📑 A CLI to help you get insight into your projects' licenses
delice is a CLI intended to help you gain insight into your dependencies licenses.
Via npx:
npx delice
Via global install:
npm install delice -g
delice
Currently, there is only a default command:
delice [directory]
Running delice
by itself will check the current working directory's node_modules
directory. If you pass a directory, that directory's node_modules
directory will be searched.
--version
: Boolean. Show version number-h
, --help
: Boolean. Show help-j
, --json
Boolean. Return JSON rather than a human-readable CLI output.node_modules
package.json
in the given directoryCurrently, most well-maintained tooling around licensing is pay-to-play. You need to pay to understand what you're consuming and how. The intent of delice (and liblice and conformance) is to help begin to surface more of this information in an open-source, accessible way.
delice is intended to be the CLI approach to this problem. Ideally, you can pop a delice configuration into your project and then fail if certain license conditions occur with the modules in your application. Additionally, being able to install a delice config as a dependency in your projects and validate via that path would be the end-game.
Basically a roadmap.
--ci
flag that will fail on bad licenses.delicerc
/ package.json
property that will allow you to configure licenses and conditions that will pass/faildelice license mit
delice package mit
spdx-correct
to validate license expressions that are slightly not correct (probably in liblice
)npm install delice-${name}-config
to follow a specific configuration with zero effortBoth liblice
and conformance
are modules that were originally part of the delice
codebase, but were split out since they were valuable on their own and more maintainable if they were out of the CLI.
liblice is the module that does the majority of the work to build out the data that delice surfaces to you. If you're looking to programatically get the kind of information you'd get from delice, check out liblice.
conformance specifically looks at a license string and provides hopefully relevant metadata about that license from the perspective of SPDX and the intersection SPDX and the Open Source Initiative and the Free Software Foundation. Currently, it's strictly limited to SPDX information, but could be expanded in the future should there be interest.