license-checker
alex
license-checker | alex | |
---|---|---|
10 | 11 | |
1,615 | 4,822 | |
- | 0.2% | |
0.0 | 3.1 | |
11 months ago | 17 days ago | |
JavaScript | JavaScript | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
license-checker
-
Consultant Asking About NPM Software Licenses
I thought that was a fairly weird question. A couple of our APIs run on Ubuntu, which contains GNU software. He has access to our source code, and I had also previously sent him the output of license checker so he really should have been able to answer this himself.
-
A developer-friendly introduction to open source licenses
NPM License Checker
-
Big Changes Ahead for Deno
I don't care whether it's all in one file or in a dozen files, but I want all of that information to be available programmatically in a text file (unlike in a readme or on Github) in a standardized location in a project.
In that respect, package.json is a strict win. Your lack of willingness to use `git blame` to see why you added a line, or lack of reasonable git comments, is not to be blamed on the file.
Complexity is unavoidable. How could you write a tool like license-checker [1] for a Go-based project without having license information in a standardized location? Without the scripts section, how can you create a tool like husky [2] that automatically installs git hooks for a project? Every single part of package.json is there for a good reason; at best you could argue that putting some of it in other files would be aesthetically superior, but that's just bikeshedding.
Complexity isn't de facto bad. Some complexity is required if you want a certain level of functionality to become available. Deno (and Go) are slowly accumulating that "cruft" as people realize that those functions are actually useful or even critical to a mature ecosystem.
[1] https://www.npmjs.com/package/license-checker
[2] https://www.npmjs.com/package/husky
-
Richard Stallman calls for software package systems that help maintain your freedoms
Yes, all npm packages are supposed to have a valid SPDX license identifier, and there is an easy way to recursively check these values
-
Introducing sbomx.com - Software Bill of Materials X
For JavaScript I always used davglass/license-checker as a starting point but it's not being maintained anymore. Then I did similar things for the backend code, put everything together and sent it to the legal and security teams. At some point I thought "There must be a better way!". So, I started building sbomx about one and a half years ago. It's working fine enough to show it to the world and gather some feedback.
-
automatically pull licenses from package.json and put them into a spreadsheet??
Check this package https://www.npmjs.com/package/license-checker
-
Italian Courts Find Open Source Software Terms Enforceable
Good doctors and drivers make mistakes, too, and they still face liability for those mistakes.
I think that if your company is large enough, you should have employees, or pay someone, to mirror your dependencies and automate license checks. There are projects that do the latter already[1][2]. You can loop your lawyers in if licenses change to ensure you don't violate them. If (A)GPL code still ships in proprietary products, that's a process problem that the company needs to solve.
[1] https://github.com/dhatim/python-license-check
[2] https://github.com/davglass/license-checker
-
Node.js Packages and Resources
license-checker - Check licenses of your app's dependencies.
-
Home Screen Shortcuts in React Native (with Expo)
If you don't know what licenses you're currently using, I suggest the license-checker NPM tool.
-
How do I explain the concept of open source software to my boss?
Also, your IT dept is not entirely without concern here, you should be ensuring that you're not violating any open source licenses in your project, and be using something like https://www.npmjs.com/package/license-checker or an equivalent license checking service in your project language to ensure that everything is kosher
alex
-
Practicing politeness in JavaScript code 🤬
According to what is written in the documentation of this tool:
-
Markdown Bot - An AI friend who improves your content
Catch insensitive, inconsiderate writing with tools like alex
- AlexJS: Catch Insensitive, Inconsiderate Writing
-
A ChatGPT GitHub Action for Reviewing Text for Potentially Discriminatory Language
This story has been a motivating principle behind my life for a long time, and therefore, whenever I've worked on docs, I've thought about how I could ensure that exclusionary words, even unintentionally, did not make their way into the final copy. During my time at Nexmo, a communications API company, I introduced Alex, an NPM package that helps you identify potentially exclusionary language in your writing, into the CI/CD pipeline for the documentation.
-
What external tools do you use in your workflow?
As a philosophy student: Zotero for reference management, the Better BibTeX plugin to auto-generate a .bib file, and two language servers for diagnostics: LTeX for grammar- and spellchecking, and alex for style and sensitivity checking.
-
JavaScript library that converts a string to gender-neutral language?
When using it as a lib you can pass a markdown string (https://github.com/get-alex/alex#markdownvalue-config) or raw text string (https://github.com/get-alex/alex#textvalue-config). This will return an object that should contain everything you need to perform a naive replacement.
-
Detect Non-Inclusive Language with Retext and Node.js
alex is a lovely command-line tool that takes in text or markdown files and, using retext-equality and retext-profanities, highlights suggestions for improvement. alex checks for gendered work titles, gendered proverbs, ableist language, condescending or intolerant language, profanities, and much more.
-
The Actual Mind of the Algorithm (Cortex 132)
Heck, he could even go so far and start using GitHub's automation system (Actions) to run some check on his writing. (Maybe something like alexjs)
-
Mod fight over pronoun flairs in /r/programminghorror
I've been a part of several code clean-ups where giant code bases needed to be changed to considerate language. I've never once encountered a bad actor when the actual work got underway. Part of being a programmer is to question the reasoning behind large changes but any programmer worth their salt understands the big picture if you can clearly explain it. I wouldn't read too much into the actions of a few people in any programming subreddit who are opposed to pronouns. Those people will always exist. I'm certain that the vast majority of programmers in those subs are either strongly in favour of gendered pronouns or are apathetic toward it. To drive home the point, the fight for considerate language has been driven by developers themselves. All these wonderful tools such as alex.js or even org level changes inside big companies are part of it.
-
Markdown Linting
alex
What are some alternatives?
python-license-check - Check python packages from requirement.txt and report issues
http-server - a simple zero-configuration command-line http server
npm-name - Check whether a package or organization name is available on npm
wifi-password - Get current wifi password
npm-home - Open the npm page, Yarn page, or GitHub repo of a package
torrent - download torrents with node from the CLI
Live Server - A simple development http server with live reload capability.
ignite - Infinite Red's battle-tested React Native project boilerplate, along with a CLI, component/model generators, and more! 9 years of continuous development and counting.
iponmap - commandline IP location finder
np - A better `npm publish`
David - :eyeglasses: Node.js module that tells you when your package npm dependencies are out of date.