Webpack bundle license compliance?
I'm not a lawyer, so this isn't legal advice.
It seems like you're trying to solve two different problems: (1) understand compliance obligations of packages installed via npm, (2) fulfill any obligations (e.g. including a license in the output of webpack).
For (1) tldrlegal is a helpful tool that will print a highlevel summary of obligations. Since obligations could include requirements like "display an acknowledgement in all advertising materials", it's hard to boil compliance checks down to just a step in the build process (which is presumably when webpack would come into play). It looks like this library might help with the compatibility aspect.
(2) For complying with obligations like distributing a license in copies of source, webpack's Uglify plugin does this by default. The licenses of packages listed in the dependencies
of your package.json are included by default in the build via the comments
option. (It looks like this may be changing for webpack v4.) Note that licenses of dependencies listed in the devDependencies
are not included in the built file.
To configure this explicitly, in your webpack config include:
new webpack.optimize.UglifyJsPlugin({
comments: /^\**!|@preserve|@license/,
})
If a dependency and the resulting transitive dependencies are defined under dependencies
or devDependencies
is usually not related to the question if the dependency is included in the webpack build output or not. Try webpack-license-plugin, it might help you with your problems.
If you have questions, feel free to ask. I'm the maintainer of the module, so i might be able to help!