Dump the software license list of Python packages installed with pip.
Project description
Dump the software license list of Python packages installed with pip.
Table of Contents
Description
pip-licenses is a CLI tool for checking the software license of installed Python packages with pip.
Implemented with the idea inspired by composer licenses command in Composer (a.k.a PHP package management tool).
Installation
Install it via PyPI using pip command.
# Install or Upgrade to newest available version
$ pip install -U pip-licensesNote: If you are still using Python 2.7, install version less than 2.0. No new features will be provided for version 1.x.
$ pip install 'pip-licenses<2.0'Usage
Execute the command with your venv (or virtualenv) environment.
# Install packages in your venv environment
(venv) $ pip install Django pip-licenses
# Check the licenses with your venv environment
(venv) $ pip-licenses
Name Version License
Django 2.0.2 BSD
pytz 2017.3 MITCommand-Line Options
Common options
Option: from
By default, this tool finds the license from Trove Classifiers or package Metadata. Some Python packages declare their license only in Trove Classifiers.
(See also): Set license to MIT in setup.py by alisianoi ・ Pull Request #1058 ・ pypa/setuptools, PEP 314#License
For example, even if you check with the pip show command, the license is displayed as UNKNOWN.
(venv) $ pip show setuptools
Name: setuptools
Version: 38.5.0
Summary: Easily download, build, install, upgrade, and uninstall Python packages
Home-page: https://github.com/pypa/setuptools
Author: Python Packaging Authority
Author-email: distutils-sig@python.org
License: UNKNOWNThe mixed mode (--from=mixed) of this tool works well and looks for licenses.
(venv) $ pip-licenses --from=mixed --with-system | grep setuptools
setuptools 38.5.0 MIT LicenseIn mixed mode, it first tries to look for licenses in the Trove Classifiers. When not found in the Trove Classifiers, the license declared in Metadata is displayed.
If you want to look only in metadata, use --from=meta. If you want to look only in Trove Classifiers, use --from=classifier.
To list license information from both metadata and classifier, use --from=all.
Note: If neither can find license information, please check with the with-authors and with-urls options and contact the software author.
The m keyword is prepared as alias of meta.
The c keyword is prepared as alias of classifier.
The mix keyword is prepared as alias of mixed.
Default behavior in this tool
Option: order
By default, it is ordered by package name.
If you give arguments to the --order option, you can output in other sorted order.
(venv) $ pip-licenses --order=licenseOption: format
By default, it is output to the plain format.
Markdown
When executed with the --format=markdown option, you can output list in markdown format. The m md keyword is prepared as alias of markdown.
(venv) $ pip-licenses --format=markdown
| Name | Version | License |
|--------|---------|---------|
| Django | 2.0.2 | BSD |
| pytz | 2017.3 | MIT |When inserted in a markdown document, it is rendered as follows:
Name |
Version |
License |
|---|---|---|
Django |
2.0.2 |
BSD |
pytz |
2017.3 |
MIT |
reST
When executed with the --format=rst option, you can output list in “Grid tables” of reStructuredText format. The r rest keyword is prepared as alias of rst.
(venv) $ pip-licenses --format=rst
+--------+---------+---------+
| Name | Version | License |
+--------+---------+---------+
| Django | 2.0.2 | BSD |
+--------+---------+---------+
| pytz | 2017.3 | MIT |
+--------+---------+---------+Confluence
When executed with the --format=confluence option, you can output list in Confluence (or JIRA) Wiki markup format. The c keyword is prepared as alias of confluence.
(venv) $ pip-licenses --format=confluence
| Name | Version | License |
| Django | 2.0.2 | BSD |
| pytz | 2017.3 | MIT |HTML
When executed with the --format=html option, you can output list in HTML table format. The h keyword is prepared as alias of html.
(venv) $ pip-licenses --format=html
<table>
<tr>
<th>Name</th>
<th>Version</th>
<th>License</th>
</tr>
<tr>
<td>Django</td>
<td>2.0.2</td>
<td>BSD</td>
</tr>
<tr>
<td>pytz</td>
<td>2017.3</td>
<td>MIT</td>
</tr>
</table>JSON
When executed with the --format=json option, you can output list in JSON format easily allowing post-processing. The j keyword is prepared as alias of json.
