diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | python-pylic.spec | 473 | ||||
| -rw-r--r-- | sources | 1 |
3 files changed, 475 insertions, 0 deletions
@@ -0,0 +1 @@ +/pylic-3.5.0.tar.gz diff --git a/python-pylic.spec b/python-pylic.spec new file mode 100644 index 0000000..f79e232 --- /dev/null +++ b/python-pylic.spec @@ -0,0 +1,473 @@ +%global _empty_manifest_terminate_build 0 +Name: python-pylic +Version: 3.5.0 +Release: 1 +Summary: A Python license checker +License: MIT +URL: https://github.com/ubersan/pylic +Source0: https://mirrors.nju.edu.cn/pypi/web/packages/b4/9d/268a2a4e206ba6950052e98655fe393e8e05f8ec545c63bec37c0eae6f34/pylic-3.5.0.tar.gz +BuildArch: noarch + +Requires: python3-importlib-metadata +Requires: python3-toml + +%description +# pylic - Python license checker [](https://github.com/sandrochuber/pylic/blob/main/LICENSE) [](https://badge.fury.io/py/pylic/) [](https://codecov.io/gh/ubersan/pylic/) + +Reads pylic configuration in `pyproject.toml` and checks licenses of installed packages recursively. + +Principles: +- Every license has to be allowed explicitly (case-insensitive comparison). +- All installed packages without a license are considered unsafe and have to be listed as such. + +> Only installed packages are checked for licenses. Packages/dependencies listed in `pyproject.toml` are ignored. + +## Installation + +```sh +pip install pylic +``` + +## Configuration + +`pylic` needs be run in the directory where your `pyproject.toml` file is located. You can configure +- `safe_licenses`: All licenses you consider safe for usage. The string comparison is case-insensitive. +- `unsafe_packages`: If you rely on a package that does not come with a license you have to explicitly list it as such. +- `ignore_packages`: Packages that will not be reported as unsafe even if they use a license not listed as safe. This is useful in case an existing projects want to start integrating `pylic`, but are still using unsafe licenses. This enables first to ignore these packages temporarely, while they're being replaced, second to already validate newly added or updated packages against the safe license set and third to integrate `pylic` frictionless into CI/CD from the get go. + +```toml +[tool.pylic] +safe_licenses = [ + "Apache Software License", + "Apache License 2.0", + "MIT License", + "Python Software Foundation License", + "Mozilla Public License 2.0 (MPL 2.0)", +] +unsafe_packages = [ + "unlicensedPackage", +] +ignore_packages = [ + "ignoredPackage", +] +``` + +## Commands + +`pylic` provides the following commands (also see `pylic help`): +- `check`: Checks all installed licenses. +- `list`: Lists all installed packages and their corresponding license. + +## Usage Example + +Create a venv to start with a clean ground and activate it + +```sh +python -m venv .venv +source .venv/bin/activate +``` + +Install `pylic` and create an empty `pyproject.toml` + +```sh +pip install pylic +touch pyproject.toml +``` + +Install all your dependencies + +```sh +pip install <packageA> <packageB> +``` + +Run pylic + +```sh +pylic check +``` + +The output will be similar to + +```sh +Found unsafe packages: + pkg_resources (0.0.0) +Found unsafe licenses: + pip (18.1): MIT License + zipp (3.4.1): MIT License + toml (0.10.2): MIT License + pylic (1.2.0): MIT License + setuptools (40.8.0): MIT License + typing-extensions (3.7.4.3): Python Software Foundation License + importlib-metadata (3.9.0): Apache Software License +``` + +The return code of `pylic` is in this case non-zero due to unsafe licenses. This allows usage of pylic in CI. + +```sh +echo $? # prints 1 +``` + +As these licenses and packages are all ok we can configure `pylic` accordingly + +```sh +cat <<EOT >> pyproject.toml +[tool.pylic] +safe_licenses = ["Apache Software License", "MIT License", "Python Software Foundation License"] +unsafe_packages = ["pkg_resources"] +EOT +``` + +After rerunning `pylic check` the output now reveals a successful validation + +```sh +✨ All licenses ok ✨ +``` + +Also the return code now signals that all is good + +```sh +echo $? # prints 0 +``` + +Use `pylic list` to list all installed packages and their corresponding licenses. + +## Advanced Usage + +In cases where the safe licenses or unsafe packages are centrally managed keeping the configuration in perfect sync to the installed packages might be too cumbersome or even impossible. To support these use cases the `check` command provides the two options (see also `check --help`) `--allow-extra-safe-licenses` and `--allow-extra-unused-packages`. These options only affect the returned status code and will keep all corresponding printed warnings unchanged. + +## Development + +Required tools: +- Poetry (https://python-poetry.org/) + +Run `poetry install` to install all necessary dependencies. Checkout the `[tool.taskipy.tasks]` (see [taskipy](https://github.com/illBeRoy/taskipy)) section in the `pyproject.toml` file for utility tasks. You can run these with `poetry run task <task>`. + +Creating a new release is as simple as: +- Update `version` in the pyproject.toml and the `__version__.py` file. +- `poetry run task release`. + + +%package -n python3-pylic +Summary: A Python license checker +Provides: python-pylic +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%description -n python3-pylic +# pylic - Python license checker [](https://github.com/sandrochuber/pylic/blob/main/LICENSE) [](https://badge.fury.io/py/pylic/) [](https://codecov.io/gh/ubersan/pylic/) + +Reads pylic configuration in `pyproject.toml` and checks licenses of installed packages recursively. + +Principles: +- Every license has to be allowed explicitly (case-insensitive comparison). +- All installed packages without a license are considered unsafe and have to be listed as such. + +> Only installed packages are checked for licenses. Packages/dependencies listed in `pyproject.toml` are ignored. + +## Installation + +```sh +pip install pylic +``` + +## Configuration + +`pylic` needs be run in the directory where your `pyproject.toml` file is located. You can configure +- `safe_licenses`: All licenses you consider safe for usage. The string comparison is case-insensitive. +- `unsafe_packages`: If you rely on a package that does not come with a license you have to explicitly list it as such. +- `ignore_packages`: Packages that will not be reported as unsafe even if they use a license not listed as safe. This is useful in case an existing projects want to start integrating `pylic`, but are still using unsafe licenses. This enables first to ignore these packages temporarely, while they're being replaced, second to already validate newly added or updated packages against the safe license set and third to integrate `pylic` frictionless into CI/CD from the get go. + +```toml +[tool.pylic] +safe_licenses = [ + "Apache Software License", + "Apache License 2.0", + "MIT License", + "Python Software Foundation License", + "Mozilla Public License 2.0 (MPL 2.0)", +] +unsafe_packages = [ + "unlicensedPackage", +] +ignore_packages = [ + "ignoredPackage", +] +``` + +## Commands + +`pylic` provides the following commands (also see `pylic help`): +- `check`: Checks all installed licenses. +- `list`: Lists all installed packages and their corresponding license. + +## Usage Example + +Create a venv to start with a clean ground and activate it + +```sh +python -m venv .venv +source .venv/bin/activate +``` + +Install `pylic` and create an empty `pyproject.toml` + +```sh +pip install pylic +touch pyproject.toml +``` + +Install all your dependencies + +```sh +pip install <packageA> <packageB> +``` + +Run pylic + +```sh +pylic check +``` + +The output will be similar to + +```sh +Found unsafe packages: + pkg_resources (0.0.0) +Found unsafe licenses: + pip (18.1): MIT License + zipp (3.4.1): MIT License + toml (0.10.2): MIT License + pylic (1.2.0): MIT License + setuptools (40.8.0): MIT License + typing-extensions (3.7.4.3): Python Software Foundation License + importlib-metadata (3.9.0): Apache Software License +``` + +The return code of `pylic` is in this case non-zero due to unsafe licenses. This allows usage of pylic in CI. + +```sh +echo $? # prints 1 +``` + +As these licenses and packages are all ok we can configure `pylic` accordingly + +```sh +cat <<EOT >> pyproject.toml +[tool.pylic] +safe_licenses = ["Apache Software License", "MIT License", "Python Software Foundation License"] +unsafe_packages = ["pkg_resources"] +EOT +``` + +After rerunning `pylic check` the output now reveals a successful validation + +```sh +✨ All licenses ok ✨ +``` + +Also the return code now signals that all is good + +```sh +echo $? # prints 0 +``` + +Use `pylic list` to list all installed packages and their corresponding licenses. + +## Advanced Usage + +In cases where the safe licenses or unsafe packages are centrally managed keeping the configuration in perfect sync to the installed packages might be too cumbersome or even impossible. To support these use cases the `check` command provides the two options (see also `check --help`) `--allow-extra-safe-licenses` and `--allow-extra-unused-packages`. These options only affect the returned status code and will keep all corresponding printed warnings unchanged. + +## Development + +Required tools: +- Poetry (https://python-poetry.org/) + +Run `poetry install` to install all necessary dependencies. Checkout the `[tool.taskipy.tasks]` (see [taskipy](https://github.com/illBeRoy/taskipy)) section