Skip to content

Provides detailed reports on the licenses associated with a Go package and its dependencies.

License

Notifications You must be signed in to change notification settings

FortiShield/go-licenses

 
 

Repository files navigation

golicenses

app-pipeline Go Report Card

A go dependency license checker.

This is thin a wrapper around google's license classifier forked from go-license with a few extra options.

Installation

# install the latest version to ./bin
curl -sSfL https://raw.githubusercontent.com/khulnasoft/go-licenses/master/golicenses.sh | sh 

# install a specific version to another directory
curl -sSfL https://raw.githubusercontent.com/khulnasoft/go-licenses/master/golicenses.sh | sh -s -- -b ./path/to/bin v1.26.0

Usage

# list the licenses of all of your dependencies...
golicenses list                        # ... from ./go.mod
golicenses list ~/some/path            # ... from ~/some/path/go.mod
golicenses list github.com/some/repo   # ... from a remote repo

# pass/fail of user-specified license restrictions (by .golicenses.yaml)
golicenses check
golicenses check ~/some/path
golicenses check github.com/some/repo

The .golicenses.yaml can specify a simple allow-list or deny-list license name regex patterns (by SPDX name):

permit:
  - BSD.*
  - MIT.*
  - Apache.*
  - MPL.*
forbid:
  - GPL.*
ignore-packages:
  - github.com/some/repo
forbid:
  - GPL.*

Note: either allow or deny lists can be specified, not both.

About

Provides detailed reports on the licenses associated with a Go package and its dependencies.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Go 78.1%
  • Shell 14.5%
  • Makefile 7.4%