spdx-correct
's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.Name | Version | Size | License | Type | Vulnerabilities |
---|---|---|---|---|---|
spdx-expression-parse | 3.0.1 | 4.32 kB | MIT | prod | 1 2 |
spdx-license-ids | 3.0.17 | 12.33 kB | CC0-1.0 | prod | 1 |
The npm package "spdx-correct" provides functionality to correct invalid SPDX (Software Package Data Exchange) expressions. In essence, it helps standardize the syntax of SPDX licenses identifiers. SPDX is a way to standardize the way in which software components are identified and their associated licenses. SPDX-correct provides an efficient way for developers to ensure that the license identifiers they use follow the SPDX standard. By adhering to this standard, developers are improving the accuracy and consistency of their license information, which can be essential for legal compliance.
To use "spdx-correct" in your JavaScript application, you first need to install the package, using npm install command:
npm install spdx-correct
Next, require the spdx-correct module in your code:
var correct = require('spdx-correct');
Now, you can call the function to correct SPDX expressions. Here's how it can be used:
var correct = require('spdx-correct');
var assert = require('assert');
assert.strictEqual(correct('mit'), 'MIT');
assert.strictEqual(correct('Apache 2'), 'Apache-2.0');
assert(correct('No idea what license') === null);
The arguments of the correct
function are the original invalid SPDX expression and an optional options object. If the SPDX identifier is unknown, it'll return null. If an upgrade
option is passed as false
, the function won't attempt to upgrade deprecated identifiers.
// disable upgrade option
assert(correct('GPL-3.0'), 'GPL-3.0-or-later');
assert(correct('GPL-3.0', { upgrade: false }), 'GPL-3.0');
The documentation for the "spdx-correct" npm package is not separate, but rather available in the README file on the package's GitHub repository. This resource provides a comprehensive overview of the functionality of the package, instructions on how to install and use it in your application, and showcases a few examples of correcting different SPDX expressions.