npm, the awesome source code package manager for JavaScript and stuff, recently updated its guidelines on license metadata in package.json files. The new guidelines ask maintainers to use the SPDX standard’s license expression syntax to show how their work is licensed in a machine-readable way. You will get a warning if you don’t.

In most cases, that's as easy as setting your license property (not licenses, as for RubyGems) to MIT, ISC, BSD-2-Clause, Apache-2.0, or some other string on SPDX' official list. You can even Unlicense or WTFPL, you rebel, you.

Who cares? Nobody cares! Until they have to do a license check. Then, thanks to how amazing npm is, you’re left staring down a bottomless well of node_modules directories you must search, manually, for LICENSE files and hints in README. But shouldn’t some lousy program do that kind of work for you? Of course! And it would sure help if the npm ecosystem offered good, clean metadata to chew on.

The following is a list of packages among the 1,000 most-depended-upon (the “npm1K”) that aren't yet part of that better world. There are handy links for making quick pull requests to fix package.json if you’d like to help them out. Given how vital these packages are, each one with a good license property helps make Node easier to adopt in new and different teams, many of which are dipping timid corporate toes into open-source for the very first time.

Want to rage-tweet about the new npm validation warning? Blame it on @kemitchell. Want to trash npm for this corny single-page website? Can’t. It’s not affiliated with npm.

Special thanks to @beaugunderson and @tunnckoCore.


