Retrieve licenses for purl documented dependencies.

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jboursier from gravatar.com jboursier

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: jboursier
  • Tags security , cli , license , purl , opensource , utility
  • Requires: Python <4, >=3.12
Classifiers
Report project as malware

Project description

purl-license-checker

Retrieve licenses for purl documented dependencies.

This cli utility takes one or more purl formatted urls from stdin and will try to find the license attached to each of them, by querying various package managers databases.

This is particularly useful to fill GitHub's Dependabot gap of missing 90% of licenses.

Installation

Builds are available in the Releases tab.

  • Pypi:
pip install purl-license-checker
  • Manually:
python -m pip install /full/path/to/purl-license-checker-xxx.whl

# e.g: python3 -m pip install Downloads/purl-license-checker-0.5.0-none-any.whl

Usage

purl-license-checker -h or see the wiki.

Development

Build

Install Poetry first, then:

make dev

Bump the version number

  • Bump the version number: poetry version x.x.x
  • Update the __version__ field in src/cli.py accordingly.

Publish a new version

Requires syft to be installed to generate the sbom.

  1. Bump the version number as described above
  2. make deps to update the dependencies
  3. make release to build the packages
  4. git commit -a -S Bump to version 1.1.2 and git tag -s v1.1.2 -m "1.1.2"
  5. Upload dist/*, checksums.sha512 and checksums.sha512.asc to a new release in GitHub.

Miscellaneous

This repository is provided as-is and isn't bound to Malwarebytes' SLA.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for jboursier from gravatar.com jboursier

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: MIT License (MIT)
  • Author: jboursier
  • Tags security , cli , license , purl , opensource , utility
  • Requires: Python <4, >=3.12
Classifiers

Release history Release notifications | RSS feed

0.3.0

0.2.0

0.0.2

This version

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

purl_license_checker-0.0.1.tar.gz (4.7 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

purl_license_checker-0.0.1-py3-none-any.whl (4.7 kB view details)

Uploaded Python 3

File details

Details for the file purl_license_checker-0.0.1.tar.gz.

File metadata

  • Download URL: purl_license_checker-0.0.1.tar.gz
  • Upload date:
  • Size: 4.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: poetry/2.0.1 CPython/3.13.1 Darwin/24.2.0

File hashes

Hashes for purl_license_checker-0.0.1.tar.gz
Algorithm Hash digest
SHA256 de4559b68d5e85bf3f7d883e904f21621c81382b41a92ebaa695416de9db6bad
MD5 7d86a6c946d2ace5071cb028e0beaebc
BLAKE2b-256 1162dac6954b1bef56398eaabea383bdcc9d8f3b58e6ed2c1b597d989fe17087

See more details on using hashes here.

File details

Details for the file purl_license_checker-0.0.1-py3-none-any.whl.

File metadata

File hashes

Hashes for purl_license_checker-0.0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 2703231c67bee8e808572e4524002338bfbeedf9317de2d0f9def17109b500ae
MD5 a46eb987889a1129e2a5dbee104b7492
BLAKE2b-256 960ab2a5e5be9eaea4de26187922d001cfa03803831117e52a6c3a08a2fdd525

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page