npm, the awesome source code package manager for JavaScript and stuff, recently updated its guidelines on license metadata in package.json files. The new guidelines ask maintainers to use the SPDX standard’s license expression syntax to show how their work is licensed in a machine-readable way. You will get a warning if you don’t.

In most cases, that's as easy as setting your license property (not licenses, as for RubyGems) to MIT, ISC, BSD-2-Clause, Apache-2.0, or some other string on SPDX' official list. You can even Unlicense or WTFPL, you rebel, you.

Who cares? Nobody cares! Until they have to do a license check. Then, thanks to how amazing npm is, you’re left staring down a bottomless well of node_modules directories you must search, manually, for LICENSE files and hints in README. But shouldn’t some lousy program do that kind of work for you? Of course! And it would sure help if the npm ecosystem offered good, clean metadata to chew on.

The following is a list of packages among the 1,000 most-depended-upon (the “npm1K”) that aren't yet part of that better world. There are handy links for making quick pull requests to fix package.json if you’d like to help them out. Given how vital these packages are, each one with a good license property helps make Node easier to adopt in new and different teams, many of which are dipping timid corporate toes into open-source for the very first time.

Want to rage-tweet about the new npm validation warning? Blame it on @kemitchell. Want to trash npm for this corny single-page website? Can’t. It’s not affiliated with npm.

Special thanks to @beaugunderson and @tunnckoCore.


