wwhrd

command module

v0.4.0 Latest Latest Go to latest Published: Jan 19, 2021 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/frapposelli/wwhrd

Links

Open Source Insights

README ¶

WWHRD? (What Would Henry Rollins Do?)

Have Henry Rollins check vendored licenses in your Go project.

Please note that wwhrd only checks packages stored under vendor/, if you are using Go modules (go mod), you can add go mod vendor before running wwhrd, this will dump a copy of the vendored packages inside the local repo.

Installation

go get -u github.com/frapposelli/wwhrd

Using Brew on macOS:

brew install frapposelli/tap/wwhrd

Configuration file

Configuration for wwhrd is stored in .wwhrd.yml at the root of the repo you want to check.

The format is compatible with Anderson, just run wwhrd check -f .anderson.yml.

---
denylist:
  - GPL-2.0

allowlist:
  - Apache-2.0
  - MIT

exceptions:
  - github.com/jessevdk/go-flags
  - github.com/pmezard/go-difflib/difflib

Having a license in the blacklist section will fail the check, unless the package is listed under exceptions.

exceptions can also be listed as wildcards:

exceptions:
  - github.com/davecgh/go-spew/spew/...

Will make a blanket exception for all the packages under github.com/davecgh/go-spew/spew.

Use it in your CI!

$ wwhrd check
INFO[0006] Found Approved license                        license=Apache-2.0 package="github.com/xanzy/ssh-agent"
INFO[0006] Found Approved license                        license=BSD-3-Clause package="golang.org/x/crypto/ed25519"
INFO[0006] Found Approved license                        license=Apache-2.0 package="gopkg.in/src-d/go-git.v4/internal/revision"
INFO[0006] Found Approved license                        license=Apache-2.0 package="gopkg.in/src-d/go-git.v4/plumbing/format/config"
INFO[0006] Found Approved license                        license=BSD-3-Clause package="golang.org/x/exp/rand"
INFO[0006] Found Approved license                        license=BSD-3-Clause package="gonum.org/v1/gonum/internal/cmplx64"
INFO[0006] Found Approved license                        license=Apache-2.0 package="gopkg.in/src-d/go-git.v4/plumbing/cache"
INFO[0006] Found Approved license                        license=MIT package="github.com/montanaflynn/stats"
INFO[0006] Found Approved license                        license=MIT package="github.com/ekzhu/minhash-lsh"
FATA[0006] Exiting: Non-Approved license found
$ echo $?
1

Generate a dependency graph

Starting from version v0.3.0, wwhrd graph can be used to generate a graph in DOT language, the graph can then be parsed by Graphviz or other compatible tools.

To generate a PNG of the dependencies of your repository, you can run:

$ wwhrd graph -o - | dot -Tpng > wwhrd-graph.png

The -o - option will print the DOT output to STDOUT.

Usage

$ wwhrd
Usage:
  wwhrd [OPTIONS] <check | graph | list>

What would Henry Rollins do?

Application Options:
  -v, --version  Show CLI version
  -q, --quiet    quiet mode, do not log accepted packages
  -d, --debug    verbose mode, log everything

Help Options:
  -h, --help     Show this help message

Available commands:
  check  Check licenses against config file (aliases: chk)
  graph  Generate dot graph dependency tree (aliases: dot)
  list   List licenses (aliases: ls)

Acknowledgments

WWHRD? graphic by Mitch Clem, used with permission, support him!.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL