embed-licensing
| Crates.io | embed-licensing |
| lib.rs | embed-licensing |
| version | 0.3.1 |
| source | src |
| created_at | 2024-07-31 16:12:17.070541 |
| updated_at | 2024-08-14 19:44:56.539245 |
| description | Embed licensing information of dependencies to comply with free software licenses |
| homepage | |
| repository | https://codeberg.org/sbruder/embed-licensing |
| max_upload_size | |
| id | 1321073 |
| size | 74,074 |
Simon Bruder (sbruder)
documentation
README
embed-licensing
Embed licensing information of dependencies to comply with free software licenses.
This allows outputting a list of all dependencies at runtime.
Features
- collecting dependencies at build-time using a proc macro
- name
- version
- authors (from Cargo.toml)
- license (SPDX expression from Cargo.toml’s
licensefield or content oflicense-file) - website (
homepage,repositoryordocumentationfrom Cargo.toml)
- collecting licenses of dependencies
- collecting license exceptions of dependencies
- optional collection of development (only for direct dependencies) and build dependencies (by default, only normal dependencies are collected)
- optional limiting of dependencies to a specific platform (target and cfg options)
Non-Features
- ready to use HTML template (every application has different needs)
- CLI tool (there are already great tools out there, see Alternatives)
- manual override of wrong or incomplete data (this should instead be changed by the crate upstream)
Accuracy
The mechanism this crate uses can never be exact.
For determining the licenses of a dependency,
only the license and license-file attributes of a Cargo manifest are used.
Similarly, the authors are also only pulled from the Cargo manifest.
Therefore, you should always consult with a legal professional, if the output of this crate meets the obligations of all licenses of your dependencies, before using this crate.
Alternatives
- cargo-about is the initial inspiration for this project. It chooses a different approach and generates a static file from a handlebars template.
- cargo-deny is a linter for dependencies,
including their licenses.
It also offers the
cargo deny listsubcommand for listing all licenses of dependencies (and the dependencies that use them). - cargo-license outputs a list similar to
cargo deny list, but has a more configurable output. - cargo-cyclonedx creates a CycloneDX SBOM for a crate.
All alternatives do not allow running at compile time (as a proc-macro) and using the result at runtime.
License
This project is available under the terms of the MPL 2.0. The exact details can be found in the header of each file.