Feature: Support option ignore-licenses in pyproject.toml and support multiple entries
fhg-isi opened this issue · 6 comments
Feature
Is your feature request related to a problem? Please describe
a) If I run lichensecheck with
licensecheck --ignore-licenses='Apache'
I get the expected results. However, If I put that option in pyproject.toml it does not work.
[tool.licensecheck]
using = 'PEP631'
ignore-licenses = 'Apache'
zero = true
I also tried
ignore-licenses = [ 'Apache']
and
ignore-licenses = 'Apache Software License'
b) Furthermor, if I try
licensecheck --ignore-licenses='Zope Public License, Apache Software License'
only Apache is ignored instead of ignoring both licenses.
Describe the solution you'd like
Allow to specify multiple licenses in pyproject.toml that should be ignored.
Describe alternatives you've considered
Specify them at the command line; did not work.
Example pyproject.toml:
https://github.com/fraunhofer-isi/micat/blob/main/back_end/pyproject.toml
A workaround with a custom script does work (see below). Therefore, the issue about the non-ignored licenses seems to be related to the determination of the arguments.
from licensecheck import formatter, get_deps
from sys import exit
def main():
using = 'PEP631'
ignore_packages = []
fail_packages = []
ignore_licenses = ['Apache Software License', 'Zope Public License']
fail_licenses = []
project_license, dependencies = get_deps.getDepsWithLicenses(
using,
ignore_packages,
fail_packages,
ignore_licenses,
fail_licenses,
)
simple_format = formatter.formatMap['simple']
output = simple_format(project_license, sorted(dependencies))
print(output)
incompatible = any(not dependency.licenseCompat for dependency in dependencies)
exit_code = 1 if incompatible else 0
exit(exit_code)
if __name__ == '__main__':
main()
Try something like this
licensecheck -u requirements --fail-licenses mit bsd
Info
┏━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━┓
┃ Item ┃ Value ┃
┡━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━┩
│ program │ licensecheck │
│ version │ 2023.1.3 │
│ license │ mit │
│ project_license │ mit │
└─────────────────┴──────────────┘
List Of Packages
┏━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┓
┃ Compatible ┃ Package ┃ License(s) ┃
┡━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━┩
│ ✖ │ Pygments │ BSD License │
│ ✖ │ attrs │ MIT License │
│ ✔ │ certifi │ Mozilla Public License 2.0 (MPL 2.0) │
│ ✔ │ chardet │ GNU Lesser General Public License v2 or later (LGPLv2+) │
│ ✖ │ charset-normalizer │ MIT License │
│ ✖ │ fhconfparser │ MIT License │
│ ✖ │ idna │ BSD License │
│ ✖ │ ipywidgets │ BSD License │
│ ✖ │ markdown-it-py │ MIT License │
│ ✖ │ pysocks │ BSD │
│ ✔ │ requests │ Apache Software License │
│ ✔ │ requirements-parser │ Apache Software License │
│ ✖ │ rich │ MIT License │
│ ✖ │ tomli │ MIT License │
│ ✔ │ types-setuptools │ Apache Software License │
│ ✔ │ typing_extensions │ Python Software Foundation License │
│ ✖ │ urllib3 │ MIT License │
└────────────┴─────────────────────┴─────────────────────────────────────────────────────────┘
a) Should pyproject.toml support the ignore-licenses option? Can you please give an example on how to specify a list? As array? As single string, separated with ";"?
b) I tried the list notation without quotation marks, as you suggested above.
Unfortunately, that did not work:
licensecheck --ignore-licenses zope apache
Unfortunately, that did not work for zope.
I had a closer look and the license seem have to be a known license in order for the ignore-licenses option to work ?!
depCompatWMyLice(... ignoreLicenses: list[L] ...)
=> Does not make sense for me at a first glance. I wold expect to use ignore-licenses for unknown licenses.
(Why should I ignore a known license at all?)
c) Unfortunately, with the new version, even with direct specification of ignore_licenses it stopped working:
│ ✖ │ waitress │ Zope Public License │
Example project.toml:
https://github.com/fraunhofer-isi/micat/blob/main/back_end/pyproject.toml (includes 'waitress==2.1.2',)
Example code to check licenses:
https://github.com/fraunhofer-isi/micat/blob/main/back_end/check/check_licenses.py
ignore_licenses = [
# work around for bug in licensecheck for apache
'Apache Software License',
# not know by licensecheck, yet
'Zope Public License',
# work around for bug in licensecheck for dual license
'MIT License;; Academic Free License (AFL)',
]
GitHub Action to automate the check:
https://github.com/fraunhofer-isi/micat/blob/main/.github/workflows/back_end_license_check.yml
Cheers for the info, I'll investigate further
Admittedly the ignore license use case isn't completely clear to me.
How would you propose implementing this? Using string comparison seems particularly error prone here as passing a ignore string of Zope License wouldn't behave. More thinking needed here I think before implementing a solution
Closed in 2023.3. Use as shown in #48 :)