[Pkg-javascript-commits] [node-validate-npm-package-license] 01/04: Import Upstream version 3.0.1

Sruthi Chandran srud-guest at moszumanska.debian.org
Fri Oct 28 05:38:44 UTC 2016


This is an automated email from the git hooks/post-receive script.

srud-guest pushed a commit to branch master
in repository node-validate-npm-package-license.

commit 031e8dbfae9d8c5105de1f322ee1c003c04c7c4b
Author: Sruthi <srud at disroot.org>
Date:   Fri Oct 28 10:51:41 2016 +0530

    Import Upstream version 3.0.1
---
 .npmignore   |   2 +
 .travis.yml  |   9 ++++
 LICENSE      | 174 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 README.md    | 113 ++++++++++++++++++++++++++++++++++++++
 index.js     |  84 +++++++++++++++++++++++++++++
 package.json |  25 +++++++++
 6 files changed, 407 insertions(+)

diff --git a/.npmignore b/.npmignore
new file mode 100644
index 0000000..2cf6a27
--- /dev/null
+++ b/.npmignore
@@ -0,0 +1,2 @@
+.npmignore
+.travis.yml
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..6533d5b
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,9 @@
+---
+language: "node_js"
+node_js:
+  - "0.10"
+  - "0.11"
+  - "0.12"
+  - "node"
+  - "iojs"
+sudo: false
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..a5e905d
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,174 @@
+SPDX:Apache-2.0
+
+Apache License
+
+Version 2.0, January 2004
+
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+"License" shall mean the terms and conditions for use, reproduction, and 
+distribution as defined by Sections 1 through 9 of this document.
+
+"Licensor" shall mean the copyright owner or entity authorized by the 
+copyright owner that is granting the License.
+
+"Legal Entity" shall mean the union of the acting entity and all other 
+entities that control, are controlled by, or are under common control 
+with that entity. For the purposes of this definition, "control" means 
+(i) the power, direct or indirect, to cause the direction or management 
+of such entity, whether by contract or otherwise, or (ii) ownership of 
+fifty percent (50%) or more of the outstanding shares, or (iii) 
+beneficial ownership of such entity.
+
+"You" (or "Your") shall mean an individual or Legal Entity exercising 
+permissions granted by this License.
+
+"Source" form shall mean the preferred form for making modifications, 
+including but not limited to software source code, documentation source, 
+and configuration files.
+
+"Object" form shall mean any form resulting from mechanical 
+transformation or translation of a Source form, including but not 
+limited to compiled object code, generated documentation, and 
+conversions to other media types.
+
+"Work" shall mean the work of authorship, whether in Source or Object 
+form, made available under the License, as indicated by a copyright 
+notice that is included in or attached to the work (an example is 
+provided in the Appendix below).
+
+"Derivative Works" shall mean any work, whether in Source or Object 
+form, that is based on (or derived from) the Work and for which the 
+editorial revisions, annotations, elaborations, or other modifications 
+represent, as a whole, an original work of authorship. For the purposes 
+of this License, Derivative Works shall not include works that remain 
+separable from, or merely link (or bind by name) to the interfaces of, 
+the Work and Derivative Works thereof.
+
+"Contribution" shall mean any work of authorship, including the original 
+version of the Work and any modifications or additions to that Work or 
+Derivative Works thereof, that is intentionally submitted to Licensor 
+for inclusion in the Work by the copyright owner or by an individual or 
+Legal Entity authorized to submit on behalf of the copyright owner. For 
+the purposes of this definition, "submitted" means any form of 
+electronic, verbal, or written communication sent to the Licensor or its 
+representatives, including but not limited to communication on 
+electronic mailing lists, source code control systems, and issue 
+tracking systems that are managed by, or on behalf of, the Licensor for 
+the purpose of discussing and improving the Work, but excluding 
+communication that is conspicuously marked or otherwise designated in 
+writing by the copyright owner as "Not a Contribution."
+
+"Contributor" shall mean Licensor and any individual or Legal Entity on 
+behalf of whom a Contribution has been received by Licensor and 
+subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of 
+this License, each Contributor hereby grants to You a perpetual, 
+worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright 
+license to reproduce, prepare Derivative Works of, publicly display, 
+publicly perform, sublicense, and distribute the Work and such 
+Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of this 
+License, each Contributor hereby grants to You a perpetual, worldwide, 
+non-exclusive, no-charge, royalty-free, irrevocable (except as stated in 
+this section) patent license to make, have made, use, offer to sell, 
+sell, import, and otherwise transfer the Work, where such license 
+applies only to those patent claims licensable by such Contributor that 
+are necessarily infringed by their Contribution(s) alone or by 
+combination of their Contribution(s) with the Work to which such 
