The Python third_party_license_file_generator is aimed at distilling down the appropriate license for one or many pip "requirements" files into a single file; it supports Python2.7 and Python3.
Project description
# Python third_party_license_file_generator
The Python third_party_license_file_generator is aimed at distilling down the appropriate license for one or many pip "requirements" files into a single file; it supports Python2.7 and Python3.
## How do I install it?
$ pip install third-party-license-file-generator
## How do I use it?
$ python -m third_party_license_file_generator -h
## How does it work?
With no arguments (other than a pip "requirements" file and a Python executable path that has those requirements installed), the process is as follows:
- walk the given Python executable's site-packages folder and build up package metadata (and license files, if present)
- filter down by packages that are listed in the pip "requirements" file (and those packages dependencies, and their dependencies, and their dependencies... you get the gist)
- note: it follows "-r some_file.txt" references found in the pip "requirements" files
- if a license name could not be secured for a package, try to gather that from the package's PyPI web page
- if a license name has still not been secured and the package lists a GitHub home page, try to find a license from there
- otherwise, assume the package to be commercially licensed (as it is legally understood that is the case)
- if a license file could not be secured for a package and the package lists a GitHub home page, try to find a license from there
- otherwise, create a license (for the known license name) from a local collection of licenses (within the Python Third Party License Generator)
- show a summary of packages against licenses to the user
- build a THIRDPARTYLICENSES file in the current folder
- give a return code of zero for success or non-zero for failures (e.g. GPL-licensed packages detected when specified to not permit GPL)
It's worth noting that information learned about packages is cached- so if you have to build one third party licenses file for a large project that has many components with many dependencies (but some overlap) then it's best to specify all those pip "requirements" files and Python executable paths in a single call to the Python third_party_license_file_generator as it will take less time overall.
You can specify a number of command line options (check syntax with -h) to do things like the following:
- handle multiple pip "requirements" files
- handle multiple Python executable paths
- whether or not to permit GPL-licensed packages (default no)
- specific GPL-licensed package exceptions (e.g. if a package lists exceptions to the GPL that may suit your needs but is still GPL-licensed)
- whether or not to permit comercially-licensed packages (default no)
- specific comercially-licensed package exceptions (e.g. if you have a license for a package or if you own a package)
- a "skip prefix" (e.g. if you want to skip all packages starting with a certain string)
- disable internet lookups (if you don't want to pull data from PyPI and GitHub)
## Examples
Two different pip "requirements" files, two different Python paths (Virtualenvs) and a skip prefix:
python -m third_party_license_file_generator \
-r requirements-py.txt \
-p ~/.virtualenvs/backend_py/bin/python \
-r requirements-pypy.txt \
-p ~/.virtualenvs/backend_pypy/bin/python \
--skip-prefix ims-
Please note that pip "requirements" files and Python executable paths are paired together in the order they're specified.
Three different pip "requirements" files, two different Python paths (Virtualenvs), a GPL exception and a custom output file:
python -m third_party_license_file_generator \
-r requirements.txt \
-p ~/.virtualenvs/api_pypy/bin/python \
-r pypy_requirements.txt \
-p ~/.virtualenvs/api_pypy/bin/python \
-r cpython_requirements.txt \
-p ~/.virtualenvs/api_py/bin/python \
--gpl-exception uwsgi
--output-file ThirdPartyLicenses.txt
An example of the structure of the generated third party license file is as follows:
Start of 'ThirdPartyLicenses.txt' generated by Python third_party_license_generator at 2018-04-19 12:36:58.627421
----------------------------------------
Package: Django
License: BSD-3-clause
Requires: pytz
Author: Django Software Foundation <foundation@djangoproject.com>
Home page: https://www.djangoproject.com/
(license content appears here in full)
----------------------------------------
End of 'ThirdPartyLicenses.txt' generated by Python third_party_license_generator at 2018-04-19 12:36:58.627825
The Python third_party_license_file_generator is aimed at distilling down the appropriate license for one or many pip "requirements" files into a single file; it supports Python2.7 and Python3.
