licensed: add new tool
Add (soon to be in Debian) cargo-lichking tool.
|Deletions are marked like this.||Additions are marked like this.|
|Line 93:||Line 93:|
|=== cargo-lichking ===
Automated license checking for rust. cargo lichking is a Cargo subcommand that checks licensing information for dependencies,
based on [[http://www.dwheeler.com/essays/floss-license-slide.html|David A. Wheeler's compatibility graph]].
cargo lichking check
Command-line tools in Debian
Reviewing upstream packages to write debian/copyright files is tedious but important manual work. It is done during initial packaging and after every new upstream release.
Making initial copyright file construction and subsequent review/update easier will improve Debian's software quality.
Starting with Stretch (Debian 9) there are significantly improved tools over previous releases to help.
licensecheck from licensecheck (and older versions of devscripts) can scan source code and report found copyright holders and known licenses. Its approach is to detect licenses with a dataset (medium:~200 regexes) of regex patterns and key phrases (parts) and to reassemble these in detected licenses based on rules. In that sense this is somewhat similar to the combined approaches of Fossology/nomos and Ninka (see below for these tools). It also detects copyright statements. It output results in plain text (with customizable delimiter) or a Debian copyright file format. Written in Perl.
licensecheck --check '.*' --recursive --deb-machine --lines 0 *
cme update dpkg-copyright
Usage is detailed in Config::Model wiki
licensecheck --check '.*' --recursive --copyright --deb-fmt --lines 0 * | /usr/lib/cdbs/licensecheck2dep5
license-reconcile compares the existing copyright with the source code and reports discrepancies. Written in Perl, using licensecheck.
debmake -k also compares the existing copyright with the source code and reports discrepancies.
debmake -cc generates a new copyright file from the source code.
decopy is a tool that "automates creating and updating the debian/copyright files." It also "aims to detects as many licenses as possible" which makes it a tool for license detection too. It uses python-debian to handle Debian machine readable copyright files. Its approach to detect licenses is the same as license-checker. Written in Python, using python-debian.
licensee from ruby-licensee checks LICENSE files and returns known license names. This is the tool used by Github to provide a summary license indication on a repository main page. Its approach is to search for typical LICENSE file names or some package manifest (NPM, Bower, Gemfile, etc) and perform an exact or approximate license text matching against the set of common licenses texts as published at https://choosealicense.com (small: ~20). It output results in YAML format. Written in Ruby.
Wrapper for some of the other tools listed here.
check-all-the-things -f copyright
Automated license checking for rust. cargo lichking is a Cargo subcommand that checks licensing information for dependencies, based on David A. Wheeler's compatibility graph.