2022-07-26 05:49:13 -04:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
# Compare licenses of Go dependencies against a whitelist.
|
|
|
|
|
|
|
|
set -e -o pipefail
|
|
|
|
|
|
|
|
not_allowed() {
|
|
|
|
echo "license not allowed for package: $line"
|
|
|
|
err=1
|
|
|
|
}
|
|
|
|
|
|
|
|
go mod download
|
|
|
|
|
|
|
|
go-licenses csv ./... | {
|
|
|
|
while read line; do
|
|
|
|
|
|
|
|
pkg=${line%%,*}
|
|
|
|
lic=${line##*,}
|
|
|
|
|
|
|
|
case $lic in
|
|
|
|
Apache-2.0|BSD-2-Clause|BSD-3-Clause|ISC|MIT)
|
|
|
|
;;
|
|
|
|
|
|
|
|
MPL-2.0)
|
|
|
|
case $pkg in
|
|
|
|
github.com/talos-systems/talos/pkg/machinery/config/encoder)
|
|
|
|
;;
|
2022-08-01 03:37:05 -04:00
|
|
|
github.com/letsencrypt/boulder)
|
|
|
|
;;
|
2022-09-26 09:52:31 -04:00
|
|
|
github.com/hashicorp/*)
|
|
|
|
;;
|
2022-07-26 05:49:13 -04:00
|
|
|
*)
|
|
|
|
not_allowed
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
;;
|
|
|
|
|
2022-08-19 09:57:01 -04:00
|
|
|
AGPL-3.0)
|
2022-07-26 05:49:13 -04:00
|
|
|
case $pkg in
|
2022-09-21 09:40:02 -04:00
|
|
|
github.com/edgelesssys/constellation/v2)
|
2022-07-26 05:49:13 -04:00
|
|
|
;;
|
|
|
|
*)
|
|
|
|
not_allowed
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
;;
|
|
|
|
|
2022-08-19 09:57:01 -04:00
|
|
|
Unknown)
|
|
|
|
case $pkg in
|
|
|
|
*)
|
|
|
|
not_allowed
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
;;
|
|
|
|
|
2022-07-26 05:49:13 -04:00
|
|
|
*)
|
|
|
|
echo "unknown license: $line"
|
|
|
|
err=1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
done
|
|
|
|
exit $err
|
|
|
|
}
|