diff --git a/.licensee.json b/.licensee.json new file mode 100644 index 0000000..bed4e8b --- /dev/null +++ b/.licensee.json @@ -0,0 +1,7 @@ +{ + "corrections": true, + "licenses": { + "blueOak": "bronze", + "spdx": ["CC-BY-3.0"] + } +} diff --git a/package.json b/package.json index 6a44f03..a80856a 100644 --- a/package.json +++ b/package.json @@ -32,7 +32,7 @@ "scripts": { "lint": "eslint . --cache --ext js,jsx --ignore-path .gitignore", "lint:fix": "npm run lint -- --fix", - "lint:licenses": "node scripts/license-checker.js", + "lint:licenses": "licensee --errors-only --production", "lint:prettier": "prettier . -c -u", "lint:prettier:fix": "prettier . -w -u", "prepare": "husky", @@ -60,9 +60,8 @@ "eslint-plugin-security": "^3.0.1", "fastify": "^5.0.0", "husky": "^9.1.7", - "license-checker": "^25.0.1", - "prettier": "^3.4.2", - "spdx-copyleft": "^1.0.0" + "licensee": "^11.1.1", + "prettier": "^3.4.2" }, "dependencies": { "accepts": "^1.3.8", diff --git a/scripts/.eslintrc.js b/scripts/.eslintrc.js deleted file mode 100644 index 975e027..0000000 --- a/scripts/.eslintrc.js +++ /dev/null @@ -1,13 +0,0 @@ -"use strict"; - -module.exports = { - rules: { - "import/no-extraneous-dependencies": [ - "error", - { - devDependencies: true, - }, - ], - "no-console": "off", - }, -}; diff --git a/scripts/license-checker.js b/scripts/license-checker.js deleted file mode 100644 index d06cf7c..0000000 --- a/scripts/license-checker.js +++ /dev/null @@ -1,88 +0,0 @@ -"use strict"; - -const { promisify } = require("node:util"); -const { init } = require("license-checker"); -/** @type {string[]} */ -// @ts-ignore: module is a JSON file -const copyLeftLicenses = require("spdx-copyleft"); -const { join } = require("node:path"); - -const check = promisify(init); - -/** - * @author Frazer Smith - * @description Checks licenses of all direct production dependencies to - * ensure they are not copyleft. - */ -async function checkLicenses() { - console.log("Checking licenses of direct production dependencies..."); - - /** - * List of deprecated copyleft license identifiers. - * @see {@link https://spdx.org/licenses/#deprecated | SPDX Deprecated License Identifiers} - */ - const deprecatedLicenseList = [ - "AGPL-1.0", - "AGPL-3.0", - "GFDL-1.1", - "GFDL-1.2", - "GFDL-1.3", - "GPL-1.0", - "GPL-1.0+", - "GPL-2.0", - "GPL-2.0+", - "GPL-2.0-with-autoconf-exception", - "GPL-2.0-with-bison-exception", - "GPL-2.0-with-classpath-exception", - "GPL-2.0-with-font-exception", - "GPL-2.0-with-GCC-exception", - "GPL-3.0", - "GPL-3.0+", - "GPL-3.0-with-autoconf-exception", - "GPL-3.0-with-GCC-exception", - "LGPL-2.0", - "LGPL-2.0+", - "LGPL-2.1", - "LGPL-2.1+", - "LGPL-3.0", - "LGPL-3.0+", - ]; - - // Merge copyleft licenses with deprecated licenses list - copyLeftLicenses.push(...deprecatedLicenseList); - - const licenses = await check({ - direct: true, - production: true, - start: join(__dirname, ".."), - }); - - const copyLeftLicensesList = Object.keys(licenses).filter((license) => { - let lic = licenses[license].licenses; - - if (!lic) { - console.error( - `No license found for ${license}. Please check the package.json file.` - ); - process.exit(1); - } - - lic = Array.isArray(lic) ? lic : [lic]; - - return lic.some((l) => copyLeftLicenses.includes(l)); - }); - - if (copyLeftLicensesList.length > 0) { - console.error( - `The following dependencies are using copyleft licenses: ${copyLeftLicensesList.join( - ", " - )}` - ); - process.exit(1); - } - - console.log("No copyleft licenses found."); - process.exit(0); -} - -checkLicenses();