Report formatting: output format, columns control

[pilosus]

For now, the only way to output the check results is by printing to the stdout. This is fine, especially after #80 has been implemented.

But once we introduce new columns, License SPDX ID (see #85 ) and License source (see #89), we may need to:

1. Control what columns to be shown/hidden from the output

We can do that with the flag

--report-columns '[:package :license-id :license-name :license-source :license-type]'

Passing in the EDN vector enables a user to set the column presence and their order.

2. Export as a file with the support for some popular file formats: csv, json, xml, edn.

We can do that with the flag --report-format FILE_FORMAT with the default value of stdout.

[jenstroeger]

What about having an option to output SPDX license identifiers, closely related to issue https://github.com/pilosus/pip-license-checker/issues/85? Or would that be covered by :license-id in your example above?

[pilosus]

Sorry for the super late response. Somehow I didn't get the notification about it.

Yeah, :license-id is deemed to cover SPDX ids.

But to be honest, I postponed any development in the direction of SPDX ids adoption until PEP 639 is accepted. Once it is, SPDX expressions are enforced and validated for at least the newly uploaded Python packages on PyPI.

Before the PEP is accepted and integrated into the Cheeseshop and Python packaging tools, supporting heuristics to validate possible SPDX expressions in package mata are probably too cumbersome and unreliable.

So, for now there still are only two options: either download packages and rely on the full license text(s) analysis (like scancode and some other tools do). Or make more lightweight checks for native Python packages' meta with no downloads but at the price of more paranoid predictions like pip-license-checker does.