npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

@myooken/license-output

v0.2.1

Published

Generate third-party-license markdown by scanning licenses in node_modules.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

myookenmyooken

Keywords

licensethird-partynoticesnode_modulesosscompliancecli

Readme

Third-Party License Output for node_modules

npm version npm downloads node

https://www.npmjs.com/package/@myooken/license-output

What is this?

A tool to scan node_modules and output third-party licenses in Markdown.
It generates two files: THIRD-PARTY-LICENSE.md (main content) and THIRD-PARTY-LICENSE-REVIEW.md (review checklist).

Highlights

  • ESM / Node.js 18+, zero dependencies
  • Outputs full license texts from LICENSE/NOTICE/THIRD-PARTY-NOTICES/COPYING files
  • Review file flags missing Source / license / license files
  • --fail-on-missing supports CI enforcement

CLI command: third-party-license

Usage

Run without installing (recommended)

npx --package=@myooken/license-output -- third-party-license

Run via npm exec

npm exec --package=@myooken/license-output -- third-party-license

Install globally

npm i -g @myooken/license-output
third-party-license

Options

| Option | Description | Default | | ---------------------- | --------------------------------------------------------------------------- | ------------------------------- | | --node-modules <dir> | Path to node_modules | node_modules | | --review [file] | Write review file only; optional filename | THIRD-PARTY-LICENSE-REVIEW.md | | --license [file] | Write main file only; optional filename | THIRD-PARTY-LICENSE.md | | --recreate | Regenerate files from current node_modules only (drops removed packages) | true (default) | | --update | Merge with existing outputs, keep removed packages, and mark their presence | false | | --fail-on-missing | Exit with code 1 if LICENSE/NOTICE/THIRD-PARTY-NOTICES/COPYING are missing | false | | -h, --help | Show help | - |

If neither --review nor --license is specified, both files are generated. Packages in both files are sorted by name@version; --update keeps entries for packages no longer in node_modules and annotates their usage status.

Examples

# Default (both files)
third-party-license

# Update existing files without dropping removed packages
third-party-license --update

# Custom node_modules path
third-party-license --node-modules ./path/to/node_modules

# Review-only output (optional filename)
third-party-license --review
third-party-license --review ./out/THIRD-PARTY-LICENSE-REVIEW.md

# Main-only output (optional filename)
third-party-license --license
third-party-license --license ./out/THIRD-PARTY-LICENSE.md

# Exit with code 1 when something is missing (with --fail-on-missing)
third-party-license --fail-on-missing

Programmatic API

import { collectThirdPartyLicenses } from "@myooken/license-output";

const result = await collectThirdPartyLicenses({
  nodeModules: "./node_modules",
  outFile: "./THIRD-PARTY-LICENSE.md",
  reviewFile: "./THIRD-PARTY-LICENSE-REVIEW.md",
  failOnMissing: false,
  // mode: "update", // keep packages missing from node_modules when updating files
});

console.log(result.mainContent);
console.log(result.reviewContent);

Outputs are sorted by package key. Use mode: "update" to merge with existing files and keep packages that are no longer in node_modules, with their usage shown in both outputs.

Output overview

  • THIRD-PARTY-LICENSE.md
    • List of packages
    • Source / License info
    • Full LICENSE/NOTICE/THIRD-PARTY-NOTICES/COPYING texts
    • Usage line shows whether the package is present in the current node_modules
  • THIRD-PARTY-LICENSE-REVIEW.md
    • Review-oriented checklist
    • Usage-aware status (present / not found) for each package
    • Missing summary section

How it differs from typical npm license tools (general view)

Examples: license-checker, license-report, license-finder

  • Focused on bundling full license texts into a single Markdown file
    • Many existing tools emphasize JSON/CSV reports; this tool emphasizes ready-to-share license documents.
  • Separate review file to track missing metadata
    • Easier to integrate into audit workflows.
  • ESM / Node.js 18+ with no dependencies
    • Simple runtime requirements.

Notes

  • Scans all packages under node_modules (including nested dependencies); license files are searched only in each package root directory.
  • Exit code 0: success.
  • Exit code 1: missing license files when --fail-on-missing is set, or node_modules not found.
  • Throws an error if node_modules does not exist.
  • Missing license or repository fields are flagged in the review file.
  • Paths printed in outputs/logs are shown relative to the current working directory.