许可证
管理工作区中的许可证:为您自己的代码同步 LICENSE 文件和源代码头部(license.source),并检查每个依赖项是否符合许可证允许列表(license.dependencies)。
- 安装 Nx Console VSCode Plugin 如果您尚未安装
- 在VSCode中打开Nx控制台
- 点击
Generate (UI)在"Common Nx Commands"部分 - 搜索
@aws/nx-plugin - license - 填写必需参数
- 点击
Generate
pnpm nx g @aws/nx-plugin:licenseyarn nx g @aws/nx-plugin:licensenpx nx g @aws/nx-plugin:licensebunx nx g @aws/nx-plugin:license| 参数 | 类型 | 默认值 | 描述 |
|---|---|---|---|
| license | Apache-2.0 | MIT | ASL | Apache-2.0 | 您选择的许可证的 SPDX 许可证标识符 |
| copyrightHolder | string | Amazon.com, Inc. or its affiliates | 版权持有人,默认包含在 LICENSE 文件和源文件头部中。 |
| dependencyCheck | boolean | true | 配置一个 license-check 目标,当依赖项声明的许可证不在配置的允许列表中时失败。 |
| preferInstallDependencies | boolean | true | 是否在生成器运行后优先安装依赖项。设置为 false 可在批量运行多个生成器时延迟安装(如果后续生成器需要计算 Nx 项目图,仍会运行安装);在最后统一安装一次。 |
生成器将创建或更新以下文件:
- nx.json 配置了运行许可证同步生成器的 lint 目标,并依赖于 license-check 目标
- aws-nx-plugin.config.mts 许可证源代码同步(
license.source)和依赖项检查(license.dependencies)的配置
许可证头部与文件
Section titled “许可证头部与文件”生成器注册了一个同步生成器,作为 lint 目标的一部分执行,确保您的源文件包含正确的许可证头部,项目包含 LICENSE 文件,且在 package.json 和 pyproject.toml 中设置了许可元数据。
每当构建项目时(lint 目标运行),许可证同步生成器会确保项目中的许可信息与配置匹配。若检测到不一致,您将收到如下消息:
NX 工作区不同步
[@aws/nx-plugin:license#sync]: 项目 LICENSE 文件不同步:- LICENSE- packages/<my-project>LICENSE
项目 package.json 文件不同步:- package.json
项目 pyproject.toml 文件不同步:- pyproject.toml- packages/<my-python-project>/pyproject.toml
以下源文件中的许可证头部不同步:- packages/<my-project>/src/index.ts- packages/<my-python-project>/main.py
这将在 CI 中导致错误。
? 是否要同步已识别的变更以使工作区保持最新?是,同步变更并运行任务否,不同步变更直接运行任务选择 是 以同步变更。
许可证同步生成器执行三项主要任务:
1. 同步源文件许可证头部
Section titled “1. 同步源文件许可证头部”同步生成器运行时,将确保工作区中所有源代码文件(基于配置)包含适当的许可证头部。头部以文件的第一个块注释或连续行注释形式写入(文件中的 shebang/hashbang 除外)。
2. 同步 LICENSE 文件
Section titled “2. 同步 LICENSE 文件”同步生成器运行时,将确保根 LICENSE 文件与配置的许可证一致,并确保所有子项目也包含正确的 LICENSE 文件。
3. 同步项目文件中的许可信息
Section titled “3. 同步项目文件中的许可信息”同步生成器运行时,将确保 package.json 和 pyproject.toml 文件中的 license 字段设置为配置的许可证。
头部与文件配置
Section titled “头部与文件配置”配置定义在工作区根目录的 aws-nx-plugin.config.mts 文件中。
SPDX 与版权持有者
Section titled “SPDX 与版权持有者”可通过 spdx 配置属性随时更新所选许可证:
export default { license: { source: { spdx: 'MIT', }, },} satisfies AwsNxPluginConfig;同步生成器运行时,所有 LICENSE 文件、package.json 和 pyproject.toml 文件将更新以反映配置的许可证。
可额外配置版权持有者和年份(部分 LICENSE 文件包含):
export default { license: { source: { spdx: 'MIT', copyrightHolder: 'Amazon.com, Inc. or its affiliates', copyrightYear: 2025, }, },} satisfies AwsNxPluginConfig;许可证头部内容
Section titled “许可证头部内容”许可证头部内容可通过两种方式配置:
- 内联内容:
export default { license: { source: { header: { content: { lines: [ 'Copyright: My Company, Incorporated.', 'Licensed under the MIT License', 'All rights reserved', ]; } // ... 格式配置 } } }} satisfies AwsNxPluginConfig;- 从文件加载:
export default { license: { source: { header: { content: { filePath: 'license-header.txt'; // 相对于工作区根目录 } // ... 格式配置 } } }} satisfies AwsNxPluginConfig;可通过 glob 模式为不同文件类型指定许可证头部格式。格式配置支持行注释、块注释或两者结合:
export default { license: { source: { header: { content: { lines: ['Copyright notice here'], }, format: { // 行注释 '**/*.ts': { lineStart: '// ', }, // 块注释 '**/*.css': { blockStart: '/*', blockEnd: '*/', }, // 带行前缀的块注释 '**/*.java': { blockStart: '/*', lineStart: ' * ', blockEnd: ' */', }, // 带头部/尾部的行注释 '**/*.py': { blockStart: '# ------------', lineStart: '# ', blockEnd: '# ------------', }, }, }, }, },} satisfies AwsNxPluginConfig;格式配置支持:
blockStart: 许可证内容前的文本(如开启块注释)lineStart: 每行许可证内容前的文本lineEnd: 每行许可证内容后的文本blockEnd: 许可证内容后的文本(如结束块注释)
自定义注释语法
Section titled “自定义注释语法”对于原生不支持的文件类型,可指定自定义注释语法以帮助同步生成器识别现有许可证头部:
export default { license: { source: { header: { content: { lines: ['My license header'], }, format: { '**/*.xyz': { lineStart: '## ', }, }, commentSyntax: { xyz: { line: '##', // 定义行注释语法 }, abc: { block: { // 定义块注释语法 start: '<!--', end: '-->', }, }, }, }, }, },} satisfies AwsNxPluginConfig;从头部同步中排除文件
Section titled “从头部同步中排除文件”默认在 git 仓库中,所有 .gitignore 文件会被遵循以确保仅同步版本控制管理的文件。非 git 仓库中,所有文件均被考虑,除非在配置中显式排除。
可通过 glob 模式排除文件:
export default { license: { source: { header: { content: { lines: ['My license header'], }, format: { '**/*.ts': { lineStart: '// ', }, }, exclude: ['**/generated/**', '**/dist/**', 'some-specific-file.ts'], }, }, },} satisfies AwsNxPluginConfig;从文件同步中排除项目
Section titled “从文件同步中排除项目”默认同步所有 LICENSE、package.json 和 pyproject.toml 文件。
可通过 glob 模式排除特定项目或文件:
export default { license: { source: { files: { exclude: [ // 不同步 LICENSE、package.json 或 pyproject.toml 'packages/excluded-project', // 不同步 LICENSE,但同步 package.json 和/或 pyproject.toml 'apps/internal/LICENSE', ]; } } }} satisfies AwsNxPluginConfig;禁用许可证同步
Section titled “禁用许可证同步”许可证源代码同步通过配置中存在 license.source 键来启用。要禁用它:
- 从
aws-nx-plugin.config.mts配置中移除license.source部分(如果仍需依赖项许可证检查,可保留license.dependencies) - 如果还想完全移除同步生成器,请从
targetDefaults.lint.syncGenerators中移除@aws/nx-plugin:license#sync生成器
重新启用时,只需再次运行 license 生成器。
依赖项许可证检查
Section titled “依赖项许可证检查”license 生成器还配置了一个 license-check 目标,当项目的某个依赖项(或任何传递依赖项)声明的许可证不在允许列表中时,该目标会失败。
生成器会在根 project.json 中写入 license-check 目标:
{ "targets": { "license-check": { "executor": "@aws/nx-plugin:license-check", "cache": true, "inputs": [ "{workspaceRoot}/pnpm-lock.yaml", "{workspaceRoot}/aws-nx-plugin.config.mts" ], "options": {} } }}inputs 是为您的工作区计算的:仅包含实际存在的锁文件以及 aws-nx-plugin.config.mts,当启用 Python 依赖项检查时(即配置了 Python 收集器),还会包含 {workspaceRoot}/**/uv.lock glob。
您可以直接运行检查:
pnpm nx license-checkyarn nx license-checknpx nx license-checkbunx nx license-check结果会根据您的锁文件和 aws-nx-plugin.config.mts 进行缓存 — 当没有任何变化时,重新运行是即时的。
收集器决定扫描的内容。npmCollector 使用 license-checker-rseidelsohn,pythonCollector 使用 pip-licenses。如果未找到已安装的依赖项,检查将通过且无需检查任何内容。
作为 lint/build 的一部分运行
Section titled “作为 lint/build 的一部分运行”依赖项许可证检查会在您对工作区中的任何项目执行 lint 或 build 时自动运行。license 生成器会将每个项目的 lint 目标连接到根 license-check 目标,项目生成器(ts#* 和 py#*)在运行时也会执行相同操作 — 因此无论生成器的运行顺序如何,检查都会被连接。
