1 | # rollup-plugin-license
|
2 |
|
3 | [![Greenkeeper badge](https://badges.greenkeeper.io/mjeanroy/rollup-plugin-license.svg)](https://greenkeeper.io/)
|
4 | [![Build Status](https://travis-ci.org/mjeanroy/rollup-plugin-license.svg?branch=master)](https://travis-ci.org/mjeanroy/rollup-plugin-license)
|
5 | [![Npm version](https://badge.fury.io/js/rollup-plugin-license.svg)](https://badge.fury.io/js/rollup-plugin-license)
|
6 |
|
7 | Rollup plugin that can be used to:
|
8 | - Prepend a banner from a file.
|
9 | - Create a file containing all third-parties used in the bundle (and display the license of each dependency).
|
10 |
|
11 | ## How to use
|
12 |
|
13 | Install the plugin with NPM:
|
14 |
|
15 | ```npm install --save-dev rollup-plugin-license```
|
16 |
|
17 | Then add it to your rollup configuration:
|
18 |
|
19 | ```javascript
|
20 | const path = require('path');
|
21 | const license = require('rollup-plugin-license');
|
22 |
|
23 | module.exports = {
|
24 | plugins: [
|
25 | license({
|
26 | sourcemap: true,
|
27 | cwd: process.cwd(), // The default
|
28 |
|
29 | banner: {
|
30 | commentStyle: 'regular', // The default
|
31 |
|
32 | content: {
|
33 | file: path.join(__dirname, 'LICENSE'),
|
34 | encoding: 'utf-8', // Default is utf-8
|
35 | },
|
36 |
|
37 | // Optional, may be an object or a function returning an object.
|
38 | data() {
|
39 | return {
|
40 | foo: 'foo',
|
41 | };
|
42 | },
|
43 | },
|
44 |
|
45 | thirdParty: {
|
46 | includePrivate: true, // Default is false.
|
47 | multipleVersions: true, // Default is false.
|
48 | output: {
|
49 | file: path.join(__dirname, 'dist', 'dependencies.txt'),
|
50 | encoding: 'utf-8', // Default is utf-8.
|
51 | },
|
52 | },
|
53 | }),
|
54 | ],
|
55 | }
|
56 | ```
|
57 |
|
58 | ## Banner
|
59 |
|
60 | ### Banner file
|
61 |
|
62 | The banner file can be a text file and it will be converted to a block comment automatically if needed.
|
63 |
|
64 | Note that the content will be translated to a lodash template with the following data model:
|
65 | - `pkg`: The content of the project `package.json`.
|
66 | - `dependencies`: An array of all the dependencies included in the bundle.
|
67 | - `moment`: The `moment` object.
|
68 | - `_`: The lodash object.
|
69 | - `data` A custom data object, defined in banner options.
|
70 |
|
71 | Here is a valid banner:
|
72 |
|
73 | ```text
|
74 | Bundle of <%= pkg.name %>
|
75 | Generated: <%= moment().format('YYYY-MM-DD') %>
|
76 | Version: <%= pkg.version %>
|
77 | Dependencies:
|
78 | <% _.forEach(dependencies, function (dependency) { %>
|
79 | <%= dependency.name %> -- <%= dependency.version %>
|
80 | <% }) %>
|
81 | ```
|
82 |
|
83 | ### Comment style
|
84 |
|
85 | Since version 0.10.0, it is possible to customize banner style using the `commentStyle` option:
|
86 |
|
87 | ```javascript
|
88 | license({
|
89 | banner: {
|
90 | commentStyle: 'regular', // The default
|
91 | content: {
|
92 | file: path.join(__dirname, 'LICENSE'),
|
93 | },
|
94 | },
|
95 | })
|
96 | ```
|
97 |
|
98 | Following options are available:
|
99 |
|
100 | - `regular`: "classic" comment block is used (this is the default), for example:
|
101 |
|
102 | ```javascript
|
103 | /**
|
104 | * This is the `regular` style.
|
105 | */
|
106 | ```
|
107 |
|
108 | - `ignored`: a comment block with prefix ignored by minifiers, for example:
|
109 |
|
110 | ```javascript
|
111 | /*!
|
112 | * This is the `ignored` style.