[
{
"Author": "Django Software Foundation",
"License": "BSD",
"Name": "Django",
"URL": "https://www.djangoproject.com/",
"Version": "2.0.2"
},
{
"Author": "Stuart Bishop",
"License": "MIT",
"Name": "pytz",
"URL": "http://pythonhosted.org/pytz",
"Version": "2017.3"
}
]JSON LicenseFinder
When executed with the --format=json-license-finder option, you can output list in JSON format that is identical to LicenseFinder. The jlf keyword is prepared as alias of jlf. This makes pip-licenses a drop-in replacement for LicenseFinder.
[
{
"licenses": ["BSD"],
"name": "Django",
"version": "2.0.2"
},
{
"licenses": ["MIT"],
"name": "pytz",
"version": "2017.3"
}
]CSV
When executed with the --format=csv option, you can output list in quoted CSV format. Useful when you want to copy/paste the output to an Excel sheet.
(venv) $ pip-licenses --format=csv
"Name","Version","License"
"Django","2.0.2","BSD"
"pytz","2017.3","MIT"Plain Vertical
When executed with the --format=plain-vertical option, you can output a simple plain vertical output that is similar to Angular CLI’s –extractLicenses flag. This format minimizes rightward drift.
(venv) $ pip-licenses --format=plain-vertical --with-license-file --no-license-path
pytest
5.3.4
MIT license
The MIT License (MIT)
Copyright (c) 2004-2020 Holger Krekel and others
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
of the Software, and to permit persons to whom the Software is furnished to do
so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.Option: summary
When executed with the --summary option, you can output a summary of each license.
(venv) $ pip-licenses --summary --from=classifier --with-system
Count License
2 BSD License
4 MIT LicenseNote: When using this option, only --order=count or --order=license has an effect for the --order option. And using --with-authors and --with-urls will be ignored.
Option: output-file
When executed with the --output-file option, write the result to the path specified by the argument.
(venv) $ pip-licenses --format=rst --output-file=/tmp/output.rst created path: /tmp/output.rst
Option: ignore-packages
When executed with the --ignore-packages option, ignore the package specified by argument from list output.
(venv) $ pip-licenses --ignore-packages django
Name Version License
pytz 2017.3 MITPackage names of arguments can be separated by spaces.
(venv) $ pip-licenses --with-system --ignore-packages django pip pip-licenses
Name Version License
PTable 0.9.2 BSD (3 clause)
pytz 2017.3 MIT
setuptools 38.5.0 UNKNOWNOption: packages
When executed with the packages option, look at the package specified by argument from list output.
(venv) $ pip-licenses --packages django
Name Version License
Django 2.0.2 BSDPackage names of arguments can be separated by spaces.
(venv) $ pip-licenses --with-system --packages PTable pytz
Name Version License
PTable 0.9.2 BSD (3 clause)
pytz 2017.3 MITFormat options
Option: with-system
By default, system packages such as pip and setuptools are ignored.
And pip-licenses and the implicit dependency PTable will also be ignored.
If you want to output all including system package, use the --with-system option.
(venv) $ pip-licenses --with-system
Name Version License
Django 2.0.2 BSD
PTable 0.9.2 BSD (3 clause)
pip 9.0.1 MIT
pip-licenses 1.0.0 MIT License
pytz 2017.3 MIT
setuptools 38.5.0 UNKNOWNOption: with-urls
For packages without Metadata, the license is output as UNKNOWN. To get more package information, use the --with-urls option.
(venv) $ pip-licenses --with-urls
Name Version License URL
Django 2.0.2 BSD https://www.djangoproject.com/
pytz 2017.3 MIT http://pythonhosted.org/pytzOption: with-description
When executed with the --with-description option, output with short description of the package.
(venv) $ pip-licenses --with-description
Name Version License Description
Django 2.0.2 BSD A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
pytz 2017.3 MIT World timezone definitions, modern and historicalOption: with-license-file
When executed with the --with-license-file option, output the location of the package’s license file on disk and the full contents of that file. Due to the length of these fields, this option is best paired with --format=json.
