search

crev-dev / cargo-crev

A cryptographically verifiable code review system for the cargo (Rust) package manager.
Apache License 2.0
2.09k stars 89 forks source link

Recursive license check metric #193

Open dpc opened 5 years ago

dpc commented 5 years ago

We could display the least liberal license of each crate and their dependencies (recursively). Maybe? See reddit chat: https://www.reddit.com/r/rust/comments/c9fzyp/analysis_of_rust_crate_sizes_on_cratesio/etdc05w/?context=10000

MaulingMonkey commented 5 years ago

"least liberal" might be tough to define, but letting the end user mark which licenses they want to allow/forbid could be handy. https://github.com/onur/cargo-license appears to list each unique combination of licenses, and which crates are tagged with that license.

dpc commented 5 years ago

Note: this is related to having other recursive checks/metrics like: total recursive lines of code and total recursive distinct authors.