Shell script for checking licenses quickly
Shell
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
images
LICENSE
README.md
versioneye_license_check.sh

README.md

VersionEye License Check

This shell script is build for developers to quickly check on their dev. machines if a project dependency is violating the License Whitelist. To use this script you need these:

  • jq, a lightweight and flexible command-line JSON processor. Available for Linux, Mac OS X and Windows.
  • An API Key from VersionEye.
  • A default License Whitelist on VersionEye.

Please make sure that you created a License Whitelist on VersionEye and that you marked one as default. The default Whitelist gets assinged automatically to every new created project.

On VersionEye Enterprise the admin has to do this.

Configuration

Open the script and replace <YOUR_SECRET_API_KEY> in line 4 with your actual API KEY. You can get it from here. If you are using VersionEye Enterprise please adjust the VERSIONEYE_SERVER path in line 3.

#!/bin/bash 

VERSIONEYE_SERVER=https://www.versioneye.com
API_KEY=<YOUR_SECRET_API_KEY> 

Usage

Simply run the script in the command line with any project file as first parameter.

> ./versioneye_license_check.sh <PROJECT_FILE>

For example:

> ./versioneye_license_check.sh Gemfile

That will upload the Gemfile to the VersionEye API and check the dependencies against the default license whitelist. The output will look similar to this.

VersionEye Dependencies

In the output you can see how many dependencies are violating the license whitelist. It should be always 0. In this example it is 1. In that case you can use the Web Interface to digg deeper. After the check the project on the VersionEye Server gets deleted immediately.

Currently VersionEye supports 11 package managers. You can throw any of this project files against the VersionEye API.

  • Gemfile
  • Gemfile.lock
  • Podfile
  • Podfile.lock
  • package.json
  • composer.json
  • composer.lock
  • bower.json
  • requirements.txt
  • setup.py
  • biicode.conf
  • pom.xml
  • project.clj
  • *.gradle
  • *.sbt
  • project.json
  • *.nuspec
  • packages.config

For Maven multi module projects (reactor builds) please use the VersionEye Maven Plugin.

Feedback

For feedback please open a ticket here on GitHub or contact us on Twitter.