[Pkg-javascript-commits] [node-validate-npm-package-license] 01/04: Import Upstream version 3.0.1
Sruthi Chandran
srud-guest at moszumanska.debian.org
Fri Oct 28 05:38:44 UTC 2016
This is an automated email from the git hooks/post-receive script.
srud-guest pushed a commit to branch master
in repository node-validate-npm-package-license.
commit 031e8dbfae9d8c5105de1f322ee1c003c04c7c4b
Author: Sruthi <srud at disroot.org>
Date: Fri Oct 28 10:51:41 2016 +0530
Import Upstream version 3.0.1
---
.npmignore | 2 +
.travis.yml | 9 ++++
LICENSE | 174 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
README.md | 113 ++++++++++++++++++++++++++++++++++++++
index.js | 84 +++++++++++++++++++++++++++++
package.json | 25 +++++++++
6 files changed, 407 insertions(+)
diff --git a/.npmignore b/.npmignore
new file mode 100644
index 0000000..2cf6a27
--- /dev/null
+++ b/.npmignore
@@ -0,0 +1,2 @@
+.npmignore
+.travis.yml
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..6533d5b
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,9 @@
+---
+language: "node_js"
+node_js:
+ - "0.10"
+ - "0.11"
+ - "0.12"
+ - "node"
+ - "iojs"
+sudo: false
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..a5e905d
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,174 @@
+SPDX:Apache-2.0
+
+Apache License
+
+Version 2.0, January 2004
+
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+"License" shall mean the terms and conditions for use, reproduction, and
+distribution as defined by Sections 1 through 9 of this document.
+
+"Licensor" shall mean the copyright owner or entity authorized by the
+copyright owner that is granting the License.
+
+"Legal Entity" shall mean the union of the acting entity and all other
+entities that control, are controlled by, or are under common control
+with that entity. For the purposes of this definition, "control" means
+(i) the power, direct or indirect, to cause the direction or management
+of such entity, whether by contract or otherwise, or (ii) ownership of
+fifty percent (50%) or more of the outstanding shares, or (iii)
+beneficial ownership of such entity.
+
+"You" (or "Your") shall mean an individual or Legal Entity exercising
+permissions granted by this License.
+
+"Source" form shall mean the preferred form for making modifications,
+including but not limited to software source code, documentation source,
+and configuration files.
+
+"Object" form shall mean any form resulting from mechanical
+transformation or translation of a Source form, including but not
+limited to compiled object code, generated documentation, and
+conversions to other media types.
+
+"Work" shall mean the work of authorship, whether in Source or Object
+form, made available under the License, as indicated by a copyright
+notice that is included in or attached to the work (an example is
+provided in the Appendix below).
+
+"Derivative Works" shall mean any work, whether in Source or Object
+form, that is based on (or derived from) the Work and for which the
+editorial revisions, annotations, elaborations, or other modifications
+represent, as a whole, an original work of authorship. For the purposes
+of this License, Derivative Works shall not include works that remain
+separable from, or merely link (or bind by name) to the interfaces of,
+the Work and Derivative Works thereof.
+
+"Contribution" shall mean any work of authorship, including the original
+version of the Work and any modifications or additions to that Work or
+Derivative Works thereof, that is intentionally submitted to Licensor
+for inclusion in the Work by the copyright owner or by an individual or
+Legal Entity authorized to submit on behalf of the copyright owner. For
+the purposes of this definition, "submitted" means any form of
+electronic, verbal, or written communication sent to the Licensor or its
+representatives, including but not limited to communication on
+electronic mailing lists, source code control systems, and issue
+tracking systems that are managed by, or on behalf of, the Licensor for
+the purpose of discussing and improving the Work, but excluding
+communication that is conspicuously marked or otherwise designated in
+writing by the copyright owner as "Not a Contribution."
+
+"Contributor" shall mean Licensor and any individual or Legal Entity on
+behalf of whom a Contribution has been received by Licensor and
+subsequently incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of
+this License, each Contributor hereby grants to You a perpetual,
+worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright
+license to reproduce, prepare Derivative Works of, publicly display,
+publicly perform, sublicense, and distribute the Work and such
+Derivative Works in Source or Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of this
+License, each Contributor hereby grants to You a perpetual, worldwide,
+non-exclusive, no-charge, royalty-free, irrevocable (except as stated in
+this section) patent license to make, have made, use, offer to sell,
+sell, import, and otherwise transfer the Work, where such license
+applies only to those patent claims licensable by such Contributor that
+are necessarily infringed by their Contribution(s) alone or by
+combination of their Contribution(s) with the Work to which such
+Contribution(s) was submitted. If You institute patent litigation
+against any entity (including a cross-claim or counterclaim in a
+lawsuit) alleging that the Work or a Contribution incorporated within
+the Work constitutes direct or contributory patent infringement, then
+any patent licenses granted to You under this License for that Work
+shall terminate as of the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the Work
+or Derivative Works thereof in any medium, with or without
+modifications, and in Source or Object form, provided that You meet the
+following conditions:
+
+(a) You must give any other recipients of the Work or Derivative Works a
+copy of this License; and
+
+(b) You must cause any modified files to carry prominent notices stating
+that You changed the files; and
+
+(c) You must retain, in the Source form of any Derivative Works that You
+distribute, all copyright, patent, trademark, and attribution notices
+from the Source form of the Work, excluding those notices that do not
+pertain to any part of the Derivative Works; and
+
+(d) If the Work includes a "NOTICE" text file as part of its
+distribution, then any Derivative Works that You distribute must include
+a readable copy of the attribution notices contained within such NOTICE
+file, excluding those notices that do not pertain to any part of the
+Derivative Works, in at least one of the following places: within a
+NOTICE text file distributed as part of the Derivative Works; within the
+Source form or documentation, if provided along with the Derivative
+Works; or, within a display generated by the Derivative Works, if and
+wherever such third-party notices normally appear. The contents of the
+NOTICE file are for informational purposes only and do not modify the
+License. You may add Your own attribution notices within Derivative
+Works that You distribute, alongside or as an addendum to the NOTICE
+text from the Work, provided that such additional attribution notices
+cannot be construed as modifying the License.
+
+You may add Your own copyright statement to Your modifications and may
+provide additional or different license terms and conditions for use,
+reproduction, or distribution of Your modifications, or for any such
+Derivative Works as a whole, provided Your use, reproduction, and
+distribution of the Work otherwise complies with the conditions stated
+in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise,
+any Contribution intentionally submitted for inclusion in the Work by
+You to the Licensor shall be under the terms and conditions of this
+License, without any additional terms or conditions. Notwithstanding the
+above, nothing herein shall supersede or modify the terms of any
+separate license agreement you may have executed with Licensor regarding
+such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade
+names, trademarks, service marks, or product names of the Licensor,
+except as required for reasonable and customary use in describing the
+origin of the Work and reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or agreed
+to in writing, Licensor provides the Work (and each Contributor provides
+its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
+OF ANY KIND, either express or implied, including, without limitation,
+any warranties or conditions of TITLE, NON-INFRINGEMENT,
+MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely
+responsible for determining the appropriateness of using or
+redistributing the Work and assume any risks associated with Your
+exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory,
+whether in tort (including negligence), contract, or otherwise, unless
+required by applicable law (such as deliberate and grossly negligent
+acts) or agreed to in writing, shall any Contributor be liable to You
+for damages, including any direct, indirect, special, incidental, or
+consequential damages of any character arising as a result of this
+License or out of the use or inability to use the Work (including but
+not limited to damages for loss of goodwill, work stoppage, computer
+failure or malfunction, or any and all other commercial damages or
+losses), even if such Contributor has been advised of the possibility of
+such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing the
+Work or Derivative Works thereof, You may choose to offer, and charge a
+fee for, acceptance of support, warranty, indemnity, or other liability
+obligations and/or rights consistent with this License. However, in
+accepting such obligations, You may act only on Your own behalf and on
+Your sole responsibility, not on behalf of any other Contributor, and
+only if You agree to indemnify, defend, and hold each Contributor
+harmless for any liability incurred by, or claims asserted against, such
+Contributor by reason of your accepting any such warranty or additional
+liability.
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..c5b3bfc
--- /dev/null
+++ b/README.md
@@ -0,0 +1,113 @@
+validate-npm-package-license
+============================
+
+Give me a string and I'll tell you if it's a valid npm package license string.
+
+```javascript
+var valid = require('validate-npm-package-license');
+```
+
+SPDX license identifiers are valid license strings:
+
+```javascript
+
+var assert = require('assert');
+var validSPDXExpression = {
+ validForNewPackages: true,
+ validForOldPackages: true,
+ spdx: true
+};
+
+assert.deepEqual(valid('MIT'), validSPDXExpression);
+assert.deepEqual(valid('BSD-2-Clause'), validSPDXExpression);
+assert.deepEqual(valid('Apache-2.0'), validSPDXExpression);
+assert.deepEqual(valid('ISC'), validSPDXExpression);
+```
+The function will return a warning and suggestion for nearly-correct license identifiers:
+
+```javascript
+assert.deepEqual(
+ valid('Apache 2.0'),
+ {
+ validForOldPackages: false,
+ validForNewPackages: false,
+ warnings: [
+ 'license should be ' +
+ 'a valid SPDX license expression (without "LicenseRef"), ' +
+ '"UNLICENSED", or ' +
+ '"SEE LICENSE IN <filename>"',
+ 'license is similar to the valid expression "Apache-2.0"'
+ ]
+ }
+);
+```
+
+SPDX expressions are valid, too ...
