wwhrd

command module
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 4, 2020 License: MIT Imports: 13 Imported by: 0

README

WWHRD? (What Would Henry Rollins Do?) Github Actions codecov

Have Henry Rollins check vendored licenses in your Go project.

Please note that wwhrd only checks packages stored under vendor/, if you are using Go modules (go mod), you can add go mod vendor before running wwhrd, this will dump a copy of the vendored packages inside the local repo.

Installation

go get -u github.com/frapposelli/wwhrd

Using Brew on macOS:

brew install frapposelli/tap/wwhrd

Configuration file

Configuration for wwhrd is stored in .wwhrd.yml at the root of the repo you want to check.

The format is borrowed from Anderson and it's 1:1 compatible (just run wwhrd check -f .anderson.yml).

---
blacklist:
  - GPL-2.0

whitelist:
  - Apache-2.0
  - MIT

exceptions:
  - github.com/jessevdk/go-flags
  - github.com/pmezard/go-difflib/difflib

Having a license in the blacklist section will fail the check, unless the package is listed under exceptions.

exceptions can also be listed as wildcards:

exceptions:
  - github.com/davecgh/go-spew/spew/...

Will make a blanket exception for all the packages under github.com/davecgh/go-spew/spew.

Use it in your CI!

$ wwhrd check
INFO[0000] Found Approved license                        license=MIT package=github.com/stretchr/testify/assert
ERRO[0000] Found Non-Approved license                    license=FreeBSD package=github.com/pmezard/go-difflib/difflib
INFO[0000] Found Approved license                        license=MIT package=github.com/ryanuber/go-license
INFO[0000] Found Approved license                        license=Apache-2.0 package=github.com/cloudfoundry-incubator/candiedyaml
WARN[0000] Found exceptioned package                     license=NewBSD package=github.com/jessevdk/go-flags
FATA[0000] Exiting: Non-Approved license found
$ echo $?
1

Generate a dependency graph

Starting from version v0.3.0, wwhrd graph can be used to generate a graph in DOT language, the graph can then be parsed by Graphviz or other compatible tools.

To generate a PNG of the dependencies of your repository, you can run:

$ wwhrd graph -o - | dot -Tpng > wwhrd-graph.png

The -o - option will print the DOT output to STDOUT.

Usage

$ wwhrd
Usage:
  wwhrd [OPTIONS] <check | graph | list>

What would Henry Rollins do?

Application Options:
  -v, --version  Show CLI version
  -q, --quiet    quiet mode, do not log accepted packages

Help Options:
  -h, --help     Show this help message

Available commands:
  check  Check licenses against config file (aliases: chk)
  graph  Generate dot graph dependency tree (aliases: dot)
  list   List licenses (aliases: ls)

Acknowledgments

WWHRD? graphic by Mitch Clem, used with permission, support him!.

Documentation

The Go Gopher

There is no documentation for this package.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL