deepEqual(
// Dual licensed under LGPL 2.1 or a combination of the Three-Clause
// BSD License and the MIT License.
parse('(LGPL-2.1 OR BSD-3-Clause AND MIT)'),
{
left: {license: 'LGPL-2.1'},
conjunction: 'or',
right: {
left: {license: 'BSD-3-Clause'},
conjunction: 'and',
right: {license: 'MIT'}
}
}
)
The syntax comes from the Software Package Data eXchange (SPDX), a standard from the Linux Foundation for shareable data about software package license terms. SPDX aims to make sharing and auditing license data easy, especially for users of open-source software.
The bulk of the SPDX standard describes syntax and semantics of XML metadata files. This package implements two lightweight, plain-text components of that larger standard:
The license list, a mapping from specific string identifiers, like Apache-2.0
, to standard form license texts and bolt-on license exceptions. The spdx-license-ids and spdx-exceptions packages implement the license list. They are development dependencies of this package.
Any license identifier from the license list is a valid license expression:
require('spdx-license-ids').forEach(function (id) {
assert.deepEqual(parse(id), {license: id})
})
So is any license identifier WITH
a standardized license exception:
require('spdx-license-ids').forEach(function (id) {
require('spdx-exceptions').forEach(function (e) {
assert.deepEqual(
parse(id + ' WITH ' + e),
{license: id, exception: e}
)
})
})
The license expression language, for describing simple and complex license terms, like MIT
for MIT-licensed and (GPL-2.0 OR Apache-2.0)
for dual-licensing under GPL 2.0 and Apache 2.0. This package implements the license expression language.
assert.deepEqual(
// Licensed under a combination of the MIT License and a combination
// of LGPL 2.1 (or a later version) and the Three-Clause BSD License.
parse('(MIT AND (LGPL-2.1+ AND BSD-3-Clause))'),
{
left: {license: 'MIT'},
conjunction: 'and',
right: {
left: {license: 'LGPL-2.1', plus: true},
conjunction: 'and',
right: {license: 'BSD-3-Clause'}
}
}
)
The Linux Foundation and its contributors license the SPDX standard under the terms of the Creative Commons Attribution License 3.0 Unported (SPDX: "CC-BY-3.0"). "SPDX" is a United States federally registered trademark of the Linux Foundation. The authors of this package license their work under the terms of the MIT License.