Prints all dependencies with unrecognized or non-OSI-approved licenses.

It is not mandatory for a package's :licenses value to contain only SPDX license identifiers, it is only recommended. Therefore, some problems reported by mix licenses may be false alarms. For example, a project may specify its license as MIT License rather than the SPDX identifier MIT.

Command line options

• --osi - additionally check if all licenses are approved by the Open Source Initiative
• --update - pull down a fresh copy of the SPDX license list instead of using the version checked in with this tool.