Open jakeBass opened 6 months ago
You can just create a virtual environment, install your requirements there and use the --python
option. I do not see an easier option for pip-licenses
itself here as well due to iterating over the local package metadata.
Most likely a duplicate of #108 as well.
Ah yup, I think this is a duplicate. Apologies as I couldn't find that, and didn't have a good understanding of how your library works (might be worth adding a brief How It Works
section in the README?).
I am wondering if you've considered any alternate ways to get license info in the case where creating a venv is infeasible -- downloading the info from pypi or the package's repo possibly?
The repository already states:
Dump the license list of packages installed with pip.
and
pip-licenses is a CLI tool for checking the software license of installed Python packages with pip.
So it already states that it is about local packages.
I am wondering if you've considered any alternate ways to get license info in the case where creating a venv is infeasible -- downloading the info from pypi or the package's repo possibly?
I am neither the maintainer nor the author of this package, but just a user. Nevertheless, IMHO this is out of scope for pip-licenses
as this basically requires a completely different approach (fetching and parsing JSON from PyPI etc.) I am not aware of a corresponding package which would already implement this.
Speaking of myself, I already use a combination of pip-licenses
and custom scanning of packages without having to install them, although without resolving any dependency chains due to pip-licenses
providing me all the necessary Python package names.
I can get the requirements.txt for a couple dozen repositories here but running all of them locally, installing all their packages and extracting the license information from there is a total non starter.
Weird that it's not possible to get this from requirements.txt
or pyproject.toml
.
As already stated above, this is just how pip-licenses
has been implemented, id est relying on importlib.metadata
from the stdlib without doing any outbound network requests and being faster due to this (and reducing traffic). This usually is fine for projects you are actively working it as you will have a dedicated virtual environment anyway.
Implementing an alternative approach in another package is still feasible, but IMHO out of scope for pip-licenses
due to using a completely different concept.
Hi! I'm interested in being able to feed in a specific
requirements.txt
file and get the licenses for the packages listed in the file. There doesn't appear to be a CLI option supporting this. I'm curious -- does that seem like a reasonable feature? Thanks!For reference, it could look something like: