{"_id":"conformance","_rev":"2-40bf886a78dc664d2add67c256c80324","name":"conformance","dist-tags":{"latest":"1.0.0"},"versions":{"0.0.1":{"name":"conformance","version":"0.0.1","description":"A module that helps you get insight into compliance with SPDX conformance.","main":"index.js","directories":{"example":"examples","lib":"lib","test":"tests"},"scripts":{"test":"echo \"Error: no test specified\" && exit 1"},"keywords":["licenses","license","conformance","conform","spdx","osi","Open Source Initiative","fsf","Free Software Foundation","validate"],"author":{"name":"Tierney Cyren","email":"hello@bnb.im"},"license":"MIT","dependencies":{"spdx-expression-parse":"^3.0.0"},"devDependencies":{"jest":"^24.8.0","standard":"^13.1.0"},"standard":{"ignore":["/tests"]},"_id":"conformance@0.0.1","_nodeVersion":"12.7.0","_npmVersion":"6.10.0","dist":{"integrity":"sha512-ARkAq7gxjXz1IDviT7YKcY9vB1SNoJdCuLZsSkiXQpo7o/AqShMP2+m+/P00IiF5NB/6YPhQscNbYL9vX+k2xQ==","shasum":"f1d4885d002df804dcb6fca68ddda7a9ad9fb102","tarball":"https://registry.npmjs.org/conformance/-/conformance-0.0.1.tgz","fileCount":16,"unpackedSize":22587,"npm-signature":"-----BEGIN PGP SIGNATURE-----\r\nVersion: OpenPGP.js v3.0.4\r\nComment: https://openpgpjs.org\r\n\r\nwsFcBAEBCAAQBQJdPzYyCRA9TVsSAnZWagAA4lsP/2u/zNd03BHWjIeDEMNb\nW8mSxmh+WhjEZNE479t28KBkZyQ4uJijmUHgCU138YI1uVL/flbgoXCZgNY5\n/CAvkCg1vVdmzr2eiZRZRDZcGWjnBz/FzH2Bsg2rfn9owoqrPw6XAl6Zdpq8\n5EEYMLMX0R0vOGyhGyn03UpRuyu9Jph8xhBHQqh8E7krJ6ZJbfV6M1I0f5EY\nFQuKAGMyz4RAVWR95cDjkBPSIk8ovO/3nqkATF5Jr3tS9qVFxiC2INycO+6D\ndAJNPsDMiIovzuc7YAsQVbs+LKeBUR1OfGerYDYb0A6j8zJmsUt9B425vWwZ\nNX/tohy/ZJLQ7huhE4//DUzySA3q7MNgXrW4lgL2ZB74rR0UuK/NZwNs+Nhc\ntBGxz5JEZR5yPzg3g0+jvzk/VSFPiHHBuU/O2LzHRzC+1Jk+BV1T6i79WUm0\np4IXjZF2QIA4cR1mSw0JrRJE1YPXYN1XZJjzmFKixHfhIktQ8gLwGruPLwo6\nwgVceq34srvV5qG/7BQZO+ReFy25FbAcLA8bq8N9F513cu4JYouSt8uOc1m+\n84IEd8yy6kyoU4tUIy9r/nWf/Gat4lBBJnmnbb+KDfEM6A3TlKRdbX4rWTlz\ns75E0zi1/7WQHFodzmhH9+Hv9WVMbWPhDQgkm90YMIvFtN2ikj+JEPhYVqLg\n/1dP\r\n=NFs1\r\n-----END PGP SIGNATURE-----\r\n","signatures":[{"keyid":"SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA","sig":"MEYCIQCEaAotqg79wXTAL+eRyYOvhO49TQS/yehyxghFOhNMmQIhAJPFuCDsUqyWsiziwUpn4zXpZRk/ovYbC/O3zhmOxToM"}]},"maintainers":[{"name":"bnb","email":"hello@bnb.im"}],"_npmUser":{"name":"bnb","email":"hello@bnb.im"},"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/conformance_0.0.1_1564423729958_0.7107487634584542"},"_hasShrinkwrap":false},"1.0.0":{"name":"conformance","version":"1.0.0","description":"A module that helps you get insight into compliance with SPDX conformance.","main":"index.js","directories":{"example":"examples","lib":"lib","test":"tests"},"scripts":{"test":"echo \"Error: no test specified\" && exit 1"},"keywords":["licenses","license","conformance","conform","spdx","osi","Open Source Initiative","fsf","Free Software Foundation","validate"],"author":{"name":"Tierney Cyren","email":"hello@bnb.im"},"license":"MIT","dependencies":{"spdx-expression-parse":"^3.0.0"},"devDependencies":{"jest":"^24.8.0","standard":"^13.1.0"},"standard":{"ignore":["/tests"]},"repository":{"type":"git","url":"git+https://github.com/cutenode/conformance.git"},"bugs":{"url":"https://github.com/cutenode/conformance/issues"},"homepage":"https://github.com/cutenode/conformance#readme","gitHead":"27dc66d845f917a2e4ae0a720c91fe842abe139a","_id":"conformance@1.0.0","_nodeVersion":"12.7.0","_npmVersion":"6.10.0","dist":{"integrity":"sha512-yHNr1QYQIigTHww52pFTppBQaAJVDJgOpN0I+fvzzf3V0WmGeIzHisaHoTeCN/V49Zwp4v8YNhLzDFnP0hsBEw==","shasum":"9e6dd0ef734d065394efdac4f520a2034bddc598","tarball":"https://registry.npmjs.org/conformance/-/conformance-1.0.0.tgz","fileCount":9,"unpackedSize":12234,"npm-signature":"-----BEGIN PGP SIGNATURE-----\r\nVersion: OpenPGP.js v3.0.4\r\nComment: https://openpgpjs.org\r\n\r\nwsFcBAEBCAAQBQJdPzfOCRA9TVsSAnZWagAAgloP/iHM02diuDCV6rbyCeKr\nPAwQf8UdpkrNYGDn2yijP36zaxyA4f+Swn9rdXkkm2TX/k2U7S8ItJKkYxNw\nJLLYjIB6FkbBRcK0ZMDSbZO9u/XVTBelv5iLGJbkKg7SCGybNk/y9hxPrrwP\n0HOHOyNrfQCg5rpL8IoZVcZThn2n8bi6zpSS85uhU2SbqHF91gPhrT4CDcp8\nZKJEogHh+RkbWSbtnQSC+MD/etJcAfCkgNooHjZb68M5ljU4oEOR2SeXqf7+\nc60MZ2e4n//tbC8lUUaY7Wsc+enIkKp2sxppx6QbGqNv8Rx5/01ivqZDSMSb\nhddpp4yisjvMLzTPEnWR7S34EsMipoIqVQA7FQmI/SEwjgN6q6d4URLqKhtK\ns3eTd46y1P39H+hk/1gsnGKn8BYU0yHHw3p0oS6eTVvbRLmv8pi1KtkVgv7B\nSEaX/QZNj4RRyJv5AcOdZ9Ie3Rlw5ovpJ6+6PKnHnjjntVHU2+10+jM6ymuo\nY1ITAN/SwcWKN+RhN/3pM6NI5S0iQiSWkNMtuRv6457SDTaU5QJbIh7+eoeS\nHvRJ3LB88mpP2TO7cGd7MEJdLq2q8MVMkQFT0YcRxoinfv9UqdcrHvZ6w3aL\nrcTV+62FkZRDR9Kk0lZnxbQIaJlxzxAl7Ook8KFmwkgk6+CoLlpeRKVAUlGX\n2mPV\r\n=FGyo\r\n-----END PGP SIGNATURE-----\r\n","signatures":[{"keyid":"SHA256:jl3bwswu80PjjokCgh0o2w5c2U4LhQAE57gj9cz1kzA","sig":"MEUCIDMYFeHiM2pKZOHEk//HXFBBUihYj6plsryMHZTEtolJAiEAv0fJSHBMlqi4UayuPzO/po9d1M4CyqR51Cn1yhLTnQ8="}]},"maintainers":[{"name":"bnb","email":"hello@bnb.im"}],"_npmUser":{"name":"bnb","email":"hello@bnb.im"},"_npmOperationalInternal":{"host":"s3://npm-registry-packages","tmp":"tmp/conformance_1.0.0_1564424142063_0.5773101948482353"},"_hasShrinkwrap":false}},"time":{"created":"2019-07-29T18:08:49.958Z","0.0.1":"2019-07-29T18:08:50.100Z","modified":"2022-04-27T15:39:50.642Z","1.0.0":"2019-07-29T18:15:42.193Z"},"maintainers":[{"name":"bnb","email":"hello@bnb.im"}],"description":"A module that helps you get insight into compliance with SPDX conformance.","keywords":["licenses","license","conformance","conform","spdx","osi","Open Source Initiative","fsf","Free Software Foundation","validate"],"author":{"name":"Tierney Cyren","email":"hello@bnb.im"},"license":"MIT","readme":"# Conformance\n\nA module that helps you get insight into licenses included in the SPDX license list.\n\n## Usage\n\nIf you just want to see if a specific license ID or license string is conformant:\n\n```js\nconst conformance = require('conformance')\n\nconformance('MIT')\nconformance('ISC OR GPL-2.0-with-GCC-exception')\n```\n\n## What\n\nThis module will spit out an object at you with a suite of information about a SPDX license expression you pass in. In general, it will look something like this:\n\n```json\n{\n  \"uniqueLicenseIds\": [\n    \"MIT\"\n  ],\n  \"spdxLicenseLinks\": [\n    \"https://spdx.org/licenses/MIT.html#licenseText\"\n  ],\n  \"spdx\": {\n    \"osi\": true,\n    \"fsf\": true,\n    \"fsfAndOsi\": true,\n    \"deprecated\": false\n  }\n}\n```\n\n## API\n\nCurrent usage looks like this:\n\n```js\nconst conformance = require('conformance')\n\nconformance(<spdx expression>, [options])\n```\n\nWhere:\n\n- `<spdx expression`> is a required string.\n  - Can be any valid [SPDX license expression](https://spdx.org/spdx-specification-21-web-version#h.jxpfx0ykyb60), which will be parsed by [spdx-expression-parse](https://www.npmjs.com/package/spdx-expression-parse).\n- `[options]` is an optional object that contains the following properties:\n  - `throwOnError`: a `Boolean` that indicates whether or not you want to throw on errors.\n\n## Why\n\nThis is something I've wanted to see for a long time. I've personally seen how high of a barrier licensing can be for larger teams. By increasing insight into license strucutre across applications, we can hopefully lower the barrier for further adoption across industries ❤️\n\n## Limitations\n\n- License expression depth is currently limited to three licenses. For example, `MIT AND (CC0-1.0 OR ISC)` is the current maximum depth. This will return 3 licenses, as you'd expect. This isn't a hard limit, it's just the depth that's been written in the context of licenses on npm. To date, I've not seen a license expression that goes futher than this. If this ends up being written, it should just be a recursive function that continues to check regardless of depth.\n","readmeFilename":"README.md","homepage":"https://github.com/cutenode/conformance#readme","repository":{"type":"git","url":"git+https://github.com/cutenode/conformance.git"},"bugs":{"url":"https://github.com/cutenode/conformance/issues"}}