Merge pull request #73 from bnb/main

fix: use 'allow' rather than 'white' for allowlist

README.md

@@ -7,7 +7,7 @@ Check npm package dependency license metadata against rules.
 Licensee accepts two kinds of configuration:
 
 1. a rule about permitted licenses
-2. a package whitelist of name-and-range pairs
+2. a package allowlist of name-and-range pairs
 
 You can set configuration with command flags or a `.licensee.json`
 file at the root of your package, like so:
@@ -34,16 +34,16 @@ file at the root of your package, like so:
 }
 ```
 
-The `licenses` object adds licenses to a whitelist.
+The `licenses` object adds licenses to an allowlist.
 Any package with [standard license metadata][metadata]
-that satisfies that whitelist according to
-[spdx-whitelisted][whitelisted] will not cause an error.
+that satisfies that allowlist according to
+[spdx-whitelisted][allowed] will not cause an error.
 
 [parse]: https://www.npmjs.com/package/spdx-expression-parse
-[whitelisted]: https://www.npmjs.com/package/spdx-whitelisted
+[allowed]: https://www.npmjs.com/package/spdx-whitelisted
 
-Instead of whitelisting each license by SPDX identifier,
-you can whitelist categories of licenses.
+Instead of allowlisting each license by SPDX identifier,
+you can allowlist categories of licenses.
 
 For example, you can specify a minimum Blue Oak Council [license
 rating]---lead, bronze, silver, or gold---like so:

index.js

@@ -12,30 +12,30 @@ var runParallel = require('run-parallel')
 var satisfies = require('semver').satisfies
 var simpleConcat = require('simple-concat')
 var spawn = require('child_process').spawn
-var spdxWhitelisted = require('spdx-whitelisted')
+var spdxAllowed = require('spdx-whitelisted')
 
 function licensee (configuration, path, callback) {
   if (!validConfiguration(configuration)) {
     return callback(new Error('Invalid configuration'))
   }
-  configuration.licenses = compileLicenseWhitelist(configuration)
+  configuration.licenses = compileLicenseAllowlist(configuration)
   configuration.licensesParsed = (configuration.licenses || [])
-    .reduce(function (whitelist, element) {
+    .reduce(function (allowlist, element) {
       try {
         var parsed = parse(element)
         if (has(parsed, 'conjunction')) {
           throw new Error('Cannot match against "' + JSON.stringify(element) + '".')
         }
-        return whitelist.concat(parsed)
+        return allowlist.concat(parsed)
       } catch (e) {
-        return whitelist
+        return allowlist
       }
     }, [])
   if (
     configuration.licenses.length === 0 &&
     (!configuration.packages || Object.keys(configuration.packages).length === 0)
   ) {
-    callback(new Error('No licenses or packages whitelisted.'))
+    callback(new Error('No licenses or packages allowed.'))
   } else {
     if (configuration.productionOnly) {
       // In order to ignore devDependencies, we need to read:
@@ -214,7 +214,7 @@ function appearsIn (installed, dependencies) {
 }
 
 function resultForPackage (configuration, tree) {
-  var packageWhitelist = configuration.packages || {}
+  var packageAllowlist = configuration.packages || {}
   var result = {
     name: tree.package.name,
     license: tree.package.license,
@@ -283,14 +283,14 @@ function resultForPackage (configuration, tree) {
 
   result.approved = false
 
-  var packageWhitelisted = Object.keys(packageWhitelist)
+  var packageAllowed = Object.keys(packageAllowlist)
     .some(function (name) {
       return (
         result.name === name &&
-        satisfies(result.version, packageWhitelist[name]) === true
+        satisfies(result.version, packageAllowlist[name]) === true
       )
     })
-  if (packageWhitelisted) {
+  if (packageAllowed) {
     result.approved = true
     result.package = true
     return result
@@ -308,13 +308,13 @@ function resultForPackage (configuration, tree) {
     validSPDX = false
   }
 
-  var licenseWhitelist = configuration.licensesParsed
+  var licenseAllowlist = configuration.licensesParsed
   // Check against licensing rule.
-  var licenseWhitelisted = (
+  var licenseAllowed = (
     validSPDX &&
-    spdxWhitelisted(parsed, licenseWhitelist)
+    spdxAllowed(parsed, licenseAllowlist)
   )
-  if (licenseWhitelisted) {
+  if (licenseAllowed) {
     result.approved = true
   }
 
@@ -368,15 +368,15 @@ function licensesFromBlueOak (rating) {
   return ids
 }
 
-function compileLicenseWhitelist (configuration) {
+function compileLicenseAllowlist (configuration) {
   var licenses = configuration.licenses
-  var whitelist = []
+  var allowlist = []
   var spdx = licenses.spdx
-  if (spdx) pushMissing(spdx, whitelist)
+  if (spdx) pushMissing(spdx, allowlist)
   var blueOak = licenses.blueOak
-  if (blueOak) pushMissing(licensesFromBlueOak(blueOak), whitelist)
-  if (licenses.osi) pushMissing(osi, whitelist)
-  return whitelist
+  if (blueOak) pushMissing(licensesFromBlueOak(blueOak), allowlist)
+  if (licenses.osi) pushMissing(osi, allowlist)
+  return allowlist
 }
 
 function pushMissing (source, sink) {

licensee

@@ -46,7 +46,7 @@ if (options['--init']) {
       },
       packages: (
         options['--packages']
-          ? parsePackageWhitelist(options['--packages'])
+          ? parsePackageAllowlist(options['--packages'])
           : { optimist: '<=0.6.1' }
       ),
       corrections: false
@@ -81,7 +81,7 @@ if (options['--init']) {
       osi: options['--osi'] || undefined
     },
     packages: options['--packages']
-      ? parsePackageWhitelist(options['--packages'])
+      ? parsePackageAllowlist(options['--packages'])
       : {},
     corrections: options['--corrections']
   }
@@ -263,15 +263,15 @@ function die (message) {
   process.exit(1)
 }
 
-function parsePackageWhitelist (string) {
+function parsePackageAllowlist (string) {
   return string
     .split(',')
     .map(function (string) {
       return string.trim()
     })
-    .reduce(function (whitelist, string) {
+    .reduce(function (allowlist, string) {
       var split = string.split('@')
-      whitelist[split[0]] = split[1]
-      return whitelist
+      allowlist[split[0]] = split[1]
+      return allowlist
     }, {})
 }