Open alandtse opened 4 years ago
@alandtse Hey, thanks for the great suggestions.
Support for SPDX IDs is certainly beneficial.
I don't have time to work on this suggestion right now. But it may support it in the future.
If the behavior spec is written in this issue, it will be easier to work on implementation.
Alternatively, you are welcome to provide patches.
In my opinion, this conversion should probably be implemented in a dedicated package instead of the pip-licenses
package. From my experience, there are quite some edge cases or strange license field usages, which have to be considered - let alone the list of licenses itself which just introduces overhead for everyone who does not need this feature. (Example: I regularly have a look a the license fields of about 200 PyPI packages extracted by pip-licenses
and observed quite some oddities, including links to Wikipedia etc.)
Providing a Python-based interface as requested in #81 should allow everyone to plug the desired license format conversion tooling into the tool chain (although this can already be done now when pip-licenses
is being called correctly).
Providing a Python-based interface as requested in #81 should allow everyone to plug the desired license format conversion tooling into the tool chain (although this can already be done now when
pip-licenses
is being called correctly).
I agree with you. When a user wants to achieve a slightly nifty conversion or output, it is much easier than sending a patch to pip-licenses
.
If we provide a Python code-based interface, we must work on preparing and documenting type information.
Great project! I handle open source compliance for a large multinational corporation and just found this while coding in my spare time. I'll probably start pointing my developers to this project for python license identification from their dependencies.
It'd be nice if there was an option to use SPDX-License-Identifiers for the output for licenses. This is the identifier based on this list and is intended to normalize identification of licenses.
These identifiers are actually being used in multiple projects now to identify the license (e.g., Linux kernel).
This may complicate how this tool works since it looks like you're just passing the meta data through, but I think more python projects may adopt the
SPDX-License-Identifier
format.