UNPKG

@zkochan/pnpm

Version:

Fast, disk space efficient package manager

pnpm.js.org

pnpm/pnpm

141 lines (140 loc) 7.74 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
{ "_args": [ [ { "raw": "spdx-expression-parse@^3.0.0", "scope": null, "escapedName": "spdx-expression-parse", "name": "spdx-expression-parse", "rawSpec": "^3.0.0", "spec": ">=3.0.0 <4.0.0", "type": "range" }, "/home/zkochan/src/pnpm/packages/pnpm/node_modules/validate-npm-package-license" ] ], "_from": "spdx-expression-parse@>=3.0.0 <4.0.0", "_id": "spdx-expression-parse@3.0.0", "_inCache": true, "_location": "/spdx-expression-parse", "_nodeVersion": "8.9.4", "_npmOperationalInternal": { "host": "s3://npm-registry-packages", "tmp": "tmp/spdx-expression-parse_3.0.0_1519690458018_0.7153856255157998" }, "_npmUser": { "name": "kemitchell", "email": "kyle@kemitchell.com" }, "_npmVersion": "5.6.0", "_phantomChildren": {}, "_requested": { "raw": "spdx-expression-parse@^3.0.0", "scope": null, "escapedName": "spdx-expression-parse", "name": "spdx-expression-parse", "rawSpec": "^3.0.0", "spec": ">=3.0.0 <4.0.0", "type": "range" }, "_requiredBy": [ "/spdx-correct", "/validate-npm-package-license" ], "_resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.0.tgz", "_shasum": "99e119b7a5da00e05491c9fa338b7904823b41d0", "_shrinkwrap": null, "_spec": "spdx-expression-parse@^3.0.0", "_where": "/home/zkochan/src/pnpm/packages/pnpm/node_modules/validate-npm-package-license", "author": { "name": "Kyle E. Mitchell", "email": "kyle@kemitchell.com", "url": "http://kemitchell.com" }, "bugs": { "url": "https://github.com/jslicense/spdx-expression-parse.js/issues" }, "contributors": [ { "name": "C. Scott Ananian", "email": "cscott@cscott.net", "url": "http://cscott.net" }, { "name": "Kyle E. Mitchell", "email": "kyle@kemitchell.com", "url": "https://kemitchell.com" }, { "name": "Shinnosuke Watanabe", "email": "snnskwtnb@gmail.com" }, { "name": "Antoine Motet", "email": "antoine.motet@gmail.com" } ], "dependencies": { "spdx-exceptions": "^2.1.0", "spdx-license-ids": "^3.0.0" }, "description": "parse SPDX license expressions", "devDependencies": { "defence-cli": "^2.0.1", "mocha": "^3.4.2", "replace-require-self": "^1.0.0", "standard": "^10.0.2" }, "directories": {}, "dist": { "integrity": "sha512-Yg6D3XpRD4kkOmTpdgbUiEJFKghJH03fiC1OPll5h/0sO6neh2jqRDVHOQ4o/LMea0tgCkbMgea5ip/e+MkWyg==", "shasum": "99e119b7a5da00e05491c9fa338b7904823b41d0", "tarball": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.0.tgz", "fileCount": 7, "unpackedSize": 11871 }, "files": [ "AUTHORS", "index.js", "parse.js", "scan.js" ], "gitHead": "063e2d555cc5aef6c433c7dce7c543894476bcb8", "homepage": "https://github.com/jslicense/spdx-expression-parse.js#readme", "keywords": [ "SPDX", "law", "legal", "license", "metadata", "package", "package.json", "standards" ], "license": "MIT", "maintainers": [ { "name": "kemitchell", "email": "kyle@kemitchell.com" }, { "name": "motet-a", "email": "antoine.motet@gmail.com" } ], "name": "spdx-expression-parse", "optionalDependencies": {}, "readme": "This package parses [SPDX license expression](https://spdx.org/spdx-specification-21-web-version#h.jxpfx0ykyb60) strings describing license terms, like [package.json license strings](https://docs.npmjs.com/files/package.json#license), into consistently structured ECMAScript objects. The npm command-line interface depends on this package, as do many automatic license-audit tools.\n\nIn a nutshell:\n\n```javascript\nvar parse = require('spdx-expression-parse')\nvar assert = require('assert')\n\nassert.deepEqual(\n // Licensed under the terms of the Two-Clause BSD License.