Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Idea] Allow license rules to be specified for dependencies pulled in by an LLM #1079

Open
dmjb opened this issue Feb 17, 2025 · 0 comments
Open

[Idea] Allow license rules to be specified for dependencies pulled in by an LLM #1079

dmjb opened this issue Feb 17, 2025 · 0 comments

Comments

@dmjb
Copy link
Member

dmjb commented Feb 17, 2025
edited
Loading

Summary:

An LLM may pull in dependencies with unsuitable licenses for the project that is being built. Make it possible to prevent dependencies from being included if they have an unacceptable or ill-defined license, or at least warn about them.

Why Is This Feature Important?:

  • Open source projects may want to avoid pulling in libraries with incompatible licenses, e.g. a BSD licensed project may not want GPL code in their codebase.
  • This is also applicable to commercial customers for similar reasons (e.g. a company may want to avoid AGPL dependencies).

Examples:

As a developer, I can specify that I want to avoid specific licenses, or specify an allow-list of acceptable licenses. Codegate can either filter out or flag suggestions from an LLM if the LLM-generated code pulls in a package with an unsuitable license. This could be further augmented with suggestions using the alternatives feature of Insight.

Challenges & Considerations:

The dataset could be quite large.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dmjb @lukehinds