composer/spdx-licenses 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.| Name | Version | Size | License | Type | Vulnerabilities |
|---|
The composer/spdx-licenses package is a utility library originally part of the larger composer/composer project, but now stands as a separate entity. This package provides a list of Software Package Data Exchange (SPDX) licenses and a validation library. It allows users to access information about licenses, check their OSI approval status, identify deprecated licenses, and validate SPDX license expressions.
To use the composer/spdx-licenses package, first install it using Composer with the command composer require composer/spdx-licenses. Once installed, you can incorporate it into your project like so:
<?php
use Composer\Spdx\SpdxLicenses;
$licenses = new SpdxLicenses();
// Get a license by identifier
$licenses->getLicenseByIdentifier('MIT');
// Get a license exception by identifier
$licenses->getExceptionByIdentifier('Autoconf-exception-3.0');
// Get a license identifier by name
$licenses->getIdentifierByName('MIT License');
// Check if a license is OSI approved by identifier
$licenses->isOsiApprovedByIdentifier('MIT');
// Check if a license identifier is deprecated
$licenses->isDeprecatedByIdentifier('MIT');
// Check if input is a valid SPDX license expression
$licenses->validate($input);
This PHP code demonstrates how to utilize the various functions provided by the SpdxLicenses class.
For more detailed documentation and specifications relating to valid SPDX license expressions, you should visit the official SPDX website https://spdx.org/specifications. The composer/spdx-licenses GitHub repository does not contain standalone documentation, but the README file provides a general understanding of installation and usage. License information details can be accessed from the SPDX's License List Data repository.
