pip(或setuptools，distribute等...)能否列出每个已安装软件包使用的许可证? [英] Can pip (or setuptools, distribute etc...) list the license used by each installed package?

问题描述

我正在尝试审核具有大量依赖关系的Python项目，尽管我可以手动查找每个项目的首页/许可条款，但似乎大多数OSS软件包都应该已经在其元数据中包含了许可名称和版本.

I'm trying to audit a Python project with a large number of dependencies and while I can manually look up each project's homepage/license terms, it seems like most OSS packages should already contain the license name and version in their metadata.

不幸的是，我无法在pip或easy_install中找到任何列出软件包名称和已安装版本(通过pip冻结)的选项.

Unfortunately I can't find any options in pip or easy_install to list more than the package name and installed version (via pip freeze).

是否有人指向列出Python软件包许可证元数据的工具的指针?

Does anyone have pointers to a tool to list license metadata for Python packages?

推荐答案

您可以使用pkg_resources:

import pkg_resources

def get_pkg_license(pkgname):
    """
    Given a package reference (as from requirements.txt),
    return license listed in package metadata.
    NOTE: This function does no error checking and is for
    demonstration purposes only.
    """
    pkgs = pkg_resources.require(pkgname)
    pkg = pkgs[0]
    for line in pkg.get_metadata_lines('PKG-INFO'):
        (k, v) = line.split(': ', 1)
        if k == "License":
            return v
    return None

示例用法:

>>> get_pkg_license('mercurial')
'GNU GPLv2+'
>>> get_pkg_license('pytz')
'MIT'
>>> get_pkg_license('django')
'UNKNOWN'

这篇关于pip(或setuptools，distribute等...)能否列出每个已安装软件包使用的许可证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！