这意味着您无需显式运行检查,尽管您仍然可以使用 license-check 目标来执行:
pnpm nx license-checkyarn nx license-checknpx nx license-checkbunx nx license-check连接方式是在每个项目的 lint 目标上设置跨项目 dependsOn,指向根 license-check 目标。要在 lint 或 build 期间跳过检查,请设置 LICENSE_DEPENDENCY_CHECK=skip 环境变量:
pnpm LICENSE_DEPENDENCY_CHECK=skip lintyarn LICENSE_DEPENDENCY_CHECK=skip lintnpm run LICENSE_DEPENDENCY_CHECK=skip lintbun LICENSE_DEPENDENCY_CHECK=skip lint默认情况下,检查使用内置的常见宽松许可证集(MIT、Apache-2.0、BSD、ISC 等),导出为 DEFAULT_LICENSE_ALLOWLIST。您可以在配置中扩展或覆盖它:
import { AwsNxPluginConfig } from '@aws/nx-plugin';import { DEFAULT_LICENSE_ALLOWLIST } from '@aws/nx-plugin/sdk/license';
export default { license: { // ... dependencies: { allow: [...DEFAULT_LICENSE_ALLOWLIST, { spdxId: 'LGPL-2.1-or-later', fullName: 'GNU Lesser General Public License v2.1 or later', aliases: [] }], exceptions: [ { package: 'some-package', reason: 'Audited manually — ships MIT text without SPDX field' }, ], }, },} satisfies AwsNxPluginConfig;Default License Allowlist
| SPDX ID | Full Name |
|---|---|
0BSD | BSD Zero Clause License |
AFL-2.1 | Academic Free License v2.1 |
AFL-3.0 | Academic Free License v3.0 |
AMD-newlib | AMD newlib License |
AML | Apple MIT License |
AML-glslang | AML glslang variant License |
ANTLR-PD | ANTLR Software Rights Notice |
ANTLR-PD-fallback | ANTLR Software Rights Notice with license fallback |
APAFML | Adobe Postscript AFM License |
AdaCore-doc | AdaCore Doc License |
Adobe-Display-PostScript | Adobe Display PostScript License |
Adobe-Glyph | Adobe Glyph List License |
Adobe-Utopia | Adobe Utopia Font License |
Apache-1.1 | Apache License 1.1 |
Apache-2.0 | Apache License 2.0 |
Apache-2.0 WITH LLVM-exception | Apache License 2.0 with LLVM Exception |
Artistic-1.0 | Artistic License 1.0 |
Artistic-1.0-Perl | Artistic License 1.0(Perl) |
Artistic-2.0 | Artistic License 2.0 |
Artistic-dist | Artistic License 1.0 (dist) |
BSD-1-Clause | BSD 1-Clause License |
BSD-2-Clause | BSD 2-clause "Simplified" License |
BSD-2-Clause-Darwin | BSD 2-Clause - Ian Darwin variant |
BSD-2-Clause-FreeBSD | BSD 2-clause FreeBSD License |
BSD-2-Clause-NetBSD | BSD 2-clause NetBSD License |
BSD-2-Clause-Views | BSD 2-Clause with views sentence |
BSD-2-Clause-first-lines | BSD 2-Clause - first lines requirement |
BSD-2-Clause-pkgconf-disclaimer | BSD 2-Clause pkgconf disclaimer variant |
BSD-3-Clause | BSD 3-clause "New" or "Revised" License |
BSD-3-Clause-Attribution | BSD with attribution |
BSD-3-Clause-HP | Hewlett-Packard BSD variant license |
BSD-3-Clause-LBNL | Lawrence Berkeley National Labs BSD variant license |
BSD-3-Clause-Modification | BSD 3-Clause Modification |
BSD-3-Clause-Open-MPI | BSD 3-Clause Open MPI variant |
BSD-3-Clause-Sun | BSD 3-Clause Sun Microsystems |
BSD-3-Clause-acpica | BSD 3-Clause acpica variant |
BSD-3-Clause-flex | BSD 3-Clause Flex variant |
BSD-4.3RENO | BSD 4.3 RENO License |
BSD-Source-Code | BSD Source Code Attribution |