\n parse('BSD-2-Clause'),\n {license: 'BSD-2-Clause'}\n)\n\nassert.throws(function () {\n // An invalid SPDX license expression.\n // Should be `Apache-2.0`.\n parse('Apache 2')\n})\n\nassert.deepEqual(\n // Dual licensed under either:\n // - LGPL 2.1\n // - a combination of Three-Clause BSD and MIT\n parse('(LGPL-2.1 OR BSD-3-Clause AND MIT)'),\n {\n left: {license: 'LGPL-2.1'},\n conjunction: 'or',\n right: {\n left: {license: 'BSD-3-Clause'},\n conjunction: 'and',\n right: {license: 'MIT'}\n }\n }\n)\n```\n\nThe syntax comes from the [Software Package Data eXchange (SPDX)](https://spdx.org/), a standard from the [Linux Foundation](https://www.linuxfoundation.org) for shareable data about software package license terms. SPDX aims to make sharing and auditing license data easy, especially for users of open-source software.\n\nThe bulk of the SPDX standard describes syntax and semantics of XML metadata files. This package implements two lightweight, plain-text components of that larger standard:\n\n1. The [license list](https://spdx.org/licenses), a mapping from specific string identifiers, like `Apache-2.0`, to standard form license texts and bolt-on license exceptions. The [spdx-license-ids](https://www.npmjs.com/package/spdx-exceptions) and [spdx-exceptions](https://www.npmjs.com/package/spdx-license-ids) packages implement the license list. `spdx-expression-parse` depends on and `require()`s them.\n\n Any license identifier from the license list is a valid license expression:\n\n ```javascript\n var identifiers = []\n .concat(require('spdx-license-ids'))\n .concat(require('spdx-license-ids/deprecated'))\n\n identifiers.forEach(function (id) {\n assert.deepEqual(parse(id), {license: id})\n })\n ```\n\n So is any license identifier `WITH` a standardized license exception:\n\n ```javascript\n identifiers.forEach(function (id) {\n require('spdx-exceptions').forEach(function (e) {\n assert.deepEqual(\n parse(id + ' WITH ' + e),\n {license: id, exception: e}\n )\n })\n })\n ```\n\n2. The license expression language, for describing simple and complex license terms, like `MIT` for MIT-licensed and `(GPL-2.0 OR Apache-2.0)` for dual-licensing under GPL 2.0 and Apache 2.0. `spdx-expression-parse` itself implements license expression language, exporting a parser.\n\n ```javascript\n assert.deepEqual(\n // Licensed under a combination of:\n // - the MIT License AND\n // - a combination of:\n // - LGPL 2.1 (or a later version) AND\n // - Three-Clause BSD\n parse('(MIT AND (LGPL-2.1+ AND BSD-3-Clause))'),\n {\n left: {license: 'MIT'},\n conjunction: 'and',\n right: {\n left: {license: 'LGPL-2.1', plus: true},\n conjunction: 'and',\n right: {license: 'BSD-3-Clause'}\n }\n }\n )\n ```\n\nThe Linux Foundation and its contributors license the SPDX standard under the terms of [the Creative Commons Attribution License 3.0 Unported (SPDX: \"CC-BY-3.0\")](http://spdx.org/licenses/CC-BY-3.0). \"SPDX\" is a United States federally registered trademark of the Linux Foundation. The authors of this package license their work under the terms of the MIT License.\n", "readmeFilename": "README.md", "repository": { "type": "git", "url": "git+https://github.com/jslicense/spdx-expression-parse.js.git" }, "scripts": { "lint": "standard", "test": "npm run test:mocha && npm run test:readme", "test:mocha": "mocha test/index.js", "test:readme": "defence -i javascript README.md | replace-require-self | node" }, "version": "3.0.0" }