Home
Docs
GitHub
Pricing
Blog
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
Generated on Mar 4, 2024 via pnpm

normalize-package-data 2.3.8

Normalizes data that can be found in package.json files.
Package summary
Share
3
issues
1
high severity
license
1
2
low severity
license
2
6
licenses
3
MIT
2
ISC
2
Apache-2.0
3
other licenses
BSD-2-Clause
1
CC-BY-3.0
1
CC0-1.0
1
Package created
9 Apr 2013
Version published
21 Apr 2017
Maintainers
5
Total deps
10
Direct deps
4
License
BSD-2-Clause

Issues

3

1 high severity issue

high
Recommendation: Read and validate the license terms
via: validate-npm-package-license@3.0.4
Collapse
Expand

2 low severity issues

low
Recommendation: Read and validate the license terms
via: validate-npm-package-license@3.0.4
Recommendation: Read and validate the license terms
via: validate-npm-package-license@3.0.4
Collapse
Expand

Licenses

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
3 Packages, Including:
builtin-modules@1.1.1
is-builtin-module@1.0.0
spdx-expression-parse@3.0.1

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
2 Packages, Including:
hosted-git-info@2.8.9
semver@5.7.2

Apache License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
use-patent-claims
place-warranty
Cannot
hold-liable
use-trademark
Must
include-copyright
include-license
state-changes
include-notice
2 Packages, Including:
spdx-correct@3.2.0
validate-npm-package-license@3.0.4

BSD 2-Clause "Simplified" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
normalize-package-data@2.3.8

Creative Commons Attribution 3.0 Unported

Uncategorized
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
1 Packages, Including:
spdx-exceptions@2.5.0

Creative Commons Zero v1.0 Universal

Public Domain
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
1 Packages, Including:
spdx-license-ids@3.0.17
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

4
All Dependencies CSV
β“˜ This is a list of normalize-package-data 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities
hosted-git-info2.8.97.92 kBISC
prod
is-builtin-module1.0.01.51 kBMIT
prod
semver5.7.217.45 kBISC
prod
validate-npm-package-license3.0.45.54 kBApache-2.0
prod
1
2

Visualizations

Frequently Asked Questions

What does normalize-package-data do?

The npm package "normalize-package-data" exports a function that primarily helps to normalize package metadata found typically in a package.json file. It contains algorithms that make necessary refinements and adjustments to provide cleaner, more consistent data from the package.json file. This makes it a critical utility for JavaScript development, especially when working with npm registry or any similar registries. The tool is typically used by packages like read-package-json, which in turn is utilized by npm and various other npm-associated tools. This package ensures that data received from a package.json file is accurate, valid, and structured according to predefined rules.

How do you use normalize-package-data?

To use normalize-package-data, first, the package should be installed via npm using:

npm install normalize-package-data

After installation, it can be included and utilized inside your JavaScript file. Here's a basic example:

let normalizeData = require('normalize-package-data');
let packageData = require("./package.json");
normalizeData(packageData);
// packageData is now normalized

In this example, we require the function exported by normalize-package-data and call it 'normalizeData'. Next, data to normalize - generally from a package.json file - is required and passed as an argument to our 'normalizeData' function.

The package also has a strict mode for validation and a warning function for logging imperfect input data:

let normalizeData = require('normalize-package-data');
let packageData = require("./package.json");
let warnFn = function(msg) { console.error(msg) }
normalizeData(packageData, true, warnFn);
// packageData is now normalized. Strict mode, Any number of warnings may have been logged.

Validations and warnings are triggered depending on the rules outlined for the various fields in the package data.

Where are the normalize-package-data docs?

Documentation for the normalize-package-data package does not exist in a formal format aside from the README file on the package's GitHub repository. The README serves as the primary source of introduction, installation guide, usage instructions, and lists the rules it follows to normalize data. To understand how to use this package and its specifics, you may access the README file at normalize-package-data GitHub repository. Detailed instructions and expected behaviors for different fields are outlined in the text.