[HN Gopher] Feluda - A CLI tool to detect restrictive licenses i...
___________________________________________________________________
Feluda - A CLI tool to detect restrictive licenses in dependencies
Author : anistark
Score : 18 points
Date : 2025-01-31 20:54 UTC (3 days ago)
(HTM) web link (crates.io)
(TXT) w3m dump (crates.io)
| anistark wrote:
| Hey folks,
|
| I built Feluda, a Rust-based CLI tool that scans your project's
| dependencies and flags restrictive licenses before they become a
| problem.
|
| It currently supports Rust, Node.js, and Go projects. It checks
| for GPL, AGPL, SSPL, and other restrictive licenses that may
| limit how you use your project commercially.
|
| Try it out:
|
| ``` cargo install feluda feluda ```
|
| I'd love feedback! Are there specific license edge cases you'd
| like covered? Features you'd want in a CI/CD setup? Happy to
| discuss and iterate!
| G1N wrote:
| Would you be open to a PR adding support for installing from
| npm? Not sure if you guys are willing/ comfortable to publish
| there as well, but did notice you already have Node support for
| scanning
| korkybuchek wrote:
| Shout out to my dawg Satyajit Ray
| alain_gilbert wrote:
| I think you have some bugs. I ran it on my project which has 60
| direct dependencies in my "go.mod" file, and feluda's output says
| `Total dependencies scanned: 2`
|
| EDIT: there was a package.json in the same folder, that's what
| caused the "bug"
| cglong wrote:
| Any reason the repo license is MIT but the crate is CC-BY-NC-
| ND-4.0? The latter is ironic, given this project's scope :)
| wanderingmind wrote:
| Amazing work. Does something similar exist for Python? Would love
| to have something similar integrated for Python dependencies from
| pypi as well.
| G1N wrote:
| Seems like Python support is up next for this project:
| https://github.com/anistark/feluda/pull/18
___________________________________________________________________
(page generated 2025-02-03 23:00 UTC)