This repository was archived by the owner on Jun 5, 2025. It is now read-only.
This repository was archived by the owner on Jun 5, 2025. It is now read-only.
[Idea] Allow license rules to be specified for dependencies pulled in by an LLM #1079
Description
Summary:
An LLM may pull in dependencies with unsuitable licenses for the project that is being built. Make it possible to prevent dependencies from being included if they have an unacceptable or ill-defined license, or at least warn about them.
Why Is This Feature Important?:
- Open source projects may want to avoid pulling in libraries with incompatible licenses, e.g. a BSD licensed project may not want GPL code in their codebase.
- This is also applicable to commercial customers for similar reasons (e.g. a company may want to avoid AGPL dependencies).
Examples:
As a developer, I can specify that I want to avoid specific licenses, or specify an allow-list of acceptable licenses. Codegate can either filter out or flag suggestions from an LLM if the LLM-generated code pulls in a package with an unsuitable license. This could be further augmented with suggestions using the alternatives feature of Insight.
Challenges & Considerations:
The dataset could be quite large.