[Idpy-discuss] [Satosa-dev] Licences of SatoSa and all dependencies

On Wed, 4 Apr 2018 at 11:42, Niels van Dijk <niels.vandijk at surfnet.nl> wrote: Also, related to: [Idpy-discuss] SaToSa (and dependencies) licenses and copyright https://lists.sunet.se/pipermail/idpy-discuss/2018-May/000161.html I have been looking for ways to automate dependency tracking and license compliance. Bellow is a list of tools that do that. If anyone has tried any of the tools, feedback would be appreciated. - FOSSA https://fossa.io/ Managed dependency tracking and license compliance as a (paid) service. From the FAQ: - Fossology https://www.fossology.org https://github.com/fossology/fossology Self-hosted; PHP/C; Free and Open Source; Supported by the Linux Foundation. - scancode-toolkit https://github.com/nexB/scancode-toolkit/wiki https://github.com/nexB/scancode-toolkit/ Self-hosted; Python; Free and Open Source - Licensee http://ben.balter.com/licensee/ https://github.com/benbalter/licensee Self-hosted; Ruby; Free and Open Source - Ninka http://ninka.turingmachine.org/ https://github.com/dmgerman/ninka Self-hosted; Perl; Free and Open Source ( compares to a big list of predefined licenses: https://github.com/dmgerman/ninka/tree/master/t/data/licenses ) - Speedy LIcense Checker https://github.com/gerv/slic Self-hosted; C; Free and Open Source And on a side note, dependency vulnerability checkers: - snyk https://snyk.io/ Managed vulnerability checker as a (paid) service. - Dependency Track https://dependencytrack.org/ https://github.com/DependencyTrack/dependency-track https://www.owasp.org/index.php/OWASP_Dependency_Track_Project Self-hosted; Java; Free and Open Source; Supported by OWASP Hopefully, these will prove helpful to the community, Cheers, -- Ivan c00kiemon5ter Kanakarakis >:3