A Python license checker
Project description
pylic - Python license checker

A Python license checker. pylic
is PEP-639-compliant and supports the SPDX License Expression syntax.
Principles:
- All licenses of all installed packages are relevant.
- All installed packages without a license are considered unsafe and have to be listed as such.
- Every license has to be allowed explicitly.
Installation
pip install pylic
Configuration
pylic
needs be run in the directory where your pyproject.toml
file is located. You can configure
safe_licenses
: All licenses you consider safe for usage. The string comparison is case-insensitive.unsafe_packages
: List packages that have no license or use licenses not considered safe.
[tool.pylic]
safe_licenses = [
"Apache Software License",
"Apache License 2.0",
"MIT License",
"Python Software Foundation License",
"Mozilla Public License 2.0 (MPL 2.0)",
]
unsafe_packages = [
"unsafe_package",
]
Commands
pylic
provides the following commands (also see pylic --help
):
check
: Checks all installed licenses.list
: Lists all installed packages and their corresponding license.
Usage Example
Create a venv to start with a clean ground and activate it
python -m venv .venv
source .venv/bin/activate
Install pylic
and create an empty pyproject.toml
pip install pylic
touch pyproject.toml
Install all your dependencies
pip install <packageA> <packageB>
Run pylic
pylic check
The output will be similar to
Found unsafe packages:
pkg_resources (0.0.0)
Found unsafe licenses:
pip (18.1): MIT License
zipp (3.4.1): MIT License
toml (0.10.2): MIT License
pylic (1.2.0): MIT License
setuptools (40.8.0): MIT License
typing-extensions (3.7.4.3): Python Software Foundation License
importlib-metadata (3.9.0): Apache Software License
The return code of pylic
is in this case non-zero due to unsafe licenses. This allows usage of pylic in CI.
echo $? # prints 1
As these licenses and packages are all ok we can configure pylic
accordingly
cat <<EOT >> pyproject.toml
[tool.pylic]
safe_licenses = ["Apache Software License", "MIT License", "Python Software Foundation License"]
unlicensed_packages = ["pkg_resources"]
EOT
After rerunning pylic check
the output now reveals a successful validation
✨ All licenses ok ✨
Also the return code now signals that all is good
echo $? # prints 0
Use pylic list
to list all installed packages and their corresponding licenses.
Advanced Usage
In cases where the safe licenses or unsafe packages are centrally managed keeping the configuration in perfect sync to the installed packages might be too cumbersome or even impossible. To support these use cases the check
command provides the two options (see also check --help
) --allow-extra-safe-licenses
and --allow-extra-unsafe-packages
. These options only affect the returned status code and will keep all corresponding warnings unchanged.
Pre-commit
pylic
provides a pre-commit integration. Follow the instructions and enable automatic license checking on commits by adding
- repo: https://github.com/ubersan/pylic
rev: v<version>
hooks:
- id: pylic
to your .pre-commit-config.yaml
file.
Development
Required tools:
Run uv sync
to install all necessary dependencies. Checkout the [tool.taskipy.tasks]
(see taskipy) section in the pyproject.toml
file for utility tasks. You can run these with uv run task <task>
.
Creating a new release is as simple as:
- Update
version
in the pyproject.toml and the__version__.py
file. - Run
git tag <new-version>
. - Run
git push origin <new-version>
.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pylic-5.0.1.tar.gz
.
File metadata
- Download URL: pylic-5.0.1.tar.gz
- Upload date:
- Size: 22.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.6.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
2948a64298f3f3b3a1ce8b81e0bfc6ee73eeccb5a9a8785c3c5c362d771d7f6a
|
|
MD5 |
415351e5bde07fbb6d2072e443cccee0
|
|
BLAKE2b-256 |
8080f9c03d4c6f8e6db67582408dbb4c042dd788435d95e75268af61a27729d3
|
File details
Details for the file pylic-5.0.1-py3-none-any.whl
.
File metadata
- Download URL: pylic-5.0.1-py3-none-any.whl
- Upload date:
- Size: 7.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.6.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 |
ae9a863acec4df949f005c3f30c78045a204ee19a7e4c652fdf791d72b4b8bad
|
|
MD5 |
291ef75db4bb9dcdfe22738d02a866f0
|
|
BLAKE2b-256 |
6cbfdbb14e8e2d72952784570156fa885750eaf81fd03e45c93bf5dc2c1ab97b
|