86% valid
14% invalid

Fri, 29 Apr 2016 06:32:17 GMT

Package Latest Maintainers Fix It! Warnings
11 q 1.4.1 kriskowal domenic {"type":"MIT","url":"http://github.com/kriskowal/q/raw/master/LICENSE"}
  • Invalid license property
22 optimist 0.6.1 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
26 node-uuid 1.4.7 broofa coolaj86
  • Missing license property
48 mime 1.3.4 broofa bentomas
  • Missing license property
78 gulp-rename 1.2.2 hparra contra shinnn fractal
  • Missing license property
123 cli-table 0.3.1 rauchg
  • Missing license property
127 wrench 1.5.9 ryanmcgrath
  • Missing license property
140 progress 1.1.8 tjholowaychuk hallas prezjordan
  • Missing license property
153 crypto 0.0.3 gozala
  • Missing license property
165 querystring 0.2.0 gozala
  • Missing license property
166 xmldom 0.1.22 jindw yaron bigeasy kethinov jinjinyun
  • Missing license property
179 nomnom 1.8.1 harth
  • Missing license property
184 github 0.2.4 mikedeboer
  • Missing license property
189 passport-local 1.0.0 jaredhanson
  • Missing license property
207 formidable 1.0.17 felixge svnlto superjoe tim-smart
  • Missing license property
210 oauth 0.9.14 ciaranj
  • Missing license property
220 adm-zip 0.4.7 cthackers
  • Missing license property
233 walk 2.3.9 coolaj86
  • Missing license property
247 ms 0.7.1 rauchg
  • Missing license property
266 passport-oauth 1.0.0 jaredhanson
  • Missing license property
273 cron 1.1.0 ncb000gt
  • Missing license property
289 ssh2 0.5.0 mscdex
  • Missing license property
304 slug 0.9.1 dodo
  • Missing license property
305 @ryancavanaugh/node
  • Could not fetch package.json
313 hogan.js 3.0.2 fat sayrer
  • Missing license property
337 markdown 0.5.0 ashb dom
  • Missing license property
345 firebase 2.4.2 firebase
  • Missing license property
353 gulp-notify 2.2.0 mikaelb
  • Missing license property
366 connect-flash 0.1.1 jaredhanson
  • Missing license property
375 iniparser 1.0.5 shockie
  • Missing license property
376 amqp 0.2.4 ry postwait
  • Missing license property
386 numeral 1.5.3 adamwdraper
  • Missing license property
388 tv4 1.2.7 geraintluff bartvds
  • Missing license property
400 validate.io-string-primitive 1.0.0 kgryte
  • Missing license property
403 passport-strategy 1.0.0 jaredhanson
  • Missing license property
418 utils-merge 1.0.0 jaredhanson
  • Missing license property
424 @ryancavanaugh/jquery
  • Could not fetch package.json
426 stack-trace 0.0.9 felixge tim-smart sebastianhoitz
  • Missing license property
431 nodeunit 0.9.1 caolan mreinstein
  • Missing license property
438 validate.io-function 1.0.2 kgryte
  • Missing license property
442 dot 1.0.3 olado
  • Missing license property
446 vow 0.4.12 dfilatov
  • Missing license property
457 docopt 0.6.2 stuartcarnie
  • Missing license property
460 bcrypt-nodejs 0.0.3 shanegirish
  • Missing license property
471 hat 0.0.3 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
473 webpack-dev-middleware 1.6.1 jhnns peerigon sokra
  • Missing license property
475 xhr 2.2.0 raynos naugtur
  • Missing license property
480 leaflet 0.7.7 mourner
  • Missing license property
483 fs.extra 1.3.2 coolaj86
  • Missing license property
485 callsite 1.0.0 tjholowaychuk
  • Missing license property
497 batch 0.5.3 tjholowaychuk
  • Missing license property
502 log 1.4.0 tjholowaychuk
  • Missing license property
507 imagemagick 0.1.3 rsms
  • Missing license property
509 newrelic 1.26.2 lykkin martinkuba newrelic tkrajcar
  • Missing license property
514 global 4.3.0 raynos mattesch jerrysievert
  • Missing license property
522 htmlparser 1.7.7 tautologistics
  • Missing license property
526 less-loader 2.2.3 sokra jhnns
  • Missing license property
527 rework 1.0.1 tjholowaychuk jonathanong jongleberry conradz necolas anthonyshort ianstormtaylor moox clintwood lydell slexaxton
  • Missing license property
531 node-schedule 1.1.0 mattpat tejasmanohar sgimeno jonhester
  • Missing license property
535 duplexer 0.1.1 raynos dominictarr
  • Missing license property
538 valid-url 1.0.9 odysseas sagens
  • Missing license property
542 react-tap-event-plugin 1.0.0 s0meone
  • Missing license property
548 btoa 1.1.2 coolaj86 "Apache2"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "Apache-2.0"
551 xpath 0.0.23 goto100 jlrishe "Creative Commons"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
562 win-spawn 2.0.0 forbeslindesay "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
571 busboy 0.2.13 mscdex
  • Missing license property
580 eyes 0.1.8 cloudhead indexzero
  • Missing license property
582 jasmine-node 1.14.5 mhevery tebriel
  • Missing license property
604 @domoinc/base-widget
  • Could not fetch package.json
606 keymirror 0.1.1 strml
  • Missing license property
