Node.js CLI tool to visualize an aggregate list of your dependencies' licenses

Overview

licenseye

view on npm view on npm npm module downloads Build Status Security Responsible Disclosure

licenseye

Node.js CLI tool to visualize an aggregate list of your project's dependencies' licenses.

licenseye-screencast

Install

Yarn

yarn global add licenseye

NPM

npm install -g licenseye

Usage

In any valid Node.js project that contains a node_modules/ directory you can run licenseye:

$ licenseye

Related

  • licensewatch - event-emitter Node.js library that recurses a node_modules/ directory to fetch license information.

License

MIT @ Liran Tal

Comments
  • Use babel for backwards compatibility

    Use babel for backwards compatibility

    I've got a question. Would you like to test the package alongside linting on the CI builds? It would check if the babel transpilation affected functionality on older node versions

    Theoretically, the babel setup is working, but I'm unable to test it since the licensewatch package hasn't been published with the latest compatibility fixes. That's the error as you can see

    screen shot 2017-10-17 at 14 13 10

    Also one note: I've locked the babel dependencies, but i saw you are using all versions with the up to sign(^), would you like me to change this?

    enhancement good first contribution Hacktoberfest 
    opened by lucat1 14
  • Update ora to the latest version 🚀

    Update ora to the latest version 🚀

    Version 3.0.0 of ora was just published.

    Dependency ora
    Current Version 2.1.0
    Type dependency

    The version 3.0.0 is not covered by your current version range.

    If you don’t accept this pull request, your project will work just like it did before. However, you might be missing out on a bunch of new features, fixes and/or performance improvements from the dependency update.

    It might be worth looking into these changes and trying to get this project onto the latest version of ora.

    If you have a solid test suite and good coverage, a passing build is a strong indicator that you can take advantage of these changes directly by merging the proposed change into your project. If the build fails or you don’t have such unconditional trust in your tests, this branch is a great starting point for you to work on the update.


    Release Notes v3.0.0

    Breaking changes:

    • Require Node.js 6 17c1a29
    • Rename the enabled option to isEnabled fc5c660
    • Ora should still output text when not iEnabled d1f8d85

    Fixes:

    • Don't call stream TTY methods on streams that are not TTYs 3c24df2

    v2.1.0...v3.0.0

    Commits

    The new version differs by 9 commits.

    • cb64942 3.0.0
    • cf9bed2 Fix Travis
    • fc5c660 Rename the enabled option to isEnabled
    • d1f8d85 Ora should still output text when not enabled
    • ab3d77f Remove deprecated argument
    • b666e1f Fix test for #82
    • 3c24df2 Don't call stream TTY methods on streams that are not TTYs (#82)
    • 2cafb1c Meta tweaks
    • 17c1a29 Require Node.js 6 (#84)

    See the full diff

    FAQ and help

    There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.


    Your Greenkeeper bot :palm_tree:

    greenkeeper 
    opened by greenkeeper[bot] 5
  • Update standard to the latest version 🚀

    Update standard to the latest version 🚀

    Version 12.0.0 of standard was just published.

    Dependency standard
    Current Version 11.0.1
    Type devDependency

    The version 12.0.0 is not covered by your current version range.

    If you don’t accept this pull request, your project will work just like it did before. However, you might be missing out on a bunch of new features, fixes and/or performance improvements from the dependency update.

    It might be worth looking into these changes and trying to get this project onto the latest version of standard.

    If you have a solid test suite and good coverage, a passing build is a strong indicator that you can take advantage of these changes directly by merging the proposed change into your project. If the build fails or you don’t have such unconditional trust in your tests, this branch is a great starting point for you to work on the update.


    Commits

    The new version differs by 91 commits.

