npmpackage.info

Gathering detailed insights and metrics for package-license-extractor

Other packages similar to package-license-extractor

lisense

1.8.0

A simple but working CLI tool to extract NPM package licenses reliably

Gathering detailed insights and metrics for package-license-extractor

package-license-extractor - 1.0.0 | npmpackage.info

package-license-extractor

License extraction of npm packages used in package.json

1.0.0

MIT

JavaScript

23.06 kB

Installations

npm install package-license-extractor

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

8.15.0

NPM Version

6.4.1 Score

70.8

Supply Chain

92.9

Quality

74.4

Maintenance

100

Vulnerability

99.6

License

Pull Requests

Open

0

Total

8

Closed

1

Merged

7

Issues

Open

0

Total

0

Closed

0

Releases

Unable to fetch releases

Languages

JavaScript

JavaScript (100%)

Developer

smaro-nitr

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

8 Stars

42 Commits

1 Watchers

2 Branches

2 Contributors

Updated on Feb 09, 2022

Maintainers

View All 2 Contributors

Package Meta Information

Latest Version

1.0.0

Package Id

package-license-extractor@1.0.0

Unpacked Size

23.06 kB

Size

6.19 kB

File Count

NPM Version

6.4.1

Node Version

8.15.0

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

json2csv xmlhttprequest

package-license-extractor

About

To find the license of all npm dependency used in your project.
Henceforth avoiding all legal challenges ahead, that may arise out of license conflict.

Feature:

It doesn`t require node_modules to extract package's license details.
All dependency with similar name and version are merged together (duplication avoided).
Doesn`t need to be installed along with your project dependency.
Fetch actual license URL from a repository (if available), else provide repository URL.

Learn more on license: https://opensource.org/licenses

Installation

Global installation

1npm install package-license-extractor -g

Note: Doesn`t require to be installed as a dependency in your project

Flags Available

Flag	Possible Value	Default Value
--projectScanType	multi, single	single

Usage

Once globally installed. Based on your requirement, it can be used in following ways:

If you want to scan a single project, then open the project folder and run the below command -

1extract-license

If you want to scan for multiple projects, then open the parent folder containing all projects and run the below command -

1extract-license --projectScanType=multi

Example (multiple projects):

Folder Structure: C > All_Projects > Project_One, Project_Two, So on ..
Run the command in All_Projects folder to get the license detail of Project_One, Project_Two, So on ..

Output

Find the output in a newly created folder "extracted_license".
Output will be in CSV as well as JSON format.
Output will have following field: name, version, licencse, url type, url, package name (sorted by name).
In console, you will get processed package`s summary detail.
Output's url type keyword meaning to its corresponding url are as follows -

exact-version-license: url will take you to the exact version's license file
latest-version-license: url will take you to the latest version's license file
exact-version-repository: url will take you to the exact version's git repository
latest-version-repository: url will take you to the latest version's git repository
exact-version-registry: url will take you to the exact version's npm registry

Note: Even though there is some programmatic limitation in finding URL, We try our best to make you arrive as closest as possible to the license URL. URL will be decided based on the validation order mentioned above. Once a particular URL is found and validated programmatically, further search for URL will stop. So higher the order, closest is the link.

Note

Internet connection is required to make use of this package.
Total time required to depend on no of dependency info is being fetched and also on your internet connection speed.

Contact

Author: Subhendu Kumar Sahoo
Email: smaro.nitr@gmail.com
Website: https://smaro-nitr.github.io
Always welcome for a bugfix, feature suggestion, and feedback

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

Score

3

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More