BSD-Source-beginning-file | BSD Source Code Attribution - beginning of file variant |
BSL-1.0 | Boost Software License 1.0 |
Baekmuk | Baekmuk License |
Beerware | Beerware License |
Bitstream-Charter | Bitstream Charter Font License |
Bitstream-Vera | Bitstream Vera Font License |
BlueOak-1.0.0 | Blue Oak Model License 1.0.0 |
Boehm-GC | Boehm-Demers-Weiser GC License |
Boehm-GC-without-fee | Boehm-Demers-Weiser GC License (without fee) |
Brian-Gladman-2-Clause | Brian Gladman 2-Clause License |
Brian-Gladman-3-Clause | Brian Gladman 3-Clause License |
CC-BY-2.0 | Creative Commons Attribution 2.0 |
CC-BY-2.5 | Creative Commons Attribution 2.5 |
CC-BY-2.5-AU | Creative Commons Attribution 2.5 Australia |
CC-BY-3.0 | Creative Commons Attribution 3.0 |
CC-BY-3.0-AU | Creative Commons Attribution 3.0 Australia |
CC-BY-3.0-IGO | Creative Commons Attribution 3.0 IGO |
CC-BY-3.0-US | Creative Commons Attribution 3.0 United States |
CC-BY-4.0 | Creative Commons Attribution 4.0 |
CC-PDDC | Creative Commons Public Domain Dedication and Certification |
CC0-1.0 | Creative Commons Zero v1.0 Universal |
CDDL-1.0 | Common Development and Distribution License 1.0 |
CDDL-1.1 | Common Development and Distribution License 1.1 |
CFITSIO | CFITSIO License |
CMU-Mach-nodoc | CMU Mach - no notices-in-documentation variant |
CNRI-Jython | CNRI Jython License |
CNRI-Python | CNRI Python License |
CPOL-1.02 | Code Project Open License 1.02 |
Clips | Clips License |
Cornell-Lossless-JPEG | Cornell Lossless JPEG License |
Cronyx | Cronyx License |
CryptoSwift | CryptoSwift License |
DEC-3-Clause | DEC 3-Clause License |
DocBook-DTD | DocBook DTD License |
DocBook-Schema | DocBook Schema License |
DocBook-Stylesheet | DocBook Stylesheet License |
DocBook-XML | DocBook XML License |
EFL-2.0 | Eiffel Forum License v2.0 |
EPL-1.0 | Eclipse Public License 1.0 |
EPL-2.0 | Eclipse Public License 2.0 |
Entessa | Entessa Public License v1.0 |
FBM | Fuzzy Bitmap License |
FSFAP | FSF All Permissive License |
FSFAP-no-warranty-disclaimer | FSF All Permissive License (without Warranty) |
FSFULLR | FSF Unlimited License (with License Retention) |
FSFULLRSD | FSF Unlimited License (with License Retention and Short Disclaimer) |
FSFULLRWD | FSF Unlimited License (With License Retention and Warranty Disclaimer) |
FTL | Freetype Project License |
Fair | Fair License |
Ferguson-Twofish | Ferguson Twofish License |
FreeBSD-DOC | FreeBSD Documentation License |
Furuseth | Furuseth License |
GD | GD License |
Graphics-Gems | Graphics Gems License |
Gutmann | Gutmann License |
HDF5 | HDF5 License |
HIDAPI | HIDAPI License |
HP-1986 | Hewlett-Packard 1986 License |
HP-1989 | Hewlett-Packard 1989 License |
HPND | Historical Permission Notice and Disclaimer |
HPND-DEC | Historical Permission Notice and Disclaimer - DEC variant |
HPND-Fenneberg-Livingston | Historical Permission Notice and Disclaimer - Fenneberg-Livingston variant |