    • ff1a156 authors
    • 17727fc 12.0.0
    • bdbd248 changelog
    • 3db3a62 https
    • cf1802c eslint-plugin-standard ~4.0.0
    • 7d779b8 eslint-plugin-import ~2.14.0
    • 66f676b eslint ~5.4.0
    • 3933c6b Use npm versions of eslint shared configs
    • c00dc66 Use ~ for eslint dep
    • 588d5ab Add links to French README translation!
    • aee57b4 ESLint 5
    • c89d5c7 Merge pull request #1145 from theo4u/patch-1
    • 6477dbf Merge pull request #1184 from standard/greenkeeper/babel-eslint-9.0.0
    • 8792b9b Merge pull request #1180 from standard/greenkeeper/eslint-plugin-promise-4.0.0
    • ff070b8 Merge branch 'master' into greenkeeper/eslint-plugin-promise-4.0.0

    There are 91 commits in total.

    See the full diff

    FAQ and help

    There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.


    Your Greenkeeper bot :palm_tree:

    greenkeeper 
    opened by greenkeeper[bot] 3
  • [Snyk] Security upgrade bars from 1.2.2 to 1.5.0

    [Snyk] Security upgrade bars from 1.2.2 to 1.5.0

    Snyk has created this PR to fix one or more vulnerable packages in the `yarn` dependencies of this project.

    merge advice

    Changes included in this PR

    • Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
      • package.json
      • yarn.lock

    Vulnerabilities that will be fixed

    With an upgrade:

    Severity | Priority Score (*) | Issue | Breaking Change | Exploit Maturity :-------------------------:|-------------------------|:-------------------------|:-------------------------|:------------------------- medium severity | 551/1000
    Why? Recently disclosed, Has a fix available, CVSS 5.3 | Regular Expression Denial of Service (ReDoS)
    SNYK-JS-PRINTF-1072096 | No | No Known Exploit

    (*) Note that the real score may have changed since the PR was raised.

    Check the changes in this PR to ensure they won't cause issues with your project.


    Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

    For more information: 🧐 View latest project report

    🛠 Adjust project settings

    📚 Read more about Snyk's upgrade and patch logic

    opened by lirantal 0
  • Update figures to the latest version 🚀

    Update figures to the latest version 🚀

    The dependency figures was updated from 2.0.0 to 3.0.0.

    This version is not covered by your current version range.

    If you don’t accept this pull request, your project will work just like it did before. However, you might be missing out on a bunch of new features, fixes and/or performance improvements from the dependency update.


    Release Notes for v3.0.0

    Breaking:

    Enhancements:

    v2.0.0...v3.0.0

    Commits

    The new version differs by 8 commits.

    See the full diff

    FAQ and help

    There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.


    Your Greenkeeper bot :palm_tree:

    greenkeeper 
    opened by greenkeeper[bot] 0
  • Version 10 of node.js has been released

    Version 10 of node.js has been released

    Version 10 of Node.js (code name Dubnium) has been released! 🎊

    To see what happens to your code in Node.js 10, Greenkeeper has created a branch with the following changes:

    • Added the new Node.js version to your .travis.yml

    If you’re interested in upgrading this repo to Node.js 10, you can open a PR with these changes. Please note that this issue is just intended as a friendly reminder and the PR as a possible starting point for getting your code running on Node.js 10.

    More information on this issue

    Greenkeeper has checked the engines key in any package.json file, the .nvmrc file, and the .travis.yml file, if present.

    • engines was only updated if it defined a single version, not a range.
    • .nvmrc was updated to Node.js 10
    • .travis.yml was only changed if there was a root-level node_js that didn’t already include Node.js 10, such as node or lts/*. In this case, the new version was appended to the list. We didn’t touch job or matrix configurations because these tend to be quite specific and complex, and it’s difficult to infer what the intentions were.

    For many simpler .travis.yml configurations, this PR should suffice as-is, but depending on what you’re doing it may require additional work or may not be applicable at all. We’re also aware that you may have good reasons to not update to Node.js 10, which is why this was sent as an issue and not a pull request. Feel free to delete it without comment, I’m a humble robot and won’t feel rejected :robot:


    FAQ and help

    There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.


    Your Greenkeeper Bot :palm_tree:

    greenkeeper 
    opened by greenkeeper[bot] 0
  • Update ora to the latest version 🚀

    Update ora to the latest version 🚀

    Version 2.0.0 of ora was just published.

    Dependency ora
    Current Version 1.4.0
    Type dependency

    The version 2.0.0 is not covered by your current version range.

    If you don’t accept this pull request, your project will work just like it did before. However, you might be missing out on a bunch of new features, fixes and/or performance improvements from the dependency update.

    It might be worth looking into these changes and trying to get this project onto the latest version of ora.

    If you have a solid test suite and good coverage, a passing build is a strong indicator that you can take advantage of these changes directly by merging the proposed change into your project. If the build fails or you don’t have such unconditional trust in your tests, this branch is a great starting point for you to work on the update.


    Commits

    The new version differs by 4 commits.

    • 6b95351 2.0.0
    • 210bfb0 Hard deprecate specifying a string in stopAndPersist
    • 7b2f196 Meta tweaks
    • 4df5d19 Handle wrapping, add hideCursor option (#69)

    See the full diff

    FAQ and help

    There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.


    Your Greenkeeper bot :palm_tree:

    greenkeeper 
    opened by greenkeeper[bot] 0
  • Update standard to the latest version 🚀

    Update standard to the latest version 🚀

    Version 11.0.0 of standard was just published.

    Dependency standard
    Current Version 10.0.3
    Type devDependency

    The version 11.0.0 is not covered by your current version range.

    If you don’t accept this pull request, your project will work just like it did before. However, you might be missing out on a bunch of new features, fixes and/or performance improvements from the dependency update.

    It might be worth looking into these changes and trying to get this project onto the latest version of standard.

    If you have a solid test suite and good coverage, a passing build is a strong indicator that you can take advantage of these changes directly by merging the proposed change into your project. If the build fails or you don’t have such unconditional trust in your tests, this branch is a great starting point for you to work on the update.


    Commits

    The new version differs by 50 commits.

    There are 50 commits in total.

    See the full diff

    FAQ and help

    There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.


    Your Greenkeeper bot :palm_tree:

    greenkeeper 
    opened by greenkeeper[bot] 0
  • Add Greenkeeper badge 🌴

    Add Greenkeeper badge 🌴

    Let’s get started with automated dependency management for licenseye :muscle:

    ⚠️ Greenkeeper has found a yarn.lock file in this repository. Please use greenkeeper-lockfile to make sure this gets updated as well.

    All of your dependencies are already up-to-date, so this repository was enabled right away. Good job :thumbsup:


    🏷 How to check the status of this repository

    Greenkeeper adds a badge to your README which indicates the status of this repository.

    This is what your badge looks like right now :point_right: Greenkeeper badge

    🙈 How to ignore certain dependencies

    You may have good reasons for not wanting to update to a certain dependency right now. In this case, you can change the dependency’s version string in the package.json file back to whatever you prefer.

    To make sure Greenkeeper doesn’t nag you again on the next update, add a greenkeeper.ignore field to your package.json, containing a list of dependencies you don’t want to update.

    // package.json
    {
      …
      "greenkeeper": {
        "ignore": [
          "package-names",
          "you-want-me-to-ignore"
        ]
      }
    }
    
    👩‍💻 How to update this pull request
      # Change into your repository’s directory
      git fetch
      git checkout greenkeeper/initial
      npm install-test
      # Adapt your code until everything works again
      git commit -m 'chore: adapt code to updated dependencies'
      git push origin greenkeeper/initial
    
    ✨ How do dependency updates work with Greenkeeper?

    After you merge this pull request, Greenkeeper will create a new branch whenever a dependency is updated, with the new version applied. The branch creation should trigger your testing services and check whether your code still works with the new dependency version. Depending on the the results of these tests Greenkeeper will try to open meaningful and helpful pull requests and issues, so your dependencies remain working and up-to-date.

    -  "underscore": "^1.6.0"
    +  "underscore": "^1.7.0"
    

    The above example shows an in-range update. 1.7.0 is included in the old ^1.6.0 range, because of the caret ^ character. When the test services report success Greenkeeper will silently delete the branch again, because no action needs to be taken – everything is fine.

