Check python packages from requirement.txt and report issues
Reason this release was yanked:
liccheck is up to date now
Project description
Python License Checker
Check python packages from requirement.txt and report license issues.
About
You can define a list of authorized licenses, authorized packages, unauthorized licenses.
The tool will check the requirement.txt files, check packages and their dependencies and return an error if some packages are not compliant against the strategy. A package is considered as not compliant when its license is in the unauthorized license list or is unknown. A package is considered as compliant when its license is in authorized license list, or if the package is itself in the list of authorized packages.
How to install
$ pip install liccheck
How to use
liccheck will read the requirement.txt and check packages agains a strategy defined in the ini file. If the file is not specified on command line, it will lookup for requirement.txt in the current folder. You have to setup an ini file with an authorized license list, unauthorized license list, authorized package list.
Here is an example of a strategy:
# Authorized and unauthorized licenses in LOWER CASE
[Licenses]
authorized_licenses:
bsd
new bsd
bsd license
new bsd license
simplified bsd
apache
apache 2.0
apache software license
gnu lgpl
lgpl with exceptions or zpl
isc license
isc license (iscl)
mit
mit license
python software foundation license
zpl 2.1
unauthorized_licenses:
gpl v3
[Authorized Packages]
# Python software license (see http://zesty.ca/python/uuid.README.txt)
uuid: 1.30
For demo purpose, let’s say your requirement.txt file contains this:
Flask>=0.12.1 flask_restful jsonify psycopg2>=2.7.1 nose scipy scikit-learn pandas numpy argparse uuid sqlbuilder proboscis pyyaml>=3.12
The execution will output this:
$ liccheck -s my_strategy.ini -r my_project/required.txt gathering licenses...23 packages and dependencies. check forbidden packages based on licenses...none check authorized packages based on licenses...19 packages. check authorized packages...4 packages. check unknown licenses...none
If some dependencies are unknown or are not matching strategy, the output will be something like:
$ liccheck -s my_strategy.ini -r my_project/required.txt
gathering licenses...32 packages and dependencies.
check forbidden packages based on licenses...1 forbidden packages :
Unidecode (0.4.21) : GPL ['GNU General Public License v2 or later (GPLv2+)']
dependencye(s):
Unidecode << python-slugify << yoyo-migrations
check authorized packages based on licenses...24 packages.
check authorized packages...6 packages.
check unknown licenses...1 unknown packages :
feedparser (5.2.1) : UNKNOWN []
dependencye(s):
feedparser
Licensing
See LICENSE
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for liccheck2-0.1.4-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 93c5dab46c737ada221c119d3a43b837397c806e64e8657427c8b3ed50482f3d |
|
| MD5 | da657131250c14d2439f2ece9588622b |
|
| BLAKE2b-256 | 8fe9e626f73a43b9c71730a70ec2bcc4e87a7ed75d9b9dd6beaedf9d1b0fc616 |