If you also want to output the file NOTICE distributed under Apache License etc., specify the --with-notice-file option additionally.
Note: If you want to keep the license file path secret, specify --no-license-path option together.
Option: filter-strings
Some package data contains Unicode characters which might cause problems for certain output formats (in particular ReST tables). If this filter is enabled, all characters which cannot be encoded with a given code page (see --filter-code-page) will be removed from any input strings (e.g. package name, description).
Option: filter-code-page
If the input strings are filtered (see --filter-strings), you can specify the applied code page (default latin-1). A list of all available code pages can be found codecs module document.
Verify options
Option: fail-on
Fail (exit with code 1) on the first occurrence of the licenses of the semicolon-separated list
If --from=all, the option will apply to the metadata license field.
(venv) $ pip-licenses --fail-on="MIT License;BSD License"Note: Packages with multiple licenses will fail if at least one license is included in the fail-on list. For example:
# keyring library has 2 licenses $ pip-licenses | grep keyring keyring 21.4.0 Python Software Foundation License, MIT License # If just "Python Software Foundation License" is specified, it will fail. $ pip-licenses --fail-on="Python Software Foundation License;" $ echo $? 1
Option: allow-only
Fail (exit with code 1) if none of the package licenses are in the semicolon-separated list
If --from=all, the option will apply to the metadata license field.
(venv) $ pip-licenses --allow-only="MIT License;BSD License"Note: Packages with multiple licenses will only be allowed if at least one license is included in the allow-only list. For example:
# keyring library has 2 licenses $ pip-licenses --package keyring Name Version License keyring 23.0.1 MIT License; Python Software Foundation License # One or both licenses must be specified (order does not matter). Following checks will pass: $ pip-licenses --package keyring --allow-only="MIT License" $ pip-licenses --package keyring --allow-only="BSD License;MIT License" $ pip-licenses --package keyring --allow-only="Python Software Foundation License" $ pip-licenses --package keyring --allow-only="Python Software Foundation License;MIT License" # If none of the license in the allow list match, the check will fail. $ pip-licenses --package keyring --allow-only="BSD License" $ echo $? 1
More Information
Other, please make sure to execute the --help option.
Dockerfile
You can check the package license used by your app in the isolated Docker environment.
# Clone this repository to local
$ git clone https://github.com/raimon49/pip-licenses.git
$ cd pip-licenses
# Create your app's requirements.txt file
# Other ways, pip freeze > docker/requirements.txt
$ echo "Flask" > docker/requirements.txt
# Build docker image
$ docker build . -t myapp-licenses
# Check the package license in container
$ docker run --rm myapp-licenses
Name Version License
Click 7.0 BSD License
Flask 1.0.2 BSD License
Jinja2 2.10 BSD License
MarkupSafe 1.1.1 BSD License
Werkzeug 0.15.2 BSD License
itsdangerous 1.1.0 BSD License
# Check with options
$ docker run --rm myapp-licenses --summary
Count License
4 BSD
2 BSD-3-Clause
# When you need help
$ docker run --rm myapp-licenses --helpNote: This Docker image can not check package licenses with C and C ++ Extensions. It only works with pure Python package dependencies.
If you want to resolve build environment issues, try adding build-base packages and more.
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,6 +7,8 @@ WORKDIR ${APPDIR}
COPY ./docker/requirements.txt ${APPDIR}
+RUN set -ex && apk add --no-cache --update --virtual .py-deps \
+ build-base
RUN python3 -m venv ${APPDIR}/myapp \
&& source ${APPDIR}/myapp/bin/activateAbout UnicodeEncodeError
If a UnicodeEncodeError occurs, check your environment variables LANG and LC_TYPE.
Often occurs in isolated environments such as Docker and tox.
See useful reports:
License
Dependencies
PTable by Luke Maurits and maintainer of fork version Kane Blueriver under the BSD-3-Clause License
Note: Alternatively, it works fine with the PrettyTable package. (See also): Allow using prettytable #52
pip-licenses has been implemented in the policy to minimize the dependence on external package.
