search

pilosus / pip-license-checker

Check license types for third-party dependencies: permissive, copyleft, proprietory, etc.
https://blog.pilosus.org/posts/2021/09/07/pip-license-checker/
Other
69 stars 3 forks source link

Support setup.py dependencies #28

Closed pilosus closed 3 years ago

pilosus commented 3 years ago

For now we recognize only requirements files. We need to also support setup.py dependencies:

  1. Distinguish it from requirements file (simple match the name against predefined setup.py)
  2. Parse the file, find a list of dependencies in install-requires section
  3. Do regual processing for requirements found

Limitations

We don't want to reinvent Python parser. That's why should do the simplies parsing for install-requires: check for an explicit list of strings. Variables, function calls assigned to install-requires won't be parsed.

Maybe also add verbosity flag and stdout notification if setup.py file detected, but install-requires parsing failed (field exists, but contains not a list of strings)

pilosus commented 3 years ago

Too laborious to implement, no real advantages over passing in a requirements file generated by pip freeze.