meesterdev / package-parser
Parse composer/npm package locks into a list of packages with some basic information.
Installs: 2 005
Dependents: 1
Suggesters: 0
Security: 0
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 1
Requires
- php: >=8.1
- ext-json: *
- meesterdev/file-wrapper: ^0.0.2
Requires (Dev)
- phpunit/phpunit: ^9.5|^10
README
Parses composer.json/composer.lock and package.json/package-lock.json files for retrieving information about licenses from those packages.
Packages can be skipped based on their license and will be added to a list of "failed packages" if no license information is available. No validity checks are done on the license itself (e.g. whether it appears on the SPDX License List).
Example
<?php use MeesterDev\PackageParser\Parsers\ParserFactory; $parser = ParserFactory::createForFilePath('composer.json'); $parser->ignoreLicenses(['proprietary', 'UNLICENSED']); $packages = $parser->parse(); var_dump($packages, $factory->skippedPackages, $factory->failedPackages); // probably a pretty long dump