Uninstallation
Uninstall package and dependent package with pip command.
$ pip uninstall pip-licenses PTableContributing
CHANGELOG
4.0.0
Support for Python 3.11
Dropped support Python 3.7
Breaking changes
Does not work with PTable and depends on prettytable
Depend on importlib_metadata rather than pip
3.5.5
Search for path defined in PEP 639 with --with-license-file option
Dropped support Python 3.6
3.5.4
Skip directories when detecting license files
3.5.3
Support pip 21.3 or later
3.5.2
Ignore spaces around --fail-on and --allow-only parameters
3.5.1
Fix the order in which multiple licenses are output
3.5.0
Handle multiple licenses better with options --fail-on and --allow-only
Small change in output method for multiple licenses, change the separator from comma to semicolon
Up to 3.4.0: Python Software Foundation License, MIT License
3.5.0 or later: Python Software Foundation License; MIT License
3.4.0
Implement new option --packages
3.3.1
Fix license summary refer to --from option
3.3.0
Improves the readability of the help command
3.2.0
Implement new option --from=all
Change license notation under SPDX license identifier style
3.1.0
Implement new option for use in continuous integration
--fail-on
--allow-only
3.0.0
Dropped support Python 3.5
Clarified support for Python 3.9
Migrate package metadata to setup.cfg
Breaking changes
Change default behavior to --from=mixed
2.3.0
Implement new option for manage unicode characters
--filter-strings
--filter-code-page
2.2.1
Fixed the file that is selected when multiple matches are made with LICENSE* with run --with-license-file
2.2.0
Implement new option --with-notice-file
Added to find British style file name LICENCE with run --with-license-file
2.1.1
Suppress errors when opening license files
2.1.0
Implement new option --format=plain-vertical
Support for outputting license file named COPYING *
2.0.1
Better license file open handling in Python 3
2.0.0
Dropped support Python 2.7
Breaking changes
Removed migration path to obsolete options
--from-classifier
--format-markdown
--format-rst
--format-confluence
--format-html
--format-json
Implement new option --no-license-path
1.18.0
Supports compatibility to work with either PTable or prettytable
1.17.0
Implement new option --output-file
Clarified support for Python 3.8
1.16.1
Add a help text for --format=json-license-finder option
1.16.0
Implement new option --format=json-license-finder
1.15.2
Read license file works well with Windows
1.15.1
Skip parsing of license file for packages specified with --ignore-packages option
1.15.0
Implement new option --format=csv
1.14.0
Implement new option --from=mixed as a mixed mode
1.13.0
Implement new option --from=meta, from=classifier
Dropped support Python 3.4
1.12.1
Fix bug
Change warning output to standard error
1.12.0
Supports execution within Docker container
Warning of deprecated options
Fix bug
Ignore OSI Approved string with multiple licenses
1.11.0
Implement new option --with-license-file
1.10.0
Implement new option --with-description
1.9.0
Implement new option --summary
1.8.0
Implement new option --format-json
Dropped support Python 3.3
1.7.1
Fix bug
Support pip 10.x
1.7.0
Implement new option --format-confluence
1.6.1
Fix bug
Support display multiple license with --from-classifier option
Improve document
Add section of ‘Uninstallation’ in README
1.6.0
Implement new option --format-html
1.5.0
Implement new option --format-rst
1.4.0
Implement new option --format-markdown
Include LICENSE file in distribution package
1.3.0
Implement new option --ignore-packages
1.2.0
Implement new option --from-classifier
1.1.0
Improve document
Add ToC to README document
Add a information of dependencies
1.0.0
First stable release version
0.2.0
Implement new option --order
Default behavior is --order=name
0.1.0
First implementation version
Support options
--with-system
--with-authors
--with-urls
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for pip_licenses-4.0.0rc3-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | be2ea1462713edb437b0f30059ff27b3d78adb3ba8c42bffd0a43bae5e0cadea |
|
| MD5 | d18bcaf6dcf5b956aee075cb6b4d6981 |
|
| BLAKE2b-256 | a4fa590328c12ed3a0c9f0d59bd3a0f4a372bce877af70b836e1a8490309da43 |
