Log License#

PyPI Downloads Status Python Version License

Read the documentation at https://loglicense.readthedocs.io/ Tests Codecov

pre-commit Black

A tool for helping developers staying compliant within their software projects. The tool crawls dependencies and logs their licenses, allowing to document and restrict certain licenses within a software project.

DISCLAIMER: There is no guarentee that all sublicenses or licenses will be identified and reported. For highest ensurance, use lock files to also catch sub-dependencies. However, this only looks within the given package manager, meaning C libraries and alike will not be reported here.

Features#

  • Report and save log of licenses included in project

  • Check coverage of packages supported accepted licenses

  • Supporting pre-commits with coverage thresholds and allowing manual validation of unknown license types

Supported dependency files#

Though the tool supports multiple file types, it is highly recommended to use lock files or do a ´pip freeze > requirements.txt´ in order to ensure all sub-dependencies are also evaluated for their license.

  • poetry.lock

  • pyproject.toml (traditional and poetry)

  • requirements.txt (–develop adds search for requirements_dev.txt)

Supported package managers#

  • pypi

Installation#

You can install Log License via pip from PyPI:

$ pip install loglicense

or using Poetry

$ poetry add loglicense

Quick example#

Please see the Command-line Reference for details.

$ loglicense report path_to/poetry.lock

Example output:

| Name               | License                            |
|:-------------------|:-----------------------------------|
| click              | BSD-3-Clause                       |
| colorama           | BSD                                |
| importlib-metadata | Apache Software License            |
| pathlib            | MIT License                        |
| tabulate           | MIT                                |
| toml               | MIT                                |
| typer              | MIT License                        |
| typing-extensions  | Python Software Foundation License |
| zipp               | MIT License                        |

Alternatively you can let it search the executed directory for any supported file

$ loglicense report

Features to implement#

  • Support npmjs package manager (and package.json/package-lock.json)

  • Support Pipfile, Pipfile.lock, conda.yaml, pip freeze

Contributing#

Contributions are very welcome. To learn more, see the Contributor Guide.

License#

Distributed under the terms of the Apache 2.0 license, Log License is free and open source software.

Issues#

If you encounter any problems, please file an issue along with a detailed description.

Credits#

This project was generated from @cjolowicz’s Hypermodern Python Cookiecutter template.

This project is greatly inspired by dep-license created by Abdulelah Bin Mahfoodh.