Remove development files from the published module
just-boris opened this issue · comments
Currently the published npm package contains all development scripts and tests: https://unpkg.com/browse/license-checker@25.0.1/
It causes some problems:
- There are tests for GPL license expressions that show up as potentially GPL-licensed code in some automated source code scanning tools.
- It is an unnecessary overhead for module consumers.
Proposed solution: add files
declaration to package.json
"files": [
"bin",
"lib"
]
This will work as a whitelist and include only necessary files.
There is also an article explaining why it is better to use files
property instead of .npmignore
: https://medium.com/@jdxcode/for-the-love-of-god-dont-use-npmignore-f93c08909d8d