This repository was archived by the owner on Feb 1, 2025. It is now read-only.
This repository was archived by the owner on Feb 1, 2025. It is now read-only.
Closed
Description
Hi,
thanks for a great tool, it's been really helpful to us in our documentation process about usage of OSS libraries.
One thing that we are missing is a clearer distinction between :
- "non dev" dependencies : which end up as part of our final build product
- "dev" dependencies : which only exist for tooling and during development process
While the rules for license usage are usually strict for "non dev" dependencies (you don't want to build something that rely on viral licenses, that would force you to publish your product under the same license), they can sometimes be relaxed for "dev" dependencies.
Some of the parts where it would be useful to be refect it :
- listing of found dependencies : why is it listed ? "direct dev dependency" vs "direct prod dependency" ... (vs transitive dependency only for dev / transitive dependency only for prod / transitive dependency for both)
- configuration : ignore dev dependencies from list / have difference rules for valid licenses for dev vs "non-dev"
I hope I'm explaining myself 😅