Allow files as input for allowlist/blocklist

dominikb / composer-license-checker

Quickly scan your dependencies, see what licenses they use, or validate in your CI pipeline that no unwanted licenses were merged.

MIT License

40 stars 11 forks source link

Allow files as input for allowlist/blocklist #30

Open dominikb opened 1 year ago

dominikb commented 1 year ago

Extend the check command to be able to use files as a source for their allowlist or blocklist.

Currently, this is possible by passing a flag multiple times:

# Allow both MIT and GPL exclusively
./vendor/bin/composer-license-checker -a MIT -a GPL ...

# Deny both BSD and Unlicense
./vendor/bin/composer-license-checker -b BSD -b Unlicense ...

An example where this could be used is in shopware/platform: they have extracted their allowed licenses into an .allowed-licenses file and need to use sed to parse the file into command line arguments.

pschirch commented 1 year ago

This should be possible with all list values:

-a, --allowlist[=ALLOWLIST] Set a license you want to permit for usage (multiple values allowed)
-b, --blocklist[=BLOCKLIST] Mark a specific license prohibited for usage (multiple values allowed)
--allow[=ALLOW] Determine a vendor or package to always be allowed and never trigger violations (multiple values allowed)

Furthermore, it would be a pleasure to define a remote source (e.g. a git repository where you manage your license definitions) to download these files first. Managing these files per project is not applicable if you want to apply a global license policy for all your projects.