licensebat_cli/
lib.rs

1//! A tool to help you verify that your dependencies comply with your license policies.
2//!
3//! ## What is Licensebat?
4//!
5//!`Licensebat` is a **CLI** that you can use for free to verify that the dependencies of your project follow your license policies.
6//!
7//! Let's say, for instance, that you are building a commercial application. In that case, you may consider avoiding the use of some software with a restrictive license like `GPL`.
8//!
9//! By using `Licensebat`, you can check you don't have any dependency with such a restrictive license. Normally, it will look in all the the dependency tree of your project, so transient dependencies will also be considered.
10//!
11//! Feel free to use the `CLI` in your CI/CD pipeline, or in your continuous integration server.
12//!
13//! <pre class="compile_fail" style="white-space:normal;font:inherit;">
14//!     <strong>Warning</strong>: licensebat-cli is still in development so you may use it at your own risk.
15//! </pre>
16//!
17//! ## Licensebat GitHub App
18//!
19//! Aside from the `CLI`, `Licensebat` can be used directly in your GitHub repositories by installing this [GitHub App](https://github.com/marketplace/licensebat).
20//!
21//! ## Supported languages
22//!
23//! [![Crates.io](https://img.shields.io/crates/v/licensebat-js?label=licensebat-js&style=flat-square)](https://crates.io/crates/licensebat-js)
24//! [![Crates.io](https://img.shields.io/crates/v/licensebat-dart?label=licensebat-dart&style=flat-square)](https://crates.io/crates/licensebat-dart)
25//! [![Crates.io](https://img.shields.io/crates/v/licensebat-rust?label=licensebat-rust&style=flat-square)](https://crates.io/crates/licensebat-rust)
26//!
27//! ## How to use it
28//!
29//! Just run this:
30//!
31//! ```bash
32//! licensebat --dependency-file ./Cargo.lock
33//! ```
34//!
35//! That will set all in motion. Take into account that you'll need to have access to the internet for the cli to work properly.
36//!
37//! You can have more information about the `CLI` by running `licensebat --help`.
38//!
39//! ```txt
40//! USAGE:
41//! licensebat [OPTIONS] --dependency-file <dependency-file>
42//! FLAGS:
43//!     -h, --help       Prints help information
44//!     -V, --version    Prints version information
45//! OPTIONS:
46//!     -d, --dependency-file <dependency-file>    Path to the file containing the dependencies of the project. i.e.
47//!                                                package-lock.json for npm projects, yarn.lock for yarn projects, etc
48//!     -l, --licrc-file <licrc-file>              Path to the .licrc file [default: .licrc]
49//!     -f, --output-format <output-format>        Output format (json | markdown). Defaults to json.
50//! ```
51//!
52//! ## The .licrc file
53//!
54//! But before running, you have to be sure you have a `.licrc` file available in your project.
55//!
56//! You can get a copy from this [gist](https://gist.github.com/robertohuertasm/4770217e40209ad6a65acb1d725c3f87).
57//! It's a `TOML` file with configuration about which are the accepted or denied licenses, ignored dependencies
58//! or whether to block or not the PR (exit code == 1) in case it finds invalid dependencies.
59//!
60//! ```toml
61//! [licenses]
62//! # This indicates which are the only licenses that Licensebat will accept.
63//! # The rest will be flagged as not allowed.
64//! accepted = ["MIT", "MSC", "BSD"]
65//! # This will indicate which licenses are not accepted.
66//! # The rest will be accepted, except for the unknown licenses or dependencies without licenses.
67//! # unaccepted = ["LGPL"]
68//! # Note that only one of the previous options can be enabled at once.
69//! # If both of them are informed, only accepted will be considered.
70//!
71//! [dependencies]
72//! # This will allow users to flag some dependencies so that Licensebat will not check for their license.
73//! ignored=["ignored_dep1", "ignored_dep2"]
74//! # If set to true, Licensebat will ignore the dev dependencies.
75//! ignore_dev_dependencies = true
76//! # If set to true, Licensebat will ignore the optional dependencies.
77//! ignore_optional_dependencies = true
78//!
79//! [behavior]
80//! # False by default (always exit code == 0), if true, it will exit with code 1 in case some invalid dependency is found.
81//! do_not_block_pr = false
82//! # This will define the size of the buffer used to retrieve the dependencies.
83//! # It's set to 100 by default.
84//! # If you have a lot of dependencies, you might want to increase this value, but be careful, if the size is too big, the API might return an error.
85//! retriever_buffer_size: 100,
86//! ```
87//!
88//! ## Logs
89//!
90//! `Licensebat` uses [`tracing`](https://docs.rs/tracing). You can get logs while running the `CLI` by setting the `RUST_LOG` environment variable.
91//!
92//! ```bash
93//! RUST_LOG=licensebat=info cargo run --dependency-file ./Cargo.lock
94//! ```
95#![doc(html_logo_url = "https://licensebat.com/images/not_used/logo_red_ferris.png")]
96#![doc(html_favicon_url = "https://licensebat.com/images/not_used/favicons_red/favicon.ico")]
97#![allow(clippy::module_name_repetitions)]
98#![warn(missing_docs)]
99
100mod check;
101mod cli;
102
103pub use check::{run, RunResult};
104#[doc(hidden)]
105pub use cli::{Cli, OutputFormat};