🔌 Plugin Idea - Enforce License #145
Comments
|
That's an interesting idea for sure. I like it! |
|
I like it. I never think to check this. |
|
I'm not sure we want to determine which licenses are "even more lenient" though. We may just want a default list of acceptable licenses that people can then customize. |
|
I like this. So when you add the rule, there's a list with delineations on obligations it puts on the consumer of the licensed code. "Must include attribution" etc. |
|
This is a killer use case for solidarity, btw. |
|
To check: Build around this |
|
That's a great idea.
…On Wed, Feb 7, 2018 at 5:18 PM Gant Laborde ***@***.***> wrote:
To check: Build around this
https://github.com/davglass/license-checker
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#145 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ACyh-B9BPy8pqYmmTvVjc9-D6jj-1pOmks5tSiElgaJpZM4RHdUQ>
.
|
Example API:enforce licenses rule whitelist "License Stuff": {
{"rule": "custom", "plugin":"license", "name": "enforceLicenses", "whitelist": [
"MIT", "ISC", "BSD-3*", "BSD-2*", "Unlicense", "Public Domain", "Apache", "WTFPL", "CC*"
],
"ignore": ['dumb-node-module', 'module-cuasing-failure-but-license-known']
}
}succeeds as long as all modules and sub-modules (not explicitly ignored) fit the given whitelist. enforce licenses rule blacklist "License Stuff": {
{"rule": "custom", "plugin":"license", "name": "enforceLicenses", "blacklist": [
"BSD-2*", "Apache*"
],
"ignore": ['dumb-node-module', 'module-cuasing-failure-but-license-known']
}
}succeeds as long as all modules and sub-modules (not explicitly ignored) do not have a license identified with the blacklist. Add the feature where the rule only pertains to production or development. "License Stuff": {
{"rule": "custom", "plugin":"license", "name": "enforceLicenses", "whitelist": [
"MIT", "ISC", "BSD-3*", "BSD-2*", "Unlicense", "Public Domain", "Apache", "WTFPL", "CC*"
],
"ignore": ['dumb-node-module', 'module-cuasing-failure-but-license-known'],
"scope": "production"
}
}scope can be "production" | "prod" | "development" | "dev" | "all" (default is all) |
|
Can use this in reports: |
|
I like the API @GantMan. 👍 👍 |
|
Legit. I want this. Hurry! They're coming!!! |
|
Possible plugin game changer. |
Lots of people are building projects and those projects end up using dependencies of various licenses, or sometimes no license at all.
Would be cool if there was a license rule (maybe via plugin) that would check all packages and ensure that the licenses of the included modueles were either of a status or even more lenient.
So if I set my license rule to BSD-2 it would accept MIT, WTFPL etc., unless
exactis set to true.Feedback plz: @skellock and @jamonholmgren
The text was updated successfully, but these errors were encountered: