search

google / go-licenses

A lightweight tool to report on the licenses used by a Go package and its dependencies. Highlight! Versioned external URL to licenses can be found at the same time.
Apache License 2.0
824 stars 125 forks source link

Upgrade dependencies including licenseclassifier/v2 #203

Closed inteon closed 1 year ago

inteon commented 1 year ago

Upgraded all dependencies (go.mod, vendored and licenseclassifier/v2).

This PR includes added support for multiple licenses in one LICENSE file (prints all of the found licenses).

NOTE: this PR removes the confidenceThreshold parameter, as it is not directly supported upstream anymore

inteon commented 1 year ago

Thank you for helping to upgrade so many dependencies!

It seems that there will be some unavoidable breaking changes introduced by licenseclassifier/v2:

  • Support multiple licenses in the same file
  • Removal of confidence threshold flag
  • Minimum golang version increase

I suggest we target creating a v2 of go-licenses. What do you think?

I agree, the upstream licenseclassifier/v2 also changed quite a bit and might even classify some LICENSE files differently (even if there is only 1 license in it).

Bobgy commented 1 year ago

Incredible work! Thank you so much for improving go licenses!

If we resolve the open issues we can merge and bump to v2 in another PR.