Allow licenses to be filtered


In many enterprises legal departments only allow certain licenses (say BSD and Apache are good but GPL and MPL are not allowed). In these situations it can be hard for developers to easily tell which packages support the required licenses.

If the type of licenses was filterable a group could create their own "pass-thru" Nuget server that automatically filtered packages that supported the corporate policy.


Haacked wrote Aug 16, 2011 at 10:56 PM

Great idea and something we've wanted to do for a while. I'll take some time to spec it out and consider it for 1.6 or later.

FilipDeVos wrote Apr 4, 2013 at 3:02 PM

We need especially a way to filter out packages without a license. Many packages are compiled from open source projects which require the license terms to be included. Installing these packages is a direct license breach. (http://nuget.org/packages/EntityFramework.Migrations/ used to be an example.)

Terrible as it is, it should even be possible to filter out packages where dependent packages have incompatible licenses.

(These are real issues. When a potential buyer of your company is doing a proper due diligence, the license requirements of your software dependencies will be checked.)