For some projects we've needed to control the licenses used for our... - Random

rob, 1 month ago

For some projects we've needed to control the licenses used for our dependencies. Fortunately Composer has a command the help with this.

https://akrabat.com/check-licenses-of-composer-dependencies/

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

+ mwop

Image

Image alternative text

tvbeek, 1 month ago

@rob on my previous job we used the package license-checker from madewithlove https://github.com/madewithlove/license-checker-php
And yes it can be useful or needed to check the licenses of your dependencies.

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

wyri, 1 month ago

@rob Are you planning a package or composer plugin to block adding dependecies with a problematic licenses?

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

heiglandreas, 1 month ago

@wyri @rob I know there was versioneye a few years back that did licence managements. As most projects use more than one package-mamager IMO a solution that checks all of them might make more sense. But yeah: That will only work AFTER the package has been included already. Whether via composer or yarn or pip or...

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

heiglandreas, 1 month ago

@wyri @rob https://www.versioneye.com still exists 😁

reply

report

activity

copy /kbin url

copy original url

open original url

Loading...

Add comment