Node Licenses
This linter verifies that dependencies included by package.json
files have
accepted licenses. Mozilla
employees can also consult the
Licensing & Contributor Agreements Runbook
for more details.
This linter currently only works for tools that are not incorporated into the production code.
Raised Node License Issues
If the linter raises an issue with a license, the license should be checked against the Runbook, and if necessary, consult with the Legal team to ensure it is acceptable.
Dependencies with unaccepted licenses must not be committed into the repository. If this linter fails it will cause your changes to be backed out.
New licenses that have been accepted by Legal may be added to the
accepted-test-licenses
list in node-licenses.yml.
There is also a specific section in the configuration file known-packages
where
a package may be specified if Legal has accepted the use of that package but is
not willing to allow the license generally.
Run Locally
This mozlint linter can be run using mach:
$ mach lint --linter node-licenses <file paths>
Configuration
This linter is currently enabled on specific directories, as listed in the configuration file.