Feluda – A CLI tool to detect restrictive licenses in dependencies
8 comments
·January 31, 2025anistark
korkybuchek
Shout out to my dawg Satyajit Ray
G1N
Would you be open to a PR adding support for installing from npm? Not sure if you guys are willing/ comfortable to publish there as well, but did notice you already have Node support for scanning
cglong
Any reason the repo license is MIT but the crate is CC-BY-NC-ND-4.0? The latter is ironic, given this project's scope :)
JackYoustra
Amazing project! Any reason why the path is -p and not just the first argument after like most cli tools?
alain_gilbert
I think you have some bugs. I ran it on my project which has 60 direct dependencies in my "go.mod" file, and feluda's output says `Total dependencies scanned: 2`
EDIT: there was a package.json in the same folder, that's what caused the "bug"
wanderingmind
Amazing work. Does something similar exist for Python? Would love to have something similar integrated for Python dependencies from pypi as well.
G1N
Seems like Python support is up next for this project: https://github.com/anistark/feluda/pull/18
Hey folks,
I built Feluda, a Rust-based CLI tool that scans your project's dependencies and flags restrictive licenses before they become a problem.
It currently supports Rust, Node.js, and Go projects. It checks for GPL, AGPL, SSPL, and other restrictive licenses that may limit how you use your project commercially.
Try it out:
``` cargo install feluda feluda ```
I’d love feedback! Are there specific license edge cases you'd like covered? Features you'd want in a CI/CD setup? Happy to discuss and iterate!