HPND-INRIA-IMAG | Historical Permission Notice and Disclaimer - INRIA-IMAG variant |
HPND-Intel | Historical Permission Notice and Disclaimer - Intel variant |
HPND-Kevlin-Henney | Historical Permission Notice and Disclaimer - Kevlin Henney variant |
HPND-MIT-disclaimer | Historical Permission Notice and Disclaimer with MIT disclaimer |
HPND-Markus-Kuhn | Historical Permission Notice and Disclaimer - Markus Kuhn variant |
HPND-Netrek | Historical Permission Notice and Disclaimer - Netrek variant |
HPND-Pbmplus | Historical Permission Notice and Disclaimer - Pbmplus variant |
HPND-UC | Historical Permission Notice and Disclaimer - University of California variant |
HPND-doc | Historical Permission Notice and Disclaimer - documentation variant |
HPND-doc-sell | Historical Permission Notice and Disclaimer - documentation sell variant |
HPND-merchantability-variant | Historical Permission Notice and Disclaimer - merchantability variant |
HPND-sell-MIT-disclaimer-xserver | Historical Permission Notice and Disclaimer - sell xserver variant with MIT disclaimer |
HPND-sell-regexpr | Historical Permission Notice and Disclaimer - sell regexpr variant |
HPND-sell-variant | Historical Permission Notice and Disclaimer - sell variant |
HPND-sell-variant-MIT-disclaimer | HPND sell variant with MIT disclaimer |
HPND-sell-variant-MIT-disclaimer-rev | HPND sell variant with MIT disclaimer - reverse |
HTMLTIDY | HTML Tidy License |
ICU | ICU License |
IJG | Independent JPEG Group License |
IJG-short | Independent JPEG Group License - short |
ISC | ISC License |
ISC-Veillard | ISC Veillard variant |
ImageMagick | ImageMagick License |
Inner-Net-2.0 | Inner Net License v2.0 |
JPNIC | Japan Network Information Center License |
JSON | JSON License |
Jam | Jam License |
Kastrup | Kastrup License |
Knuth-CTAN | Knuth CTAN License |
LOOP | Common Lisp LOOP License |
LZMA-SDK-9.11-to-9.20 | LZMA SDK License (versions 9.11 to 9.20) |
LZMA-SDK-9.22 | LZMA SDK License (versions 9.22 and beyond) |
Leptonica | Leptonica License |
Libpng | libpng License |
LicenseRef-NoVersion-Apache | Apache Software License |
LicenseRef-NoVersion-BSD | BSD License |
LicenseRef-Proprietary-NVIDIA-CUDA-Python-2021 | NVIDIA Software License for CUDA Python (2021) |
LicenseRef-Proprietary-NVIDIA-Math-Libraries-SDK-2022 | License Agreement for NVIDIA Math Libraries SDKs (2022) |
LicenseRef-Proprietary-NVIDIA-Nsight-Systems-2024 | Software License Agreement for NVIDIA Nsight Systems (2024) |
LicenseRef-Proprietary-NVIDIA-SDK-nvTIFF-2022 | License Agreement for NVIDIA SDKs with nvTIFF Supplement (2022) |
LicenseRef-Proprietary-NVIDIA-TensorRT-2021 | Software License Agreement for NVIDIA TensorRT (2021) |
LicenseRef-Proprietary-NVIDIA-Warp | Software License Agreement for NVIDIA Warp |
LicenseRef-com.oracle-BCL | Oracle Binary Code License |
