npm, the awesome source code package manager for JavaScript and stuff, publishes a specification for license metadata in package.json files. The spec asks maintainers to use the SPDX standard’s license expression syntax to show how their work is licensed in a machine-readable way. You will get a warning if you don’t.

In most cases, that's as easy as setting your license property (not licenses, as for RubyGems) to MIT, ISC, BSD-2-Clause, Apache-2.0, or some other string on SPDX' official list. You can even Unlicense or WTFPL, you rebel, you.

The following is a list of packages among the 1,000 most-depended-upon (the “npm1K”) that aren't yet part of that better world. There are handy links for making quick pull requests to fix package.json if you’d like to help them out. Given how vital these packages are, each one with a good license property helps make Node easier to adopt in new and different teams, many of which are dipping timid corporate toes into open-source for the very first time.

Who cares? Nobody cares! Until they have to do a license check. Then, thanks to how amazing npm is, you’re left staring down a bottomless well of node_modules directories you must search, manually, for LICENSE files and hints in README. But shouldn’t some lousy program do that kind of work for you? Of course! And it would sure help if the npm ecosystem offered good, clean metadata to chew on.

Special thanks to @beaugunderson and @tunnckoCore.


95% valid
5% invalid

Thu, 16 Nov 2017 07:02:47 GMT

Package Latest Maintainers Fix It! Warnings
55 node-uuid 1.4.8 broofa defunctzombie
  • Missing license property
60 optimist 0.6.1 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
128 gulp-rename 1.2.2 hparra contra shinnn fractal
  • Missing license property
201 cli-table 0.3.1 rauchg
  • Missing license property
220 querystring 0.2.0 gozala
  • Missing license property
246 passport-local 1.0.0 jaredhanson
  • Missing license property
255 xmldom 0.1.27 jindw yaron bigeasy kethinov jinjinyun
  • Missing license property
331 react-tap-event-plugin 3.0.2 s0meone
  • Missing license property
335 wrench 1.5.9 ryanmcgrath
  • Missing license property
338 raw-loader 0.5.1 sokra
  • Missing license property
345 walk 2.3.9 coolaj86
  • Missing license property
352 adm-zip 0.4.7 cthackers
  • Missing license property
397 ssh2 0.5.5 mscdex
  • Missing license property
414 nomnom 1.8.1 harth
  • Missing license property
420 slug 0.9.1 dodo
  • Missing license property
441 bcrypt-nodejs 0.0.3 shanegirish
  • Missing license property
515 newrelic 2.4.0 lykkin
  • Missing license property
550 passport-oauth 1.0.0 jaredhanson
  • Missing license property
568 connect-flash 0.1.1 jaredhanson
  • Missing license property
579 hogan.js 3.0.2 fat sayrer
  • Missing license property
581 tv4 1.3.0 geraintluff bartvds [{"type":"Public Domain","url":"http://geraintluff.github.io/tv4/LICENSE.txt"},{"type":"MIT","url":"http://jsonary.com/LICENSE.txt"}]
  • Invalid license property
605 babel-preset-lfdoherty 1.0.6 lfdoherty
  • Missing license property
606 markdown 0.5.0 ashb dom
  • Missing license property
609 valid-url 1.0.9 odysseas sagens
  • Missing license property
626 passport-strategy 1.0.0 jaredhanson
  • Missing license property
639 btoa 1.1.2 coolaj86 "Apache2"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "Apache-2.0"
646 keymirror 0.1.1 strml
  • Missing license property
651 iniparser 1.0.5 shockie
  • Missing license property
687 express-jwt 5.3.0 dschenkelman hzalaz jaredhanson jfromaniello pose woloski
  • Missing license property
696 clear 0.0.1 bahamas10
  • Missing license property
738 argv 0.0.2 codenothing
  • Missing license property
748 amqp 0.2.6 ry postwait
  • Missing license property
762 copy-paste 1.3.0 xavi
  • Missing license property
780 callsite 1.0.0 tjholowaychuk
  • Missing license property
784 base-64 0.1.0 mathias
  • Missing license property
787 slush 1.1.1 joakimbeng
  • Missing license property
795 busboy 0.2.14 mscdex
  • Missing license property
805 readline 1.3.0 craigbrookes "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
840 pg-hstore 2.3.2 scarney
  • Missing license property
842 source-map-loader 0.2.3 ericclemmons bebraw jhnns thelarkinn sokra jtangelder d3viant0ne
  • Missing license property
858 exports-loader 0.6.4 bebraw d3viant0ne ericclemmons jhnns peerigon sokra thelarkinn
  • Missing license property
861 clui 0.3.6 artokun nathanpeck
  • Missing license property
865 log 1.4.0 tjholowaychuk
  • Missing license property
873 docopt 0.6.2 stuartcarnie
  • Missing license property
899 moment-range 3.0.3 adambiggs gf3 {"type":"Public Domain","url":"https://github.com/gf3/moment-range/raw/master/UNLICENSE"}
  • Invalid license property
902 angular-material 1.1.5 angularcore
  • Missing license property
917 hat 0.0.3 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
923 entities 1.1.1 feedic "BSD-like"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
924 rethinkdb 2.3.3 rethinkdb
  • Missing license property
925 passport-http-bearer 1.0.1 jaredhanson
  • Missing license property
929 mandrill-api 1.0.45 mailchimp
  • Missing license property
940 fastclick 1.0.6 ftlabs mcg georgecrawfordft mattandrews
  • Missing license property
952 ftp 0.3.10 mscdex
  • Missing license property
969 i 0.3.6 pksunkara
  • Missing license property
Fork me on GitHub