|
113 | */
|
114 | ```
|
115 |
|
116 | - `slash`: banner is prepended using "slash" comments, for example:
|
117 |
|
118 | ```javascript
|
119 | //
|
120 | // This is the `slash` style.
|
121 | //
|
122 | ```
|
123 |
|
124 | - `none`: nothing done, be careful to prepenbd a banner already "commented".
|
125 |
|
126 | ### Banner as a "simple" string
|
127 |
|
128 | Since version 0.3.0, `banner` can be a simple string that will be used directly:
|
129 |
|
130 | ```javascript
|
131 | const license = require('rollup-plugin-license');
|
132 |
|
133 | module.exports = {
|
134 | plugins: [
|
135 | license({
|
136 | banner: `Copyright <%= moment().format('YYYY') %>`,
|
137 | }),
|
138 | ],
|
139 | }
|
140 | ```
|
141 |
|
142 | If you want to add some options to banner (such as the comment style to use), and still define it as a `string` (insead of pointing to a file), you can also define the banner like this (since version `0.11.0`):
|
143 |
|
144 | ```javascript
|
145 | const license = require('rollup-plugin-license');
|
146 |
|
147 | module.exports = {
|
148 | plugins: [
|
149 | license({
|
150 | banner: {
|
151 | content: `Copyright <%= moment().format('YYYY') %>`,
|
152 | commentStyle: 'ignored',
|
153 | },
|
154 | }),
|
155 | ],
|
156 | }
|
157 | ```
|
158 |
|
159 | ### Deprecated format
|
160 |
|
161 | Until version 0.10.0, banner file was defined as:
|
162 |
|
163 |
|
164 | ```javascript
|
165 | const path = require('path');
|
166 | const license = require('rollup-plugin-license');
|
167 |
|
168 | module.exports = {
|
169 | plugins: [
|
170 | license({
|
171 | banner: {
|
172 | file: path.join(__dirname, 'LICENSE'),
|
173 | encoding: 'utf-8',
|
174 | },
|
175 | }),
|
176 | ],
|
177 | };
|
178 | ```
|
179 |
|
180 | This format has been deprecated with version 0.11.0 and removed with version 1.0.O, and the banner file should be defined inside `banner.content` entry:
|
181 |
|
182 | ```javascript
|
183 | const path = require('path');
|
184 | const license = require('rollup-plugin-license');
|
185 |
|
186 | module.exports = {
|
187 | plugins: [
|
188 | license({
|
189 | banner: {
|
190 | content: {
|
191 | file: path.join(__dirname, 'LICENSE'),
|
192 | encoding: 'utf-8',
|
193 | },
|
194 | },
|
195 | }),
|
196 | ],
|
197 | };
|
198 | ```
|
199 |
|
200 | ## Dependencies output
|
201 |
|
202 | A file containing a summary of all dependencies can be generated automatically using the following options:
|
203 |
|
204 | ```javascript
|
205 | license({
|
206 | thirdParty: {
|
207 | output: path.join(__dirname, 'dist', 'dependencies.txt'),
|
208 | includePrivate: true, // Default is false.
|
209 | },
|
210 | })
|
211 | ```
|
212 |
|
213 | Starting with version `0.12.0`, you can have more control by defining `output` as an object, for example:
|
214 |
|
215 | ```javascript
|
216 | license({
|
217 | thirdParty: {
|
218 | includePrivate: false,
|
219 | output: {
|
220 | file: path.join(__dirname, 'dist', 'dependencies.txt'), // Path of the license report
|
221 | encoding: 'utf-8', // default is UTF-8
|
222 |
|
223 | // Template function that can be defined to customize report output
|
224 | template(dependencies) {
|
225 | return dependencies.map((dependency) => `${dependency.name}:${dependency.version} -- ${dependency.license}`).join('\n');
|
226 | },
|
227 | },
|
228 | },
|
229 | })
|
230 | ```
|
231 |
|
232 | Note that the template option can also be a lodash template:
|
233 |
|
234 | ```javascript
|
235 | license({
|
236 | thirdParty: {
|
237 | includePrivate: false,
|
238 | output: {
|
239 | file: path.join(__dirname, 'dist', 'dependencies.txt'),
|
240 |
|
241 | // Lodash template that can be defined to customize report output
|
242 | template: `
|
243 | <% _.forEach(dependencies, function (dependency) { %>
|
244 | <%= dependency.name %>:<%= dependency.version%> -- <%= dependency.license %>
|
245 | <% }) %>
|
246 | `,
|
247 | },
|
248 | },
|
249 | })
|
250 | ```
|
251 |
|
252 | For example, it can be relatively easy to produce a JSON output instead of a text file:
|
253 |
|
254 | ```javascript
|
255 | license({
|
256 | thirdParty: {
|
257 | includePrivate: false,
|
258 | output: {
|
259 | file: path.join(__dirname, 'dist', 'dependencies.json'),
|
260 | template(dependencies) {
|
261 | return JSON.stringify(dependencies);
|
262 | }
|
263 | },
|
264 | },
|
265 | })
|
266 | ```
|
267 |
|
268 | ## License Checks
|
269 |
|
270 | Starting with version 0.13, it is possible to ensure that dependencies does not violate any license restriction.