    However, should the tests fail, Greenkeeper will create an issue to inform you about the problem immediately.

    This way, you’ll never be surprised by a dependency breaking your code. As long as everything still works, Greenkeeper will stay out of your way, and as soon as something goes wrong, you’ll be the first to know.

    -  "lodash": "^3.0.0"
    +  "lodash": "^4.0.0"
    

    In this example, the new version 4.0.0 is not included in the old ^3.0.0 range. For version updates like these – let’s call them “out of range” updates – you’ll receive a pull request.

    This means that you no longer need to check for new versions manually – Greenkeeper will keep you up to date automatically.

    These pull requests not only serve as reminders to update: If you have solid tests and good coverage, and the pull requests passes those tests, you can very likely just merge it and release a new version of your software straight away :shipit:

    To get a better idea of which ranges apply to which releases, check out the extremely useful semver calculator provided by npm.

    FAQ and help

    There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.


    Good luck with your project and see you soon :sparkles:

    Your Greenkeeper bot :palm_tree:

    greenkeeper 
    opened by greenkeeper[bot] 0
  • Feature: Add babel transpiling to be backwards compatible with older Node.js versions

    Feature: Add babel transpiling to be backwards compatible with older Node.js versions

    See reference issue already implemented in base project: https://github.com/lirantal/licensewatch/pull/2

    Also, this request also already brought up in this repo in issue #3

    good first contribution Hacktoberfest 
    opened by lirantal 3
  • Feature: support json and csv output

    Feature: support json and csv output

    Add support for --json and --csv output flags to write the aggregated output in those formats to STDOUT.

    Note: preferably in two different sets of PRs

    enhancement good first contribution Hacktoberfest 
    opened by lirantal 0
Releases(v2.0.3)
  • v2.0.3(Sep 24, 2022)

  • v2.0.2(Sep 24, 2022)

  • v2.0.1(Sep 24, 2022)

    What's Changed

    • Added NPM instructions to README by @MatanAvneri in https://github.com/lirantal/licenseye/pull/2
    • Use babel for backwards compatibility by @lucat1 in https://github.com/lirantal/licenseye/pull/6
    • Add Greenkeeper badge 🌴 by @greenkeeper in https://github.com/lirantal/licenseye/pull/7
    • Update standard to the latest version 🚀 by @greenkeeper in https://github.com/lirantal/licenseye/pull/8
    • Update ora to the latest version 🚀 by @greenkeeper in https://github.com/lirantal/licenseye/pull/9

    New Contributors

    • @MatanAvneri made their first contribution in https://github.com/lirantal/licenseye/pull/2
    • @lucat1 made their first contribution in https://github.com/lirantal/licenseye/pull/6
    • @greenkeeper made their first contribution in https://github.com/lirantal/licenseye/pull/7

    Full Changelog: https://github.com/lirantal/licenseye/compare/v1.0.4...v2.0.1

    Source code(tar.gz)
    Source code(zip)
Owner
Liran Tal
🥑 Developer Advocate @snyksec | @nodejs Security WG | @jsheroes ambassador | Author of Essential Node.js Security | #opensource #web ❤
Liran Tal
A mini tool for merging file parts from TeleDriv

A mini tool for merging file parts from TeleDrive. So, you can download your file parts from saved messages and merge them all with this CLI app.

M Gilang Januar 11 Oct 23, 2022
Node.js Application Configuration

Configure your Node.js Applications release notes Introduction Node-config organizes hierarchical configurations for your app deployments. It lets you

Loren West 5.9k Jan 4, 2023
Run any command on specific Node.js versions

Run any command on specific Node.js versions. Unlike nvm exec it: can run multiple Node.js versions at once can be run programmatically is 5 times fas

ehmicky 605 Dec 30, 2022
simple metadata scrapper for node.js

meta-fetcher Simple metadata scrapper for node.js. Under the hood it uses isomorphic-unfetch to fetch the metadata, parses it and returns it as json o

