rules_license
This repository contains a set of rules and tools for - declaring metadata about packages, such as - the licenses the package is available under - the canonical package name and version - copyright information - ... and more TBD in the future - gathering those license declarations into artifacts to ship with code - applying organization specific compliance constriants against the set of packages used by a target. - (eventually) producing SBOMs for built artifacts.
WARNING: The code here is still in active initial development and will churn a lot.
If you want to follow along:
- Mailing list: bazel-ssc@bazel.build
- Monthly eng meeting: calendar link
- Latest docs
Background reading: These is for learning about the problem space, and our approach to solutions. Concrete specifications will always appear in checked in code rather than documents. - License Checking with Bazel. - OSS Licenses and Bazel Dependency Management - Adding OSS license declarations to Bazel