NHacker Next
  • new
  • past
  • show
  • ask
  • show
  • jobs
  • submit
Feluda – A CLI tool to detect restrictive licenses in dependencies (crates.io)
41 points by anistark 4 days ago | 13 comments
anistark 4 days ago [-]
Hey folks,

I built Feluda, a Rust-based CLI tool that scans your project's dependencies and flags restrictive licenses before they become a problem.

It currently supports Rust, Node.js, and Go projects. It checks for GPL, AGPL, SSPL, and other restrictive licenses that may limit how you use your project commercially.

Try it out:

``` cargo install feluda feluda ```

I’d love feedback! Are there specific license edge cases you'd like covered? Features you'd want in a CI/CD setup? Happy to discuss and iterate!

henvic 10 hours ago [-]
As a critic of such licenses (https://medium.com/@henvic/opensource-and-go-what-license-f6...), I love it!
eadmund 11 hours ago [-]
The GPL and AGPL are not restrictive: they ensure that you do not restrict your users.

Freedom looks like tyranny, to a tyrant.

korkybuchek 14 hours ago [-]
Shout out to my dawg Satyajit Ray
G1N 15 hours ago [-]
Would you be open to a PR adding support for installing from npm? Not sure if you guys are willing/ comfortable to publish there as well, but did notice you already have Node support for scanning
pabs3 11 hours ago [-]
GPL/AGPL don't limit commercial use.
arunabha 7 hours ago [-]
Additional context: The name(probably) comes from https://en.wikipedia.org/wiki/Feluda
cglong 15 hours ago [-]
Any reason the repo license is MIT but the crate is CC-BY-NC-ND-4.0? The latter is ironic, given this project's scope :)
alain_gilbert 15 hours ago [-]
I think you have some bugs. I ran it on my project which has 60 direct dependencies in my "go.mod" file, and feluda's output says `Total dependencies scanned: 2`

EDIT: there was a package.json in the same folder, that's what caused the "bug"

pabs3 11 hours ago [-]
The MIT with Commons Clause license is pretty restrictive, does this crate flag itself?
JackYoustra 13 hours ago [-]
Amazing project! Any reason why the path is -p and not just the first argument after like most cli tools?
wanderingmind 14 hours ago [-]
Amazing work. Does something similar exist for Python? Would love to have something similar integrated for Python dependencies from pypi as well.
G1N 14 hours ago [-]
Seems like Python support is up next for this project: https://github.com/anistark/feluda/pull/18
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact
Rendered at 12:36:07 GMT+0000 (Coordinated Universal Time) with Vercel.