Scans node modules for contraband licenses
Ok now that's not entirely true. What it really does is that it compares the licenses of your dependencies against your own and redflags all licenses that differs. It also gives you a nice html output that you can use to manually see which dependencies your module has and also which licenses that are smuggled in there, which is quite handy in many cases.
$ npm install --global contrabando
Navigate to your modules entry directory (location of package.json
) and run
$ contrabando
Note that it's only the dependencies
entries that are scanned, not peer/dev/optional/bundled dependencies.
> Scanning module 'contrabando'...
┌─────────────┬────────────────────────┬─────────┐
│ Module │ User(s) │ License │
├─────────────┼────────────────────────┼─────────┤
│ cli-table │ contrabando │ Unknown │
├─────────────┼────────────────────────┼─────────┤
│ colors │ cli-table, contrabando │ MIT │
├─────────────┼────────────────────────┼─────────┤
│ jsonfile │ contrabando │ MIT │
├─────────────┼────────────────────────┼─────────┤
│ graceful-fs │ jsonfile │ ISC │
├─────────────┼────────────────────────┼─────────┤
│ mustache │ contrabando │ MIT │
└─────────────┴────────────────────────┴─────────┘
Done! Output saved as .\licenses.html
MIT