Discover dependency license information with ClearlyDefined
License discovery and record-keeping for crates
- Track: Rust devroom
- Room: K.3.401
- Day: Sunday
- Start: 09:00
- End: 09:25
Complying with license obligations can incur a lot of hurdles. This results in developers skipping compliance or failing to achieve correct compliance. To compound this, package authors sometimes fail to describe the license of their package clearly or omit license information of included files. ClearlyDefined is a community curated repository of discovered license information for Crates packages, among other types.
This talk will cover: the importance of the license obligations of the dependencies of your Rust package, tool, or application. How to discover the license information of those packages. And demonstrate some Cargo compatible tooling that allows automated license recordkeeping and notice file generation as a part of your CI system.
Speakers
Jeff Mendoza |