whitelist licenses to not fail on

[tknerr]

Currently you can only blacklist licenses via -failOn

However, if you want to be more strict you probably want to explicitly whitelist the licenses which are ok for you.

Ideas:

• introduce a negation operator, e.g.: -failOn="!(MIT,Apache)"
• introduce another flag, e.g.: -notFailOn="MIT,Apache"

[developius]

This would be really useful for a CI pipeline when checking if a commit introduces policy-breaking licensed code. 👍

[davglass]

Pushed in license-checker@16.0.0

[tknerr]

@davglass awesome, thanks!

[developius]

Sweet! Thanks! Works nicely in my CI pipeline 💯

[bufferoverflow]

a fantastic feature, thank you!

[davglass]

It's not exactly perfect yet and you may have some issues. That code just does an indexOf check when it should actually be doing an spdx check like it does in other places. This will require some major changes and I didn't have time to do that :(

[developius]

@davglass funnily enough, I just ran into that issue. One of my sub-dependencies (jsonify, which is depended on by sendgrid) has a license field of "Public Domain" which I'm guessing is breaking the indexOf. Not a biggie, but would be a useful fix in the future.