LicenseRef-scancode-amazon-sl | Amazon Software License |
LicenseRef-scancode-apple-excl | Apple Java Extensions |
LicenseRef-scancode-indiana-extreme | Indiana University Extreme! Lab Software 1.1.1 |
LicenseRef-scancode-wordnet | WordNet 3.0 license |
Linux-OpenIB | Linux Kernel Variant of OpenIB.org license |
Linux-man-pages-1-para | Linux man-pages - 1 paragraph |
MIPS | MIPS License |
MIT | MIT License |
MIT-0 | MIT No Attribution License |
MIT-CMU | CMU License |
MIT-Click | MIT Click License |
MIT-Festival | MIT Festival Variant |
MIT-Khronos-old | MIT Khronos - old variant |
MIT-Modern-Variant | MIT License Modern Variant |
MIT-Wu | MIT Tom Wu Variant |
MIT-open-group | MIT Open Group variant |
MIT-testregex | MIT testregex Variant |
MITNFA | MIT +no-false-attribs license |
MMIXware | MMIXware License |
MPL-1.1 | Mozilla Public License 1.1 |
MPL-2.0 | Mozilla Public License 2.0 |
MPL-2.0-no-copyleft-exception | Mozilla Public License 2.0 (no copyleft exception) |
MS-PL | Microsoft Public License |
Mackerras-3-Clause | Mackerras 3-Clause License |
Mackerras-3-Clause-acknowledgment | Mackerras 3-Clause - acknowledgment variant |
Martin-Birgmeier | Martin Birgmeier License |
Minpack | Minpack License |
MirOS | MirOS Licence |
MulanPSL-2.0 | Mulan Permissive Software License, Version 2 |
NCBI-PD | NCBI Public Domain Notice |
NCL | NCL Source Code License |
NCSA | University of Illinois/NCSA Open Source License |
NICTA-1.0 | NICTA Public Software License, Version 1.0 |
NIST-PD | NIST Public Domain Notice |
NIST-Software | NIST Software License |
NLPL | No Limit Public License |
NTIA-PD | NTIA Public Domain Notice |
NTP | NTP License |
NTP-0 | NTP No Attribution |
Net-SNMP | Net-SNMP License |
OAR | OAR License |
OFFIS | OFFIS License |
OFL-1.0 | SIL Open Font License 1.0 |
OFL-1.0-RFN | SIL Open Font License 1.0 with Reserved Font Name |
OFL-1.0-no-RFN | SIL Open Font License 1.0 with no Reserved Font Name |
OFL-1.1 | SIL Open Font License 1.1 |
OFL-1.1-RFN | SIL Open Font License 1.1 with Reserved Font Name |
OFL-1.1-no-RFN | SIL Open Font License 1.1 with no Reserved Font Name |
OGC-1.0 | OGC Software License, Version 1.0 |
OLDAP-2.0 | Open LDAP Public License v2.0 (or possibly 2.0A and 2.0B) |
OLDAP-2.0.1 | Open LDAP Public License v2.0.1 |
OLDAP-2.1 | Open LDAP Public License v2.1 |
OLDAP-2.2 | Open LDAP Public License v2.2 |
OLDAP-2.2.1 | Open LDAP Public License v2.2.1 |
OLDAP-2.2.2 | Open LDAP Public License 2.2.2 |
OLDAP-2.3 | Open LDAP Public License v2.3 |
OLDAP-2.4 | Open LDAP Public License v2.4 |
OLDAP-2.5 | Open LDAP Public License v2.5 |
OLDAP-2.6 | Open LDAP Public License v2.6 |
OLDAP-2.7 | Open LDAP Public License v2.7 |
OLDAP-2.8 | Open LDAP Public License v2.8 |
OpenSSL | OpenSSL License |
OpenSSL-standalone | OpenSSL License - standalone |
PADL | PADL License |
PDDL-1.0 | ODC Public Domain Dedication & License 1.0 |
PHP-3.0 | PHP License v3.0 |