617 expect.js 0.3.1 rauchg
  • Missing license property
619 portscanner 1.0.0 baalexander smassa
  • Missing license property
622 argv 0.0.2 codenothing
  • Missing license property
623 browser-request 0.3.3 jhs maxogden
  • Missing license property
631 @domoinc/da-theme2
  • Could not fetch package.json
639 node-fs 0.1.7 bpedro
  • Missing license property
648 rethinkdb 2.3.1 rethinkdb
  • Missing license property
651 mandrill-api 1.0.45 mailchimp
  • Missing license property
653 validate.io-boolean-primitive 1.0.0 kgryte
  • Missing license property
663 useragent 2.1.9 v1 3rdeden {"type":"MIT","url":"https://github.com/3rd-Eden/useragent/blob/master/LICENSE"}
  • Invalid license property
665 colorful 2.1.0 lepture
  • Missing license property
666 dnode 1.2.2 substack seethroughtrees
  • Missing license property
672 entities 1.1.1 feedic "BSD-like"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
673 copy-paste 1.2.0 xavi
  • Missing license property
680 fluent-ffmpeg 2.0.1 schaermu spruce bencevans njoyard
  • Missing license property
685 node-forge 0.6.39 davidlehn dlongley msporny
  • Missing license property
689 domready 1.0.8 ded fat
  • Missing license property
706 prelude-ls 1.1.2 gkz
  • Missing license property
708 raw-loader 0.5.1 sokra
  • Missing license property
710 ftp 0.3.10 mscdex
  • Missing license property
715 passport-http-bearer 1.0.1 jaredhanson
  • Missing license property
722 watchr 2.4.13 balupton {"type":"MIT"}
  • Invalid license property
737 uid2 0.0.3 coreh
  • Missing license property
744 string-format 0.5.0 davidchambers
  • Missing license property
748 eco 1.1.0-rc-3 sstephenson
  • Missing license property
750 passport-http 0.3.0 jaredhanson
  • Missing license property
760 charm 1.0.0 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
771 observ 0.2.0 raynos
  • Missing license property
780 required-keys 1.0.5 clewfirst "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
796 twitter 1.2.5 desmondmorris
  • Missing license property
797 child-process-promise 2.0.1 psteeleidem pnidem "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
808 temporary 0.0.8 vesln
  • Missing license property
811 validate.io-number-primitive 1.0.0 kgryte
  • Missing license property
812 jquery-ui 1.10.5 devongovett
  • Missing license property
815 co-request 1.0.0 leukhin
  • Missing license property
818 hoist-non-react-statics 1.0.5 mridgway
  • Missing license property
825 validate.io-nonnegative-integer 1.0.0 kgryte
  • Missing license property
844 @polymer/polymer
  • Could not fetch package.json
850 daemon 1.1.0 indexzero avianflu shtylman
  • Missing license property
854 lazy 1.0.11 pkrumins {"type":"MIT"}
  • Invalid license property
861 after 0.8.1 raynos shtylman
  • Missing license property
865 winston-loggly 1.3.1 indexzero chjj jcrugzz
  • Missing license property
872 gulp-cached 1.1.0 fractal
  • Missing license property
873 harmony-reflect 1.4.6 tvcutsem
  • Missing license property
882 bignum 0.11.0 bitcoinjs justmoon rvagg "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
886 ua-parser-js 0.7.10 faisalman
  • Missing license property
888 emitter-component 1.1.1 tjholowaychuk
  • Missing license property
889 trim 0.0.1 tjholowaychuk
  • Missing license property
890 dirty 1.0.0 felixge bentaber distracteddev younggi
  • Missing license property
896 findup 0.1.5 Filirom1 filirom1
  • Missing license property
904 babel-plugin-transform-regenerator 6.6.5 amasad hzoo jmm loganfsmyth sebmck thejameskyle "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
908 backbone.marionette 2.4.5 elliotf derickbailey samccone ahumphreys87
  • Missing license property
910 i 0.3.4 pksunkara
  • Missing license property
911 bitcoinjs-lib 2.2.0 bitcoinjs justmoon kyledrake dcousens
  • Missing license property
913 node-getopt 0.2.3 jiangmiao
  • Missing license property
932 @linclark/pkg
  • Could not fetch package.json
935 express-jwt 3.3.0 woloski jfromaniello pose dschenkelman jaredhanson
  • Missing license property
937 raven 0.10.0 benvinegar mattrobenolt zeeg "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
942 node-zip 1.1.1 daraosn
  • Missing license property
950 ap 0.2.0 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
957 elementtree 0.1.6 rphillips
  • Missing license property
963 validate.io-nan 1.0.3 kgryte
  • Missing license property
976 readline 1.3.0 craigbrookes "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
977 html-loader 0.4.3 peerigon sokra
  • Missing license property
980 json-schema 0.2.2 kriszyp
  • Missing license property
985 dotty 0.0.2 deoxxa "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
993 xmlrpc 1.3.1 baalexander plodder
  • Missing license property
997 pg-hstore 2.3.2 scarney
  • Missing license property
Fork me on GitHub