UNPKG

epd

Version:

Enhanced peer dependency resolution for npm, yarn, and pnpm

github.com/davitacols/epd

davitacols/epd

70 lines • 2.57 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
const COMPATIBLE_LICENSES = new Set([ 'MIT', 'Apache-2.0', 'BSD-2-Clause', 'BSD-3-Clause', 'ISC', 'Unlicense' ]); const HIGH_RISK_LICENSES = new Set([ 'GPL-3.0', 'AGPL-3.0', 'LGPL-3.0' ]); export async function checkLicenses(packageJson) { const deps = { ...packageJson.dependencies, ...packageJson.devDependencies }; const licenses = []; for (const [pkg, version] of Object.entries(deps)) { const licenseInfo = await getPackageLicense(pkg); licenses.push(licenseInfo); } const compatible = licenses.filter(l => l.compatible); const incompatible = licenses.filter(l => !l.compatible && l.license !== 'unknown'); const unknown = licenses.filter(l => l.license === 'unknown'); return { compatible, incompatible, unknown, summary: { total: licenses.length, compatible: compatible.length, risks: incompatible.filter(l => l.risk === 'high').length } }; } async function getPackageLicense(packageName) { try { const response = await fetch(`https://registry.npmjs.org/${packageName}`); const data = await response.json(); const latestVersion = data['dist-tags']?.latest; const license = data.versions?.[latestVersion]?.license || 'unknown'; return { package: packageName, license, compatible: COMPATIBLE_LICENSES.has(license), risk: HIGH_RISK_LICENSES.has(license) ? 'high' : COMPATIBLE_LICENSES.has(license) ? 'low' : 'medium' }; } catch { return { package: packageName, license: 'unknown', compatible: false, risk: 'medium' }; } } export function generateLicenseReport(report) { console.log(`\n📄 License Compliance Report:`); console.log(` Total packages: ${report.summary.total}`); console.log(` Compatible: ${report.summary.compatible}`); console.log(` High risk: ${report.summary.risks}`); if (report.incompatible.length > 0) { console.log(`\n⚠️ Incompatible licenses:`); report.incompatible.forEach(pkg => { const icon = pkg.risk === 'high' ? '🚨' : '⚠️'; console.log(` ${icon} ${pkg.package}: ${pkg.license}`); }); } if (report.unknown.length > 0) { console.log(`\n❓ Unknown licenses:`); report.unknown.forEach(pkg => { console.log(` - ${pkg.package}`); }); } } //# sourceMappingURL=license-checker.js.map