{"id":19933737,"url":"https://github.com/bazelbuild/rules_license","last_synced_at":"2025-03-01T11:44:03.828Z","repository":{"id":39713154,"uuid":"256319745","full_name":"bazelbuild/rules_license","owner":"bazelbuild","description":null,"archived":false,"fork":false,"pushed_at":"2024-11-07T14:02:37.000Z","size":285,"stargazers_count":82,"open_issues_count":58,"forks_count":31,"subscribers_count":15,"default_branch":"main","last_synced_at":"2025-01-12T01:56:17.030Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Starlark","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/bazelbuild.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"docs/CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"docs/CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-04-16T20:13:55.000Z","updated_at":"2024-12-17T15:58:27.000Z","dependencies_parsed_at":"2024-09-05T15:28:56.712Z","dependency_job_id":"1ceb4980-d6ba-44c9-901b-e45af6610bc4","html_url":"https://github.com/bazelbuild/rules_license","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bazelbuild%2Frules_license","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bazelbuild%2Frules_license/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bazelbuild%2Frules_license/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/bazelbuild%2Frules_license/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/bazelbuild","download_url":"https://codeload.github.com/bazelbuild/rules_license/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241361398,"owners_count":19950379,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-12T23:14:42.097Z","updated_at":"2025-03-01T11:44:03.805Z","avatar_url":"https://github.com/bazelbuild.png","language":"Starlark","funding_links":[],"categories":["Starlark"],"sub_categories":[],"readme":"# rules_license\n\nCI: [![Build status](https://badge.buildkite.com/e12f23186aa579f1e20fcb612a22cd799239c3134bc38e1aff.svg)](https://buildkite.com/bazel/rules-license)\n\nThis repository contains a set of rules and tools for\n- declaring metadata about packages, such as\n  - the licenses the package is available under\n  - the canonical package name and version\n  - copyright information\n  - ... and more TBD in the future\n- gathering license declarations into artifacts to ship with code\n- applying organization specific compliance constriants against the\n  set of packages used by a target.\n- producing SBOMs for built artifacts.\n\nWARNING: The code here is still in active initial development and will churn a lot.\n\n## Contact\n\nIf you want to follow along:\n- Mailing list: [bazel-ssc@bazel.build](https://groups.google.com/a/bazel.build/g/bazel-ssc)  \n- Monthly eng meeting: [calendar link](MjAyMjA4MjJUMTYwMDAwWiBjXzUzcHBwZzFudWthZXRmb3E5NzhxaXViNmxzQGc\u0026tmsrc=c_53pppg1nukaetfoq978qiub6ls%40group.calendar.google.com\u0026scp=ALL)\n- [Latest docs](https://bazelbuild.github.io/rules_license/latest.html)\n\n## Roadmap\n\n*Last update: October 22, 2023*\n\n### Q4 2023\n\n- Reference implementation for \"packages used\" tool\n  - produce JSON output usable for SBOM generation or other compliance reporting.\n- Reference implementation for an SPDX SBOMM generator\n  - Support for reading bzlmod lock file\n  - Support for reading maven lock file\n- \"How To\" guides\n  - produce a license audit\n  - produce an SBOM\n\n### Q1 2024\n\n- Add support for other package manager lock file formats\n  - ? Python\n  - Golang\n  - NodeJS\n- More SPDX SBOM fields\n  - support for including vendor SBOMs\n  - \n\n### Beyond\n\n- Performance improvements\n- Sub-SBOMs for tools\n\n\n- TBD\n\n## Background reading:\n\nThese is for learning about the problem space, and our approach to solutions. Concrete specifications will always appear in checked in code rather than documents.\n- [License Checking with Bazel](https://docs.google.com/document/d/1uwBuhAoBNrw8tmFs-NxlssI6VRolidGYdYqagLqHWt8/edit#).\n- [OSS Licenses and Bazel Dependency Management](https://docs.google.com/document/d/1oY53dQ0pOPEbEvIvQ3TvHcFKClkimlF9AtN89EPiVJU/edit#)\n- [Adding OSS license declarations to Bazel](https://docs.google.com/document/d/1XszGbpMYNHk_FGRxKJ9IXW10KxMPdQpF5wWbZFpA4C8/edit#heading=h.5mcn15i0e1ch)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbazelbuild%2Frules_license","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbazelbuild%2Frules_license","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbazelbuild%2Frules_license/lists"}