Rocktim 137 Nov 6, 2022
Node.js object hash library with properties/arrays sorting to provide constant hashes. It also provides a method that returns sorted object strings that can be used for object comparison without hashes.

node-object-hash Tiny and fast node.js object hash library with properties/arrays sorting to provide constant hashes. It also provides a method that r

Alexander 73 Oct 7, 2022
Abstracts execution of tasks in parallel using Node.js cluster.

cluster-map Abstracts execution of tasks in parallel using Node.js cluster. It is a high level abstraction around a common pattern used to delegate a

Gajus Kuizinas 27 Jul 3, 2022
Clock and task scheduler for node.js applications, providing extensive control of time and callback scheduling in prod and test code

#zeit A node.js clock and scheduler, intended to take place of the global V8 object for manipulation of time and task scheduling which would be handle

David Denton 12 Dec 21, 2021
Check NPM package licenses

NPM License Checker As of v17.0.0 the failOn and onlyAllow arguments take semicolons as delimeters instead of commas. Some license names contain comma

Dav Glass 1.5k Dec 29, 2022
Aggregate quality learning resources, useful tools, interesting projects in github... Updated every Monday.

Github University Aggregate quality learning resources, useful tools, interesting projects in github... Updated every Monday. 汇总 github 中优质的学习资源,好用的工具

荣顶 9 Dec 14, 2022
A CLI tool to create a NodeJS project with TypeScript CTSP is a CLI tool to make easier to start a new NodeJS project and configure Typescript on it.

CTSP- Create TS Project A CLI tool to create a NodeJS project with TypeScript CTSP is a CLI tool to make easier to start a new NodeJS project and conf

Jean Rodríguez 7 Sep 13, 2022
A Kubernetes monitoring tool to visualize large-scale activity and real-time comprehensive metrics within your cluster.

Armada A light-weight Kubernetes health monitoring tool. Summary Armada is an open-source tool for monitoring the health of your Kubernetes cluster. I

OSLabs Beta 81 Nov 2, 2022
Visualize, modify, and build your database with dbSpy! An open-source data modeling tool to facilitate relational database development.

Visualize, modify, and build your database with dbSpy! dbSpy is an open-source data modeling tool to facilitate relational database development. Key F

OSLabs 115 Dec 22, 2022
LinkFree CLI is a command line tool that helps you to create your LinkFree profile through CLI.

LinkFree CLI LinkFree CLI is a command line tool that helps you to create your LinkFree profile through CLI. Demo Using the CLI (Commands) Note First

Pradumna Saraf 32 Dec 26, 2022
Easy-to-use tool to inform you about potential risks in your project dependencies list

sdc-check Easy-to-use tool to inform you about potential risks in your project dependencies list Usage Add to your project Add new npm command to scri

Maksim Balabash 132 Dec 4, 2022
Node-cli-starter - Basic starter kit for building Node CLI applications with TypeScript.

node-cli-starter Minimal starter kit for building Node CLI applications with TypeScript. Getting Started To get started clone repo locally and run npm

Cory Rylan 7 May 17, 2022
Automatically construct and visualize Graphs generated from your Node.js project

cyclops is a minimalist developer tool that can be used to generate directed graphs from your Node.js project. It can automatically detect circular de

Antoine Coulon 74 Jan 5, 2023
Automatically construct, traverse and visualize graphs generated from your Node.js project

skott is a minimalist developer tool that can be used to efficiently generate directed graphs from your JavaScript/Node.js project. It can automatical

Antoine Coulon 57 Dec 21, 2022
An online tool to generate and visualize maps for irregular and/or gapped LED layouts, for use with FastLED, Pixelblaze and other libraries.

An online tool to generate and visualize maps for irregular and/or gapped LED layouts, for use with FastLED, Pixelblaze and other libraries.

Jason Coon 172 Dec 8, 2022
Make Your Company Data Driven. Connect to any data source, easily visualize, dashboard and share your data.

Redash is designed to enable anyone, regardless of the level of technical sophistication, to harness the power of data big and small. SQL users levera

Redash 22.4k Dec 30, 2022