## How do I install it?
$ pip install third-party-license-file-generator
## How do I use it?
$ python -m third_party_license_file_generator -h
## How does it work?
With no arguments (other than a pip "requirements" file and a Python executable path that has those requirements installed), the process is as follows:
- walk the given Python executable's site-packages folder and build up package metadata (and license files, if present)
- filter down by packages that are listed in the pip "requirements" file (and those packages dependencies, and their dependencies, and their dependencies... you get the gist)
- note: it follows "-r some_file.txt" references found in the pip "requirements" files
- if a license name could not be secured for a package, try to gather that from the package's PyPI web page
- if a license name has still not been secured and the package lists a GitHub home page, try to find a license from there
- otherwise, assume the package to be commercially licensed (as it is legally understood that is the case)
- if a license file could not be secured for a package and the package lists a GitHub home page, try to find a license from there
- otherwise, create a license (for the known license name) from a local collection of licenses (within the Python Third Party License Generator)
- show a summary of packages against licenses to the user
- build a THIRDPARTYLICENSES file in the current folder
- give a return code of zero for success or non-zero for failures (e.g. GPL-licensed packages detected when specified to not permit GPL)
It's worth noting that information learned about packages is cached- so if you have to build one third party licenses file for a large project that has many components with many dependencies (but some overlap) then it's best to specify all those pip "requirements" files and Python executable paths in a single call to the Python third_party_license_file_generator as it will take less time overall.
You can specify a number of command line options (check syntax with -h) to do things like the following:
- handle multiple pip "requirements" files
- handle multiple Python executable paths
- whether or not to permit GPL-licensed packages (default no)
- specific GPL-licensed package exceptions (e.g. if a package lists exceptions to the GPL that may suit your needs but is still GPL-licensed)
- whether or not to permit comercially-licensed packages (default no)
- specific comercially-licensed package exceptions (e.g. if you have a license for a package or if you own a package)
- a "skip prefix" (e.g. if you want to skip all packages starting with a certain string)
- disable internet lookups (if you don't want to pull data from PyPI and GitHub)
## Examples
Two different pip "requirements" files, two different Python paths (Virtualenvs) and a skip prefix:
python -m third_party_license_file_generator \
-r requirements-py.txt \
-p ~/.virtualenvs/backend_py/bin/python \
-r requirements-pypy.txt \
-p ~/.virtualenvs/backend_pypy/bin/python \
--skip-prefix ims-
Please note that pip "requirements" files and Python executable paths are paired together in the order they're specified.
Three different pip "requirements" files, two different Python paths (Virtualenvs), a GPL exception and a custom output file:
python -m third_party_license_file_generator \
-r requirements.txt \
-p ~/.virtualenvs/api_pypy/bin/python \
-r pypy_requirements.txt \
-p ~/.virtualenvs/api_pypy/bin/python \
-r cpython_requirements.txt \
-p ~/.virtualenvs/api_py/bin/python \
--gpl-exception uwsgi
--output-file ThirdPartyLicenses.txt
An example of the structure of the generated third party license file is as follows:
Start of 'ThirdPartyLicenses.txt' generated by Python third_party_license_generator at 2018-04-19 12:36:58.627421
----------------------------------------
Package: Django
License: BSD-3-clause
Requires: pytz
Author: Django Software Foundation <foundation@djangoproject.com>
Home page: https://www.djangoproject.com/
(license content appears here in full)
----------------------------------------
End of 'ThirdPartyLicenses.txt' generated by Python third_party_license_generator at 2018-04-19 12:36:58.627825
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Close
Hashes for third-party-license-file-generator-2018.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | a0229a5907d82d2748f3bed1ff1a5350c725fdb375ddb617f31b276d9312e7ce |
|
MD5 | fba977629f6e9b978df72a44d341aace |
|
BLAKE2b-256 | 1cb193a7e9b8896a3976f8ded31687d53503287477426ea2fec67cb549acec15 |
Close
Hashes for third_party_license_file_generator-2018.3-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | e9263dd34bf3eca11f78e055cf9399f9cda8befba4214d2b37b660afa6fb1e2c |
|
MD5 | 59a1e1e7a4d55bf749b0ccf67d8f7d12 |
|
BLAKE2b-256 | 5f6b78bbaa405037f852ca412ca04b62c53da966c976c19234590a126f75a281 |
Close
Hashes for third_party_license_file_generator-2018.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | a08eee976eab98bb7b9ab5efae18097c5d0c763b37365646738e9c05d0e6bdce |
|
MD5 | c83d3ce161961d6f3da6f7fe21ffe6ab |
|
BLAKE2b-256 | 437d45bff6d2ed8b621298f0ec8af0041ed5e1283440d8fecf4f9b0bbab82f64 |