GitLocker: The Coding Marketplace

Description:

pylicenses 0.1

Find license types and texts for all installed packages in conda and pip
environments, producing a distribution-ready file THIRDPARTY-LICENSES
with required details on all packages, including their respective license texts.

Why yet another tool?
There are several packages with similar intents, however I did not find any
to match the particular usecase PyLicenses covers. Specifically to produce
a complete set of licenses for all installed packages, at the package level
(as opposed to the file level as many other such tools do).Also I wanted to have
a focused tool that is easily extensible to any framework, in any language.

Features
PyLicense

produces the THIRDPARTY-LICENSES file as a report on all packages
collects data from conda, pip, pypi and github to retrieve information
on authorship, package homepage, license style and - most importantly -
the actual license text.
uses a pipeline of scanners/data collectors. Adding a new framework to
scan (e.g. to include npm modules) is a matter of writing a new PackageProvider
class with a single method.
produces reports and statistics on primary packages (direct dependency) and
secondary packages (pulled-in through a dependency), notably this works across
conda and pip. Statistics currently include counts per license type.
highlights packages were the license information or license text is missing
can map packages to a fixed license URL for packages that do not include
the license text or where the LICENSE file is difficult to find by automated
means.

How to use
Within your conda or pip virtualenv, run

$ python -m pylicense

To see options

$ python -m pylicense -h
usage: __main__.py [-h] [–github GITHUB] [–stats STATS]

optional arguments:

-h, --help
show this help message and exit

--github GITHUB
specify github user,password

--stats STATS
print statistics

Sample output
See the THIRDPARTY-LICENSES file in this repository for the full license
collection report of this package.
The direct output looks something like this

$ python -m pylicense
Packages directly required:
name author license
———- ————————– ———————–
pylicenses Patrick Senti Apache 2.0
wheel Daniel Holth Other
urllib3 Andrey Petrov MIT
tabulate Sergey Astanin MIT
sh Andrew Moffat MIT
setuptools Python Packaging Authority MIT License
requests Kenneth Reitz Apache Software License
pip The pip developers MIT
certifi Kenneth Reitz MPL-2.0
libedit NetBSD
python PSF
Packages pulled in through other requirements:
name author license
————— —————- ————————————–
idna Kim Davies BSD Like
chardet Daniel Blanchard GNU Lesser General Public License v2.1
ca-certificates ISC
libffi MIT
libgcc-ng GPL
libstdcxx-ng GPL3 with runtime exception
ncurses Free software - X11 License
openssl OpenSSL
readline GPL3
sqlite Public-Domain
xz Public-Domain, GPL
zlib zlib
SUCCESS Good news. There are no packages without license texts
SUCCESS The full license report is available in THIRDPARTY-LICENSES

How to implement a new scanner

Add a class in pylicenses.provider, e.g.

class MyPackageScanner(PackageProvider):

def get_packages_info(self, packages, subset=None)
… your code to update packages …
return packages

packages is a dictionary mapping name=>data, where name is either
the package’s canonical name or the full distribution name (name-version-type),
and data is the data collected so far. For programming convenience all mapping
of the same package, independent of the key, reference the same data object.
Currently there are only very few conventions for the contents of data:

name is the name of package without version or distribution type
dist_name is the full distribution name (name-version or name-version-type)
license is the canonical license name (e.g. MIT, Apache-2.0 etc.)
license_text is the actual license text
license_source is the filename/URL to the source of the license text
license_trace is the last scanner to update the data

Any other data can be stored by the scanners as they see fit. Note the
dependency on PackageProvider as a base class is a convenience only.

Add the new scanner class to PyLicenses.PROVIDERS
Add unit tests

License
MIT License - Copyright (c) 2018 Patrick Senti, productaize.io
See LICENSE file