A few months ago, we spent some time cleaning up our licenses for Apache. In order to find the problem licenses, I wrote a semi-general–purpose tool for validating the repo for Apache. I put in a PR in February to get it running automatically in the CI, but the TC repo isn't really the place for a tool like that.
So I took the tool, renamed it Weasel (it's a cousin to Rat :) ), and tossed it into a repo all alone, where it can be used as a general purpose tool. I just created a PR for running Weasel from our docker builds, which should get them running in our CI. That's great, because it means significantly increased license scrutiny, all without humans intervening. Weasel isn't a straight-up replacement for Rat. It's got a lot of features that Rat doesn't have, specifically around the way we vendor our Go libraries and licensing for binary files, but Rat integrates directly with the Apache framework in a nice, visible way, and Rat has more advanced license checking. I've got a PR so you can see how it works, but what do y'all think? PR Link: https://github.com/apache/incubator-trafficcontrol/pull/809 Weasel Link: https://github.com/Comcast/weasel
