Shnatsel
commented
3 years ago I was under the impression that cargo deny check licenses already does that?
Closed taladar closed 3 years ago
Shnatsel
commented
3 years ago I was under the impression that cargo deny check licenses already does that?
HeroicKatora
commented
3 years ago It's also a bit out of scope, as dependency traversal itself is not the focus here. There also the excellent cargo-about that mostly addresses this use case as well—including more thorough checks on actual validity of the license field in the configuration.
Shnatsel
commented
3 years ago Since tooling that addresses this use case already exists, I'll close this as out of scope.
It might be useful to get an overview of all licenses used in dependencies.
This might be particularly interesting if new versions use a different license than older dependency versions used (e.g. like the MongoDB or Elasticsearch license changes).