PHP-3.01 | PHP LIcense v3.01 |
PSF-2.0 | Python Software Foundation License 2.0 |
Pixar | Pixar License |
PostgreSQL | PostgreSQL License |
Python-2.0 | Python License 2.0 |
Python-2.0.1 | Python License 2.0.1 |
Ruby | Ruby License |
Ruby-pty | Ruby pty extension license |
SAX-PD-2.0 | Sax Public Domain Notice 2.0 |
SGI-B-2.0 | SGI Free Software License B v2.0 |
SL | SL License |
SMLNJ | Standard ML of New Jersey License |
SMPPL | Secure Messaging Protocol Public License |
SSH-OpenSSH | SSH OpenSSH license |
SSH-short | SSH short notice |
SSLeay-standalone | SSLeay License - standalone |
Soundex | Soundex License |
Spencer-86 | Spencer License 86 |
Spencer-94 | Spencer License 94 |
Spencer-99 | Spencer License 99 |
StandardML-NJ | Standard ML of New Jersey License |
Sun-PPP | Sun PPP License |
Sun-PPP-2000 | Sun PPP License (2000) |
SunPro | SunPro License |
Symlinks | Symlinks License |
TCL | Tcl/Tk |
TCP-wrappers | TCP Wrappers License |
TPDL | Time::ParseDate License |
TPL-1.0 | THOR Public License 1.0 |
TTWL | Text-Tabs+Wrap License |
TTYP0 | TTYP0 License |
TU-Berlin-1.0 | Technische Universitaet Berlin License 1.0 |
TU-Berlin-2.0 | Technische Universitaet Berlin License 2.0 |
TermReadKey | TermReadKey License |
ThirdEye | ThirdEye License |
TrustedQSL | TrustedQSL License |
UCAR | UCAR License |
UMich-Merit | Michigan/Merit Networks License |
UPL-1.0 | Universal Permissive License v1.0 |
Ubuntu-font-1.0 | Ubuntu Font Licence v1.0 |
Unicode-3.0 | Unicode License v3 |
Unicode-DFS-2015 | Unicode License Agreement - Data Files and Software (2015) |
Unicode-DFS-2016 | Unicode License Agreement - Data Files and Software (2016) |
UnixCrypt | UnixCrypt License |
Unlicense | Unlicense |
Unlicense-libtelnet | Unlicense - libtelnet variant |
Unlicense-libwhirlpool | Unlicense - libwhirlpool variant |
Vim | Vim License |
W3C | W3C Software and Notice License |
W3C-19980720 | W3C Software Notice and License (1998-07-20) |
W3C-20150513 | W3C Software Notice and Document License (2015-05-13) |
WTFPL | Do What The F*ck You Want To Public License |
Widget-Workshop | Widget Workshop License |
X11 | X11 License |
X11-distribute-modifications-variant | X11 License Distribution Modification Variant |
X11-swapped | X11 swapped final paragraphs |
XFree86-1.1 | XFree86 License 1.1 |
Xdebug-1.03 | Xdebug License v 1.03 |
Xfig | Xfig License |
Xnet | X.Net License |
ZPL-2.1 | Zope Public License 2.1 |
Zed | Zed License |
Zeeff | Zeeff License |
Zlib | zlib License |
any-OSI-perl-modules | Any OSI License - Perl Modules |
bcrypt-Solar-Designer | bcrypt Solar Designer License |
blessing | SQLite Blessing |
bzip2-1.0.6 | bzip2 and libbzip2 License v1.0.6 |
check-cvs | check-cvs License |
checkmk | Checkmk License |
curl | curl License |
cve-tou | Common Vulnerability Enumeration ToU License |
dtoa | David M. Gay dtoa License |
fwlw | fwlw License |
generic-xts | Generic XTS License |
gtkbook | gtkbook License |
hdparm | hdparm License |
jove | Jove License |
libpng-1.6.35 | PNG Reference Library License v1 (for libpng 0.5 through 1.6.35) |
libpng-2.0 | PNG Reference Library version 2 |
libselinux-1.0 | libselinux public domain notice |
libtiff | libtiff License |
libutil-David-Nugent | libutil David Nugent License |
lsof | lsof License |
magaz | magaz License |
mailprio | mailprio License |
man2html | man2html License |
metamail | metamail License |
mpi-permissive | mpi Permissive License |
mplus | mplus Font License |
pkgconf | pkgconf License |
snprintf | snprintf License |
softSurfer | softSurfer License |
ssh-keyscan | ssh-keyscan License |
swrule | swrule License |
threeparttable | threeparttable License |
ulem | ulem License |
w3m | w3m License |
xkeyboard-config-Zinoviev | xkeyboard-config Zinoviev License |
xlock | xlock License |
xpp | XPP License |
zlib-acknowledgement | zlib/libpng License with Acknowledgement |
自定义允许列表
Section titled “自定义允许列表”要限制允许列表,请用您自己的数组替换 DEFAULT_LICENSE_ALLOWLIST。要扩展它,请展开默认值并添加条目。条目通过 SPDX ID、完整许可证名称或任何列出的别名进行匹配(不区分大小写)。
单个包的例外
Section titled “单个包的例外”对于检查失败的包,使用 exceptions — 要么是因为它们的许可证不在允许列表中,要么是因为它们没有可检测的许可证元数据。reason 字段是必需的,以便审查者可以看到为什么授予例外。
exceptions: [ { package: 'union', version: '0.5.0', reason: 'Package ships verbatim MIT text without declaring license', },];引入具有问题元数据的依赖项的生成器(例如 MCP 服务器生成器)会在运行时自动将所需的例外添加到您的配置中。
收集器发现依赖项并提取许可证元数据。内置收集器是 npmCollector()(扫描 node_modules)和 pythonCollector()(扫描 Python 虚拟环境)。许可证生成器默认配置 npmCollector(),并在存在 Python 项目时添加 pythonCollector()。
要实现自定义收集器,请符合 LicenseCollector 接口:
import type { LicenseCollector } from '@aws/nx-plugin/sdk/license';
const myCollector = (): LicenseCollector => ({ name: 'my-ecosystem', traceCommand: 'my-tool why <package>', async collect({ workspaceRoot }) { return [ { name: 'some-dep', version: '1.0.0', rawLicense: 'MIT', ecosystem: 'my-ecosystem' }, ]; },});onDependency 钩子
Section titled “onDependency 钩子”license.dependencies 接受一个可选的 onDependency 回调,该回调会为每个发现的依赖项调用一次,无论它是否通过检查。它接收 { package, spdx },其中 package 是包名称,spdx 是解析的 SPDX 许可证表达式。例外的 spdx 优先于原始声明的许可证,如果未声明许可证,spdx 可能是空字符串。
这是打印项目中所有许可证的便捷方式。运行 license-check 目标以查看输出:
import { AwsNxPluginConfig } from '@aws/nx-plugin';import { DEFAULT_LICENSE_ALLOWLIST } from '@aws/nx-plugin/sdk/license';
export default { license: { dependencies: { allow: DEFAULT_LICENSE_ALLOWLIST, onDependency: ({ package: pkg, spdx }) => { console.log(`${pkg} - ${spdx}`); }, }, },} satisfies AwsNxPluginConfig;禁用依赖项检查
Section titled “禁用依赖项检查”依赖项许可证检查通过配置中存在 license.dependencies 键来启用。
要对单次运行禁用检查,请设置 LICENSE_DEPENDENCY_CHECK=skip 环境变量:
pnpm LICENSE_DEPENDENCY_CHECK=skip lintyarn LICENSE_DEPENDENCY_CHECK=skip lintnpm run LICENSE_DEPENDENCY_CHECK=skip lintbun LICENSE_DEPENDENCY_CHECK=skip lint要永久禁用,请从 aws-nx-plugin.config.mts 配置中移除 license.dependencies 键。您也可以使用 --dependencyCheck=false 重新运行 license 生成器以在不包含它的情况下进行脚手架。