spdx-expression-validate

validate SPDX license expressions

Usage no npm install needed!

<script type="module">
  import spdxExpressionValidate from 'https://cdn.skypack.dev/spdx-expression-validate';
</script>

README

var assert = require('assert')
var valid = require('spdx-expression-validate')

Simple License Expressions

assert(!valid('Invalid-Identifier'))
assert(valid('GPL-2.0'))
assert(valid('GPL-2.0+'))
assert(valid('LicenseRef-23'))
assert(valid('LicenseRef-MIT-Style-1'))
assert(valid('DocumentRef-spdx-tool-1.2:LicenseRef-MIT-Style-2'))

Composite License Expressions

Disjunctive OR Operator

assert(valid('(LGPL-2.1 OR MIT)'))
assert(valid('(LGPL-2.1 OR MIT OR BSD-3-Clause)'))

Conjunctive AND Operator

assert(valid('(LGPL-2.1 AND MIT)'))
assert(valid('(LGPL-2.1 AND MIT AND BSD-2-Clause)'))

Exception WITH Operator

assert(valid('(GPL-2.0+ WITH Bison-exception-2.2)'))

Strict Whitespace Rules

assert(!valid('MIT '))
assert(!valid(' MIT'))
assert(!valid('MIT  AND  BSD-3-Clause'))

The Software Package Data Exchange (SPDX) specification is the work of the Linux Foundation and its contributors, and is licensed under the terms of the Creative Commons Attribution License 3.0 Unported (SPDX: "CC-BY-3.0"). "SPDX" is a United States federally registered trademark of the Linux Foundation.