wwhrd does not check license of dependencies only used in tests ( *_test.go)

[breml]

While checking the results of the update in #46, I found out, that _test.go files are skipped. I was not aware of this and I think it is nowhere documented. Anyway, I would like to have an option/flag to enable the inclusion of the _test.go files in order to check all licenses, that are touched by a Go repository.

The respective check is here:

wwhrd/walker.go

Line 380 in dc59aff

if strings.HasSuffix(path, "_test.go") {

[frapposelli]

@breml yes, this was a deliberate design choice as testing dependencies are not compiled into the shipping binaries thus normally not subjected to license checks (e.g., I could test my software with a GPL-2 library and distribute it with an incompatible license).

That said, having an optional toggle for that is a good idea. I'll add it to the backlog.

[breml]

@frapposelli Thanks for your reply and for adding this issue to the backlog. I guess the main problem for me has been, that this behavior is not documented. So as a quick fix, maybe we can just improve the documentation and make it explicit, that dependencies in _test.go are ignored.

I still think, it would be good to have an additional option to control, how dependencies used only in tests are handled. I agree with you, that e.g. GPL-2 is not a problem, when used in test. The other day I realized though, that we have used https://github.com/bouk/monkey in one of our tests and the license is pretty adventurous from a business point of view, even if used in tests.

With all of this said, I think it would be good to have the flag to check the licenses used in tests as well. Additionally I assume, that this change would make it necessary to have the respective sections in the config file as well to config a blacklist, whitelist and exceptions for licenses used only in tests.

[frapposelli]

Cutting v0.4.0-rc.1 with this enhancement right now.