git.legal

Language / Framework: Ruby, JavaScript, PHP, Python
Checks: 4
Categories: Compatibility

git-legal scans the libraries used by your project and flags potential compliance and compatibility issues, optionally based on policies that you configure.

Enable the Plugin

To enable the git-legal engine, add the following to your .codeclimate.yml configuration file:

plugins: 
  git-legal:
    enabled: true

Configure License Policy

The free community version of the git.legal engine allows you to allow or disallow the two categories of licenses that are most often of concern: Strong Copyleft and Affero Copyleft. These categories are disallowed by default - and unless your project is itself licensed under GPL or Affero GPL, you most likely want to keep these defaults.

You can change these policy settings directly in your .codeclimate.yml file:

plugins:
  git-legal:
   enabled: true
    config:
      allow_affero_copyleft: false
      allow_strong_copyleft: false

If you have subscription to git.legal pro (please contact [email protected] for trial license), you may further customize the policy settings for your specific needs:

plugins:  
  git-legal:
    enabled: true
    config:
      allow_affero_copyleft: false
      allow_strong_copyleft: false
      allow_weak_copyleft: false
      
      # you may disallow permissive licenses if you want to explicitly approve ALL libraries
      allow_permissive: true
      
      # all standard license names and abbreviations (with or without version numbers) are recognized for your explicit whitelist/blacklists 
      license_whitelist: ["LGPL-2.1", "BSD"]
      license_blacklist: ["Apache"]
      
      # by default, libraries not found in standard library repositories (rubygems.org, npm, etc) are permitted, as they're likely your own works, but you may wish to be more stringent and explicitly approve these
      allow_unknown_libraries: true