|
271 | For example, suppose you want to limit dependencies with MIT or Apache-2.0 licenses, simply define the restriction such as:
|
272 |
|
273 | ```javascript
|
274 | license({
|
275 | thirdParty: {
|
276 | allow: '(MIT OR Apache-2.0)',
|
277 | },
|
278 | })
|
279 | ```
|
280 |
|
281 | Note that the `allow` value here should be a valid SPDX pattern (more information [here](https://www.npmjs.com/package/spdx-expression-validate)).
|
282 |
|
283 | The `allow` option here will print a warning to the console for all license violation. Note that, if you want more control, it can also be defined as function:
|
284 |
|
285 | ```javascript
|
286 | license({
|
287 | thirdParty: {
|
288 | allow(dependency) {
|
289 | return dependency.license === 'MIT';
|
290 | },
|
291 | },
|
292 | })
|
293 | ```
|
294 |
|
295 | The function defined here allow only MIT licenses, and will print a warning for anything else.
|
296 |
|
297 | Finally, if emitting a warning is not enought for you, you can also choose to fail the build:
|
298 |
|
299 | ```javascript
|
300 | license({
|
301 | thirdParty: {
|
302 | allow: {
|
303 | test: 'MIT', // Or a function that should returns `true` or `false`
|
304 | failOnUnlicensed: true, // Fail if a dependency does not specify any licenses, default is `false`
|
305 | failOnViolation: true, // Fail if a dependency specify a license that does not match given requirement, default is `false`
|
306 | },
|
307 | },
|
308 | })
|
309 | ```
|
310 |
|
311 | Starting with version `3.1.0`, you can also use the `multipleVersions` option to track dependencies in different version as a different dependency.
|
312 | It can be particularly useful in case a dependency changed its license between two versions.
|
313 |
|
314 | Note that this option is `false` by default (mainly to keep backward compatibility).
|
315 |
|
316 | ```javascript
|
317 | license({
|
318 | thirdParty: {
|
319 | includePrivate: false,
|
320 | multipleVersions: true,
|
321 | output: {
|
322 | file: path.join(__dirname, 'dist', 'dependencies.txt'), // Path of the license report
|
323 | encoding: 'utf-8', // default is UTF-8
|
324 | template(dependencies) {
|
325 | return dependencies.map((dependency) => `${dependency.name}:${dependency.version} -- ${dependency.license}`).join('\n');
|
326 | },
|
327 | },
|
328 | },
|
329 | })
|
330 | ```
|
331 |
|
332 | ## Changelogs
|
333 |
|
334 | - 3.1.0
|
335 | - Add `thirdParty.multipleVersions` option ([#1528](https://github.com/mjeanroy/rollup-plugin-license/pull/1528))
|
336 | - 3.0.0
|
337 | - Support rollup^3.0.0
|
338 | - 2.8.0
|
339 | - Relax production dependency versions ([#1128]()https://github.com/mjeanroy/rollup-plugin-license/issues/1128)
|
340 | - Update dependencies
|
341 | - 2.7.0
|
342 | - Update dependencies ([#1077](https://github.com/mjeanroy/rollup-plugin-license/issues/1077))
|
343 | - 2.6.0
|
344 | - Improve case insensitive search ([PR](https://github.com/mjeanroy/rollup-plugin-license/pull/931)), thanks [@codepunkt](https://github.com/codepunkt)!