88% valid
12% invalid

Tue, 23 Aug 2016 23:02:46 GMT

Package Latest Maintainers Fix It! Warnings
12 q 1.4.1 kriskowal domenic {"type":"MIT","url":"http://github.com/kriskowal/q/raw/master/LICENSE"}
  • Invalid license property
25 node-uuid 1.4.7 broofa coolaj86
  • Missing license property
26 optimist 0.6.1 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
56 mime 1.3.4 broofa bentomas
  • Missing license property
81 gulp-rename 1.2.2 hparra contra shinnn fractal
  • Missing license property
136 cli-table 0.3.1 rauchg
  • Missing license property
145 progress 1.1.8 tjholowaychuk hallas prezjordan
  • Missing license property
151 crypto 0.0.3 gozala
  • Missing license property
155 wrench 1.5.9 ryanmcgrath
  • Missing license property
183 querystring 0.2.0 gozala
  • Missing license property
193 xmldom 0.1.22 jindw yaron bigeasy kethinov jinjinyun
  • Missing license property
208 passport-local 1.0.0 jaredhanson
  • Missing license property
227 nomnom 1.8.1 harth
  • Missing license property
242 formidable 1.0.17 felixge svnlto superjoe tim-smart
  • Missing license property
247 adm-zip 0.4.7 cthackers
  • Missing license property
249 oauth 0.9.14 ciaranj
  • Missing license property
260 ms 0.7.1 rauchg
  • Missing license property
261 @angular/core
  • Could not fetch package.json
264 walk 2.3.9 coolaj86
  • Missing license property
277 cron 1.1.0 ncb000gt
  • Missing license property
297 @angular/common
  • Could not fetch package.json
300 ssh2 0.5.0 mscdex
  • Missing license property
310 passport-oauth 1.0.0 jaredhanson
  • Missing license property
313 slug 0.9.1 dodo
  • Missing license property
315 @angular/compiler
  • Could not fetch package.json
319 @types/node
  • Could not fetch package.json
323 firebase 3.3.0 firebase
  • Missing license property
329 @angular/platform-browser
  • Could not fetch package.json
348 @angular/platform-browser-dynamic
  • Could not fetch package.json
350 hogan.js 3.0.2 fat sayrer
  • Missing license property
377 gulp-notify 2.2.0 mikaelb
  • Missing license property
378 markdown 0.5.0 ashb dom
  • Missing license property
380 numeral 1.5.3 adamwdraper
  • Missing license property
385 @angular/http
  • Could not fetch package.json
387 webpack-dev-middleware 1.6.1 jhnns peerigon sokra
  • Missing license property
400 iniparser 1.0.5 shockie
  • Missing license property
403 less-loader 2.2.3 sokra jhnns
  • Missing license property
405 connect-flash 0.1.1 jaredhanson
  • Missing license property
413 react-tap-event-plugin 1.0.0 s0meone
  • Missing license property
421 tv4 1.2.7 geraintluff bartvds
  • Missing license property
429 amqp 0.2.6 ry postwait
  • Missing license property
434 bcrypt-nodejs 0.0.3 shanegirish
  • Missing license property
454 passport-strategy 1.0.0 jaredhanson
  • Missing license property
463 newrelic 1.29.0 lykkin martinkuba n.wolfe newrelic tkrajcar
  • Missing license property
478 utils-merge 1.0.0 jaredhanson
  • Missing license property
483 global 4.3.0 raynos mattesch jerrysievert
  • Missing license property
484 @angular/router
  • Could not fetch package.json
485 stack-trace 0.0.9 felixge tim-smart sebastianhoitz
  • Missing license property
500 @types/jquery
  • Could not fetch package.json
508 slush 1.1.1 joakimbeng
  • Missing license property
517 leaflet 0.7.7 mourner
  • Missing license property
529 node-schedule 1.1.1 mattpat tejasmanohar sgimeno jonhester
  • Missing license property
531 batch 0.5.3 tjholowaychuk
  • Missing license property
543 log 1.4.0 tjholowaychuk
  • Missing license property
545 nodeunit 0.9.1 caolan mreinstein
  • Missing license property
546 vow 0.4.12 dfilatov
  • Missing license property
552 validate.io-function 1.0.2 kgryte
  • Missing license property
553 valid-url 1.0.9 odysseas sagens
  • Missing license property
558 keymirror 0.1.1 strml
  • Missing license property
561 btoa 1.1.2 coolaj86 "Apache2"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "Apache-2.0"
562 hat 0.0.3 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
568 raw-loader 0.5.1 sokra
  • Missing license property
578 hoist-non-react-statics 1.2.0 mridgway
  • Missing license property
580 callsite 1.0.0 tjholowaychuk
  • Missing license property
598 fs.extra 1.3.2 coolaj86
  • Missing license property
611 xpath 0.0.23 goto100 jlrishe "Creative Commons"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
619 imagemagick 0.1.3 rsms
  • Missing license property
620 argv 0.0.2 codenothing
  • Missing license property
623 busboy 0.2.13 mscdex
  • Missing license property
628 duplexer 0.1.1 raynos dominictarr
  • Missing license property
635 rework 1.0.1 tjholowaychuk jonathanong jongleberry conradz necolas anthonyshort ianstormtaylor moox clintwood lydell slexaxton
  • Missing license property
636 htmlparser 1.7.7 tautologistics
  • Missing license property
643 rethinkdb 2.3.2 rethinkdb
  • Missing license property
655 html-loader 0.4.3 peerigon sokra
  • Missing license property
658 copy-paste 1.3.0 xavi
  • Missing license property
679 jasmine-node 1.14.5 mhevery tebriel
  • Missing license property
683 win-spawn 2.0.0 forbeslindesay "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
706 portscanner 1.0.0 baalexander smassa
  • Missing license property
707 expect.js 0.3.1 rauchg
  • Missing license property
712 browser-request 0.3.3 jhs maxogden
  • Missing license property
714 mandrill-api 1.0.45 mailchimp
  • Missing license property
715 prelude-ls 1.1.2 gkz
  • Missing license property
717 eyes 0.1.8 cloudhead indexzero
  • Missing license property
724 @ryancavanaugh/node
  • Could not fetch package.json
729 passport-http-bearer 1.0.1 jaredhanson
  • Missing license property
736 @angular/forms
  • Could not fetch package.json
737 @domoinc/base-widget
  • Could not fetch package.json
739 useragent 2.1.9 v1 3rdeden {"type":"MIT","url":"https://github.com/3rd-Eden/useragent/blob/master/LICENSE"}
  • Invalid license property
745 entities 1.1.1 feedic "BSD-like"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
756 babel-plugin-transform-regenerator 6.11.4 amasad hzoo jmm loganfsmyth sebmck thejameskyle "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
757 node-fs 0.1.7 bpedro
  • Missing license property
759 domready 1.0.8 ded fat
  • Missing license property
765 colorful 2.1.0 lepture
  • Missing license property
774 @domoinc/da-theme2
  • Could not fetch package.json
779 co-request 1.0.0 leukhin
  • Missing license property
793 @segment/analytics.js-integration
  • Could not fetch package.json
798 @linclark/pkg
  • Could not fetch package.json
814 @angular/router-deprecated
  • Could not fetch package.json
819 @angular/upgrade
  • Could not fetch package.json
822 dnode 1.2.2 substack seethroughtrees
  • Missing license property
828 uid2 0.0.3 coreh
  • Missing license property
831 validate.io-boolean-primitive 1.0.0 kgryte
  • Missing license property
840 passport-http 0.3.0 jaredhanson
  • Missing license property
862 express-jwt 3.4.0 woloski jfromaniello pose dschenkelman jaredhanson
  • Missing license property
877 pg-hstore 2.3.2 scarney
  • Missing license property
889 gulp-cached 1.1.0 fractal
  • Missing license property
893 ua-parser-js 0.7.10 faisalman
  • Missing license property
899 node-getopt 0.2.3 jiangmiao
  • Missing license property
901 winston-loggly 1.3.1 indexzero chjj jcrugzz
  • Missing license property
903 observ 0.2.0 raynos
  • Missing license property
905 charm 1.0.1 noffle substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
910 exports-loader 0.6.3 peerigon sokra
  • Missing license property
922 eco 1.1.0-rc-3 sstephenson
  • Missing license property
932 ap 0.2.0 substack "MIT/X11"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "MIT"
935 i 0.3.5 pksunkara
  • Missing license property
943 trim 0.0.1 tjholowaychuk
  • Missing license property
945 @polymer/polymer
  • Could not fetch package.json
947 findup 0.1.5 Filirom1 filirom1
  • Missing license property
970 readline 1.3.0 craigbrookes "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
972 temporary 0.0.8 vesln
  • Missing license property
973 required-keys 1.0.5 clewfirst "BSD"
  • license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
  • license is similar to the valid expression "BSD-2-Clause"
983 parent-require 1.0.0 jaredhanson
  • Missing license property
985 bitcoinjs-lib 2.2.0 bitcoinjs justmoon kyledrake dcousens
  • Missing license property
999 daemon 1.1.0 indexzero avianflu shtylman
  • Missing license property
Fork me on GitHub