+Contribution(s) was submitted. If You institute patent litigation 
+against any entity (including a cross-claim or counterclaim in a 
+lawsuit) alleging that the Work or a Contribution incorporated within 
+the Work constitutes direct or contributory patent infringement, then 
+any patent licenses granted to You under this License for that Work 
+shall terminate as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the Work 
+or Derivative Works thereof in any medium, with or without 
+modifications, and in Source or Object form, provided that You meet the 
+following conditions:
+
+(a) You must give any other recipients of the Work or Derivative Works a 
+copy of this License; and
+
+(b) You must cause any modified files to carry prominent notices stating 
+that You changed the files; and
+
+(c) You must retain, in the Source form of any Derivative Works that You 
+distribute, all copyright, patent, trademark, and attribution notices 
+from the Source form of the Work, excluding those notices that do not 
+pertain to any part of the Derivative Works; and
+
+(d) If the Work includes a "NOTICE" text file as part of its 
+distribution, then any Derivative Works that You distribute must include 
+a readable copy of the attribution notices contained within such NOTICE 
+file, excluding those notices that do not pertain to any part of the 
+Derivative Works, in at least one of the following places: within a 
+NOTICE text file distributed as part of the Derivative Works; within the 
+Source form or documentation, if provided along with the Derivative 
+Works; or, within a display generated by the Derivative Works, if and 
+wherever such third-party notices normally appear. The contents of the 
+NOTICE file are for informational purposes only and do not modify the 
+License. You may add Your own attribution notices within Derivative 
+Works that You distribute, alongside or as an addendum to the NOTICE 
+text from the Work, provided that such additional attribution notices 
+cannot be construed as modifying the License.
+
+You may add Your own copyright statement to Your modifications and may 
+provide additional or different license terms and conditions for use, 
+reproduction, or distribution of Your modifications, or for any such 
+Derivative Works as a whole, provided Your use, reproduction, and 
+distribution of the Work otherwise complies with the conditions stated 
+in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise, 
+any Contribution intentionally submitted for inclusion in the Work by 
+You to the Licensor shall be under the terms and conditions of this 
+License, without any additional terms or conditions. Notwithstanding the 
+above, nothing herein shall supersede or modify the terms of any 
+separate license agreement you may have executed with Licensor regarding 
+such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade 
+names, trademarks, service marks, or product names of the Licensor, 
+except as required for reasonable and customary use in describing the 
+origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or agreed 
+to in writing, Licensor provides the Work (and each Contributor provides 
+its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS 
+OF ANY KIND, either express or implied, including, without limitation, 
+any warranties or conditions of TITLE, NON-INFRINGEMENT, 
+MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely 
+responsible for determining the appropriateness of using or 
+redistributing the Work and assume any risks associated with Your 
+exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory, 
+whether in tort (including negligence), contract, or otherwise, unless 
+required by applicable law (such as deliberate and grossly negligent 
+acts) or agreed to in writing, shall any Contributor be liable to You 
+for damages, including any direct, indirect, special, incidental, or 
+consequential damages of any character arising as a result of this 
+License or out of the use or inability to use the Work (including but 
+not limited to damages for loss of goodwill, work stoppage, computer 
+failure or malfunction, or any and all other commercial damages or 
+losses), even if such Contributor has been advised of the possibility of 
+such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing the 
+Work or Derivative Works thereof, You may choose to offer, and charge a 
+fee for, acceptance of support, warranty, indemnity, or other liability 
+obligations and/or rights consistent with this License. However, in 
+accepting such obligations, You may act only on Your own behalf and on 
+Your sole responsibility, not on behalf of any other Contributor, and 
+only if You agree to indemnify, defend, and hold each Contributor 
+harmless for any liability incurred by, or claims asserted against, such 
+Contributor by reason of your accepting any such warranty or additional 
+liability.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c5b3bfc
--- /dev/null
+++ b/README.md
@@ -0,0 +1,113 @@
+validate-npm-package-license
+============================
+
+Give me a string and I'll tell you if it's a valid npm package license string.
+
+```javascript
+var valid = require('validate-npm-package-license');
+```
+
+SPDX license identifiers are valid license strings:
+
+```javascript
+
+var assert = require('assert');
+var validSPDXExpression = {
+  validForNewPackages: true,
+  validForOldPackages: true,
+  spdx: true
+};
+
+assert.deepEqual(valid('MIT'), validSPDXExpression);
+assert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);
+assert.deepEqual(valid('Apache-2.0'), validSPDXExpression);
+assert.deepEqual(valid('ISC'), validSPDXExpression);
+```
+The function will return a warning and suggestion for nearly-correct license identifiers:
+
+```javascript
+assert.deepEqual(
+  valid('Apache 2.0'),
+  {
+    validForOldPackages: false,
+    validForNewPackages: false,
+    warnings: [
+      'license should be ' +
+      'a valid SPDX license expression (without "LicenseRef"), ' +
+      '"UNLICENSED", or ' +
+      '"SEE LICENSE IN <filename>"',
+      'license is similar to the valid expression "Apache-2.0"'
+    ]
+  }
+);
+```
+
+SPDX expressions are valid, too ...
+
+```javascript
+// Simple SPDX license expression for dual licensing
+assert.deepEqual(
+  valid('(GPL-3.0 OR BSD-2-Clause)'),
+  validSPDXExpression
+);
+```
+
+... except if they contain `LicenseRef`:
+
+```javascript
+var warningAboutLicenseRef = {
+  validForOldPackages: false,
+  validForNewPackages: false,
+  spdx: true,
+  warnings: [
+    'license should be ' +
+    'a valid SPDX license expression (without "LicenseRef"), ' +
+    '"UNLICENSED", or ' +
+    '"SEE LICENSE IN <filename>"',
+  ]
+};
+
+assert.deepEqual(
+  valid('LicenseRef-Made-Up'),
+  warningAboutLicenseRef
+);
+
+assert.deepEqual(
+  valid('(MIT OR LicenseRef-Made-Up)'),
+  warningAboutLicenseRef
+);
+```
+
+If you can't describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:
+
+```javascript
+assert.deepEqual(
+  valid('SEE LICENSE IN LICENSE.txt'),
+  {
+    validForNewPackages: true,
+    validForOldPackages: true,
+    inFile: 'LICENSE.txt'
+  }
+);
+
+assert.deepEqual(
+  valid('SEE LICENSE IN license.md'),
+  {
+    validForNewPackages: true,
+    validForOldPackages: true,
+    inFile: 'license.md'
+  }
+);
+```
+
+If there aren't any licensing terms, use `UNLICENSED`:
+
+```javascript
+var unlicensed = {
+  validForNewPackages: true,
+  validForOldPackages: true,
+  unlicensed: true
+};
+assert.deepEqual(valid('UNLICENSED'), unlicensed);
+assert.deepEqual(valid('UNLICENCED'), unlicensed);
+```
diff --git a/index.js b/index.js
new file mode 100644
index 0000000..2ad98d9
--- /dev/null
+++ b/index.js
@@ -0,0 +1,84 @@
+var parse = require('spdx-expression-parse');
+var correct = require('spdx-correct');
+
+var genericWarning = (
+  'license should be ' +
+  'a valid SPDX license expression (without "LicenseRef"), ' +
+  '"UNLICENSED", or ' +
+  '"SEE LICENSE IN <filename>"'
+);
+
+var fileReferenceRE = /^SEE LICEN[CS]E IN (.+)$/;
+
+function startsWith(prefix, string) {
+  return string.slice(0, prefix.length) === prefix;
+}
+
+function usesLicenseRef(ast) {
+  if (ast.hasOwnProperty('license')) {
+    var license = ast.license;
+    return (
+      startsWith('LicenseRef', license) ||
+      startsWith('DocumentRef', license)
+    );
+  } else {
+    return (
+      usesLicenseRef(ast.left) ||
+      usesLicenseRef(ast.right)
+    );
+  }
+}
+
+module.exports = function(argument) {
+  var ast;
+
+  try {
+    ast = parse(argument);
+  } catch (e) {
+    var match
+    if (
+      argument === 'UNLICENSED' ||
+      argument === 'UNLICENCED'
+    ) {
+      return {
+        validForOldPackages: true,
+        validForNewPackages: true,
+        unlicensed: true
+      };
+    } else if (match = fileReferenceRE.exec(argument)) {
+      return {
+        validForOldPackages: true,
+        validForNewPackages: true,
+        inFile: match[1]
+      };
+    } else {
+      var result = {
+        validForOldPackages: false,
+        validForNewPackages: false,
+        warnings: [genericWarning]
+      };
+      var corrected = correct(argument);
+      if (corrected) {
+        result.warnings.push(
+          'license is similar to the valid expression "' + corrected + '"'
+        );
+      }
+      return result;
+    }
+  }
+
+  if (usesLicenseRef(ast)) {
+    return {
+      validForNewPackages: false,
+      validForOldPackages: false,
+      spdx: true,
+      warnings: [genericWarning]
+    };
+  } else {
+    return {
+      validForNewPackages: true,
+      validForOldPackages: true,
+      spdx: true
+    };
+  }
+};
diff --git a/package.json b/package.json
new file mode 100644
index 0000000..2c95ead
--- /dev/null
+++ b/package.json
@@ -0,0 +1,25 @@
+{
+  "name": "validate-npm-package-license",
+  "description": "Give me a string and I'll tell you if it's a valid npm package license string",
+  "version": "3.0.1",
+  "author": "Kyle E. Mitchell <kyle at kemitchell.com> (https://kemitchell.com)",
+  "dependencies": {
+    "spdx-correct": "~1.0.0",
+    "spdx-expression-parse": "~1.0.0"
+  },
+  "devDependencies": {
+    "defence-cli": "^1.0.1",
+    "replace-require-self": "^1.0.0"
+  },
+  "keywords": [
+    "license",
+    "npm",
+    "package",
+    "validation"
+  ],
+  "license": "Apache-2.0",
+  "repository": "kemitchell/validate-npm-package-license.js",
+  "scripts": {
+    "test": "defence README.md | replace-require-self | node"
+  }
+}

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-javascript/node-validate-npm-package-license.git



More information about the Pkg-javascript-commits mailing list