|
345 | - Search for `LICENCE` or `LICENSE` files ([PR](https://github.com/mjeanroy/rollup-plugin-license/pull/931)), thanks [@codepunkt](https://github.com/codepunkt)!
|
346 | - 2.5.0
|
347 | - Look for dependencies' license files case insensitively, thanks [@Luke-zhang-04](https://github.com/Luke-zhang-04)!
|
348 | - 2.4.0
|
349 | - Typings added
|
350 | - Update dependencies
|
351 | - 2.0.0
|
352 | - Support node >= 10
|
353 | - Update dependencies
|
354 | - 1.0.0
|
355 | - Remove support for rollup < 1.0.0
|
356 | - Remove support for deprecated options.
|
357 | - Support node >= 6
|
358 | - 0.14.0
|
359 | - Update rollup peer dependency
|
360 | - Produce a single file as dist output
|
361 | - Update dependencies
|
362 | - 0.13.0
|
363 | - Add license checking (see [#381](https://github.com/mjeanroy/rollup-plugin-license/issues/381)).
|
364 | - 0.12.1
|
365 | - Restore compatibility with Node6
|
366 | - 0.12.0
|
367 | - Improve `output` configuration (see [#379](https://github.com/mjeanroy/rollup-plugin-license/issues/379)).
|
368 | - Improve option object validation and warning.
|
369 | - Deprecate `thirdParty.encoding` option.
|
370 | - Dev dependencies updates.
|
371 | - 0.11.0
|
372 | - Fail if the banner file does not exist (breaking change).
|
373 | - Deprecate `banner.file` / `banner.encoding` entries, use `banner.content.file` / `banner.content.encoding` instead (see [#428](https://github.com/mjeanroy/rollup-plugin-license/issues/428)).
|
374 | - Allow comment style to be defined with a "string" banner (see [#308](https://github.com/mjeanroy/rollup-plugin-license/issues/308) and [#428](https://github.com/mjeanroy/rollup-plugin-license/issues/428)).
|
375 | - Dev dependencies updates.
|
376 | - 0.10.0
|
377 | - Support different comment style for banner (see [#308](https://github.com/mjeanroy/rollup-plugin-license/issues/308)).
|
378 | - Do not include tree shaken dependencies (see [#380](https://github.com/mjeanroy/rollup-plugin-license/issues/380))
|
379 | - Various dependency updates.
|
380 | - 0.9.0
|
381 | - Fix for `NULL` character (see [#1](https://github.com/mjeanroy/rollup-plugin-license/issues/1)).
|
382 | - Various dependency updates.
|
383 | - 0.8.1
|
384 | - Add rollup as a peer dependency.
|
385 | - 0.8.0
|
386 | - Deprecate `sourceMap` option (use `sourcemap` option in lowercase) to keep it consistent with rollup.
|
387 | - Fix deprecate call with rollup >= 1, keep compatibility with legacy versions of rollup.
|
388 | - Upgrade dependencies.
|
389 | - 0.7.0
|
390 | - Add a way to specify custom data object when rendering banner.
|
391 | - Add `cwd` option to specify custom working directory (optional option).
|
392 | - Upgrade dependencies.
|
393 | - 0.6.0
|
394 | - Upgrade `commenting` dependency.
|
395 | - 0.5.0
|
396 | - Feat: Sourcemap is now enable by default to ensure compatibility with other rollup plugins.
|
397 | - Fix: Add compatibility with rollup >= 0.48.0 (the new `sourcemap` option).
|
398 | - Fix: Ensure plugin `sourcemp` is used instead of the "global" one in rollup options.
|
399 | - Chore: dependency updates.
|
400 | - 0.4.0
|
401 | - Dependency update (`moment`).
|
402 | - Dependency update (`magic-string`).
|
403 | - 0.3.0
|
404 | - Add encoding option for banner and third-party output file.
|
405 | - Banner can be a simple string.
|
406 |
|
407 | ## License
|
408 |
|
409 | MIT License (MIT)
|
410 |
|
411 | ## Contributing
|
412 |
|
413 | If you find a bug or think about enhancement, feel free to contribute and submit an issue or a pull request.
|