npm, the awesome source code package manager for JavaScript and stuff, publishes a specification for license metadata in package.json files. The spec asks maintainers to use the SPDX standard’s license expression syntax to show how their work is licensed in a machine-readable way. You will get a warning if you don’t.

In most cases, that's as easy as setting your license property (not licenses, as for RubyGems) to MIT, ISC, BSD-2-Clause, Apache-2.0, or some other string on SPDX' official list. You can even Unlicense or WTFPL, you rebel, you.

The following is a list of packages among the 1,000 most-depended-upon (the “npm1K”) that aren't yet part of that better world. There are handy links for making quick pull requests to fix package.json if you’d like to help them out. Given how vital these packages are, each one with a good license property helps make Node easier to adopt in new and different teams, many of which are dipping timid corporate toes into open-source for the very first time.

Who cares? Nobody cares! Until they have to do a license check. Then, thanks to how amazing npm is, you’re left staring down a bottomless well of node_modules directories you must search, manually, for LICENSE files and hints in README. But shouldn’t some lousy program do that kind of work for you? Of course! And it would sure help if the npm ecosystem offered good, clean metadata to chew on.

Special thanks to @beaugunderson and @tunnckoCore.


95% valid
5% invalid

Mon, 05 Mar 2018 00:02:59 GMT

Package Latest Maintainers Fix It! Warnings
66 node-uuid 1.4.8 broofa defunctzombie
  • Missing license property
77 optimist 0.6.1 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
136 gulp-rename 1.2.2 hparra contra shinnn fractal
  • Missing license property
211 cli-table 0.3.1 rauchg
  • Missing license property
224 querystring 0.2.0 gozala
  • Missing license property
267 passport-local 1.0.0 jaredhanson
  • Missing license property
274 xmldom 0.1.27 jindw yaron bigeasy kethinov jinjinyun
  • Missing license property
333 raw-loader 0.5.1 sokra
  • Missing license property
349 react-tap-event-plugin 3.0.2 s0meone
  • Missing license property
376 wrench 1.5.9 ryanmcgrath
  • Missing license property
379 walk 2.3.9 coolaj86
  • Missing license property
381 adm-zip 0.4.7 cthackers
  • Missing license property
428 ssh2 0.5.5 mscdex
  • Missing license property
465 newrelic 2.9.0 lykkin
  • Missing license property
528 passport-oauth 1.0.0 jaredhanson
  • Missing license property
537 valid-url 1.0.9 odysseas sagens
  • Missing license property
542 connect-flash 0.1.1 jaredhanson
  • Missing license property
560 tv4 1.3.0 geraintluff bartvds [{"type":"Public Domain","url":"http://geraintluff.github.io/tv4/LICENSE.txt"},{"type":"MIT","url":"http://jsonary.com/LICENSE.txt"}]
  • Invalid license property
563 hogan.js 3.0.2 fat sayrer
  • Missing license property
580 markdown 0.5.0 ashb dom
  • Missing license property
582 clear 0.1.0 bahamas10
  • Missing license property
606 btoa 1.1.2 coolaj86 "Apache2"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "Apache-2.0"
608 passport-strategy 1.0.0 jaredhanson
  • Missing license property
612 express-jwt 5.3.0 dschenkelman hzalaz jaredhanson jfromaniello pose woloski
  • Missing license property
615 babel-preset-lfdoherty 1.0.6 lfdoherty
  • Missing license property
623 base-64 0.1.0 mathias
  • Missing license property
636 keymirror 0.1.1 strml
  • Missing license property
650 iniparser 1.0.5 shockie
  • Missing license property
670 source-map-loader 0.2.3 ericclemmons bebraw jhnns thelarkinn sokra jtangelder d3viant0ne
  • Missing license property
714 readline 1.3.0 craigbrookes "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
717 argv 0.0.2 codenothing
  • Missing license property
727 busboy 0.2.14 mscdex
  • Missing license property
731 pg-hstore 2.3.2 scarney
  • Missing license property
734 clui 0.3.6 artokun nathanpeck
  • Missing license property
737 callsite 1.0.0 tjholowaychuk
  • Missing license property
755 async-validator 1.8.2 yiminghe
  • Missing license property
761 slush 1.1.1 joakimbeng
  • Missing license property
780 fastclick 1.0.6 ftlabs mcg georgecrawfordft mattandrews
  • Missing license property
791 angular-material 1.1.7 angularcore
  • Missing license property
813 log 1.4.0 tjholowaychuk
  • Missing license property
845 passport-http-bearer 1.0.1 jaredhanson
  • Missing license property
848 entities 1.1.1 feedic "BSD-like"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
851 mandrill-api 1.0.45 mailchimp
  • Missing license property
864 docopt 0.6.2 stuartcarnie
  • Missing license property
869 rethinkdb 2.3.3 rethinkdb
  • Missing license property
880 ftp 0.3.10 mscdex
  • Missing license property
885 hat 0.0.3 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
904 gsap 1.20.4 greensock "Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
922 i 0.3.6 pksunkara
  • Missing license property
934 fuse.js 3.2.0 krisk "Apache"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "Apache-2.0"
949 rc-util 4.4.0 benjycui yesmeck yiminghe
  • Missing license property
957 merge2 1.2.1 zensh
  • Missing license property
Fork me on GitHub