[](https://github.com/digi-wolk/oss-license-auditor/actions/workflows/run-tests.yml) [](https://github.com/digi-wolk/oss-license-auditor/actions/workflows/run-code-quality.yml) [](https://github.com/digi-wolk/oss-license-auditor/actions/workflows/run-security-checks.yml) [](https://github.com/digi-wolk/oss-license-auditor/blob/master/LICENSE.md) [](https://github.com/digi-wolk/oss-license-auditor/commits/master) [](https://github.com/digi-wolk/oss-license-auditor/graphs/contributors)
OSS License Auditor
⚡ FAST and COMPREHENSIVE OSS license audit tool ⚡
OSS license auditor helps you track and validate licenses of all your dependencies in multiple programming languages. Thanks to the speed of Golang, this is one of the FASTEST tools you can use to audit licenses used by the dependencies used in your code. That means it will not be expensive to run it in your CI/CD pipelines.
Currently, this tool supports:
- JavaScript/TypeScript: NPM -
package-lock.json - JavaScript/TypeScript: PNPM -
pnpm-lock.yaml - JavaScript/TypeScript: Yarn -
yarn.lock(only from NPM) - Go: Go modules -
go.mod
Later, it will support:
- JavaScript/TypeScript: Yarn -
yarn.lock(from other sources) - Python: pip -
requirements.txt - Java: Maven -
pom.xml - PHP: Composer -
composer.json
If you like this project, remember to give us a star ⭐ on GitHub. (Spoiler: It motivates a lot!)
You can also support the creator of this project by buying me a coffee.
Project layout
Project layout is based on Standard Go Project Layout.
Related projects
- Docker image on Hub: TBD
- GitHub Action on Marketplace: TBD
How to use
CLI
To run this project, you need to have Go installed on your machine. Then, run the following command inside the root directory of this project
go run cmd/olaudit/olaudit.go --path /path/to/your/projectAlternatively, you can build the project and run the binary file:
go build -o olaudit cmd/olaudit/olaudit.go
./olaudit --path /path/to/your/projectGitHub Action
This project is also available as a GitHub Action. You can use it in your CI/CD pipelines.
Example usage:
name: OSS License Auditor
on:
pull_request:
branches: [ master ]
jobs:
oss-license-auditor:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: OSS License Auditor
uses: digi-wolk/olaudit@v1
with:
path: .Test
To run unit test for this project, run the following command:
go test ./...How to contribute
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
Check the latest version
You can get the latest version number by:
- Checkin the CHANGELOG.md file
- Running this command:
git describe --abbrev=0 --tags --match "v*"
Release a new version
You can create a release by tagging the version as follows:
# Update the version before running the command
RELEASE_VERSION="v0.2.0"
git tag "${RELEASE_VERSION}" -m "Release version ${RELEASE_VERSION}"
git push origin "${RELEASE_VERSION}"The GitHub Action release workflow triggers immediately after the tag is pushed upstream. It will build and publish the docker image into DockerHub.
Docker Hub
Docker image is available on Docker Hub.
You can pull the latest version by running the following command:
docker pull prazian/oss-license-audit:latestYou can pull a specific version by running the following command:
docker pull prazian/oss-license-audit:v0.0.1Documentation and resources
Maintainers
- Pooyan Razian: github.com/prazian - pooyan.info
- < Become the first co-maintainer and add your name here! >
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website