+
+```javascript
+// Simple SPDX license expression for dual licensing
+assert.deepEqual(
+ valid('(GPL-3.0 OR BSD-2-Clause)'),
+ validSPDXExpression
+);
+```
+
+... except if they contain `LicenseRef`:
+
+```javascript
+var warningAboutLicenseRef = {
+ validForOldPackages: false,
+ validForNewPackages: false,
+ spdx: true,
+ warnings: [
+ 'license should be ' +
+ 'a valid SPDX license expression (without "LicenseRef"), ' +
+ '"UNLICENSED", or ' +
+ '"SEE LICENSE IN <filename>"',
+ ]
+};
+
+assert.deepEqual(
+ valid('LicenseRef-Made-Up'),
+ warningAboutLicenseRef
+);
+
+assert.deepEqual(
+ valid('(MIT OR LicenseRef-Made-Up)'),
+ warningAboutLicenseRef
+);
+```
+
+If you can't describe your licensing terms with standardized SPDX identifiers, put the terms in a file in the package and point users there:
+
+```javascript
+assert.deepEqual(
+ valid('SEE LICENSE IN LICENSE.txt'),
+ {
+ validForNewPackages: true,
+ validForOldPackages: true,
+ inFile: 'LICENSE.txt'
+ }
+);
+
+assert.deepEqual(
+ valid('SEE LICENSE IN license.md'),
+ {
+ validForNewPackages: true,
+ validForOldPackages: true,
+ inFile: 'license.md'
+ }
+);
+```
+
+If there aren't any licensing terms, use `UNLICENSED`:
+
+```javascript
+var unlicensed = {
+ validForNewPackages: true,
+ validForOldPackages: true,
+ unlicensed: true
+};
+assert.deepEqual(valid('UNLICENSED'), unlicensed);
+assert.deepEqual(valid('UNLICENCED'), unlicensed);
+```
diff --git a/index.js b/index.js
new file mode 100644
index 0000000..2ad98d9
--- /dev/null
+++ b/index.js
@@ -0,0 +1,84 @@
+var parse = require('spdx-expression-parse');
+var correct = require('spdx-correct');
+
+var genericWarning = (
+ 'license should be ' +
+ 'a valid SPDX license expression (without "LicenseRef"), ' +
+ '"UNLICENSED", or ' +
+ '"SEE LICENSE IN <filename>"'
+);
+
+var fileReferenceRE = /^SEE LICEN[CS]E IN (.+)$/;
+
+function startsWith(prefix, string) {
+ return string.slice(0, prefix.length) === prefix;
+}
+
+function usesLicenseRef(ast) {
+ if (ast.hasOwnProperty('license')) {
+ var license = ast.license;
+ return (
+ startsWith('LicenseRef', license) ||
+ startsWith('DocumentRef', license)
+ );
+ } else {
+ return (
+ usesLicenseRef(ast.left) ||
+ usesLicenseRef(ast.right)
+ );
+ }
+}
+
+module.exports = function(argument) {
+ var ast;
+
+ try {
+ ast = parse(argument);
+ } catch (e) {
+ var match
+ if (
+ argument === 'UNLICENSED' ||
+ argument === 'UNLICENCED'
+ ) {
+ return {
+ validForOldPackages: true,
+ validForNewPackages: true,
+ unlicensed: true
+ };
+ } else if (match = fileReferenceRE.exec(argument)) {
+ return {
+ validForOldPackages: true,
+ validForNewPackages: true,
+ inFile: match[1]
+ };
+ } else {
+ var result = {
+ validForOldPackages: false,
+ validForNewPackages: false,
+ warnings: [genericWarning]
+ };
+ var corrected = correct(argument);
+ if (corrected) {
+ result.warnings.push(
+ 'license is similar to the valid expression "' + corrected + '"'
+ );
+ }
+ return result;
+ }
+ }
+
+ if (usesLicenseRef(ast)) {
+ return {
+ validForNewPackages: false,
+ validForOldPackages: false,
+ spdx: true,
+ warnings: [genericWarning]
+ };
+ } else {
+ return {
+ validForNewPackages: true,
+ validForOldPackages: true,
+ spdx: true
+ };
+ }
+};
diff --git a/package.json b/package.json
new file mode 100644
index 0000000..2c95ead
--- /dev/null
+++ b/package.json
@@ -0,0 +1,25 @@
+{
+ "name": "validate-npm-package-license",
+ "description": "Give me a string and I'll tell you if it's a valid npm package license string",
+ "version": "3.0.1",
+ "author": "Kyle E. Mitchell <kyle at kemitchell.com> (https://kemitchell.com)",
+ "dependencies": {
+ "spdx-correct": "~1.0.0",
+ "spdx-expression-parse": "~1.0.0"
+ },
+ "devDependencies": {
+ "defence-cli": "^1.0.1",
+ "replace-require-self": "^1.0.0"
+ },
+ "keywords": [
+ "license",
+ "npm",
+ "package",
+ "validation"
+ ],
+ "license": "Apache-2.0",
+ "repository": "kemitchell/validate-npm-package-license.js",
+ "scripts": {
+ "test": "defence README.md | replace-require-self | node"
+ }
+}
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-javascript/node-validate-npm-package-license.git
More information about the Pkg-javascript-commits
mailing list