in the `pyproject.toml` file for utility tasks. You can run these with `poetry run task <task>`. + +Creating a new release is as simple as: +- Update `version` in the pyproject.toml and the `__version__.py` file. +- `poetry run task release`. + + +%package help +Summary: Development documents and examples for pylic +Provides: python3-pylic-doc +%description help +# pylic - Python license checker [](https://github.com/sandrochuber/pylic/blob/main/LICENSE) [](https://badge.fury.io/py/pylic/) [](https://codecov.io/gh/ubersan/pylic/) + +Reads pylic configuration in `pyproject.toml` and checks licenses of installed packages recursively. + +Principles: +- Every license has to be allowed explicitly (case-insensitive comparison). +- All installed packages without a license are considered unsafe and have to be listed as such. + +> Only installed packages are checked for licenses. Packages/dependencies listed in `pyproject.toml` are ignored. + +## Installation + +```sh +pip install pylic +``` + +## Configuration + +`pylic` needs be run in the directory where your `pyproject.toml` file is located. You can configure +- `safe_licenses`: All licenses you consider safe for usage. The string comparison is case-insensitive. +- `unsafe_packages`: If you rely on a package that does not come with a license you have to explicitly list it as such. +- `ignore_packages`: Packages that will not be reported as unsafe even if they use a license not listed as safe. This is useful in case an existing projects want to start integrating `pylic`, but are still using unsafe licenses. This enables first to ignore these packages temporarely, while they're being replaced, second to already validate newly added or updated packages against the safe license set and third to integrate `pylic` frictionless into CI/CD from the get go. + +```toml +[tool.pylic] +safe_licenses = [ + "Apache Software License", + "Apache License 2.0", + "MIT License", + "Python Software Foundation License", + "Mozilla Public License 2.0 (MPL 2.0)", +] +unsafe_packages = [ + "unlicensedPackage", +] +ignore_packages = [ + "ignoredPackage", +] +``` + +## Commands + +`pylic` provides the following commands (also see `pylic help`): +- `check`: Checks all installed licenses. +- `list`: Lists all installed packages and their corresponding license. + +## Usage Example + +Create a venv to start with a clean ground and activate it + +```sh +python -m venv .venv +source .venv/bin/activate +``` + +Install `pylic` and create an empty `pyproject.toml` + +```sh +pip install pylic +touch pyproject.toml +``` + +Install all your dependencies + +```sh +pip install <packageA> <packageB> +``` + +Run pylic + +```sh +pylic check +``` + +The output will be similar to + +```sh +Found unsafe packages: + pkg_resources (0.0.0) +Found unsafe licenses: + pip (18.1): MIT License + zipp (3.4.1): MIT License + toml (0.10.2): MIT License + pylic (1.2.0): MIT License + setuptools (40.8.0): MIT License + typing-extensions (3.7.4.3): Python Software Foundation License + importlib-metadata (3.9.0): Apache Software License +``` + +The return code of `pylic` is in this case non-zero due to unsafe licenses. This allows usage of pylic in CI. + +```sh +echo $? # prints 1 +``` + +As these licenses and packages are all ok we can configure `pylic` accordingly + +```sh +cat <<EOT >> pyproject.toml +[tool.pylic] +safe_licenses = ["Apache Software License", "MIT License", "Python Software Foundation License"] +unsafe_packages = ["pkg_resources"] +EOT +``` + +After rerunning `pylic check` the output now reveals a successful validation + +```sh +✨ All licenses ok ✨ +``` + +Also the return code now signals that all is good + +```sh +echo $? # prints 0 +``` + +Use `pylic list` to list all installed packages and their corresponding licenses. + +## Advanced Usage + +In cases where the safe licenses or unsafe packages are centrally managed keeping the configuration in perfect sync to the installed packages might be too cumbersome or even impossible. To support these use cases the `check` command provides the two options (see also `check --help`) `--allow-extra-safe-licenses` and `--allow-extra-unused-packages`. These options only affect the returned status code and will keep all corresponding printed warnings unchanged. + +## Development + +Required tools: +- Poetry (https://python-poetry.org/) + +Run `poetry install` to install all necessary dependencies. Checkout the `[tool.taskipy.tasks]` (see [taskipy](https://github.com/illBeRoy/taskipy)) section in the `pyproject.toml` file for utility tasks. You can run these with `poetry run task <task>`. + +Creating a new release is as simple as: +- Update `version` in the pyproject.toml and the `__version__.py` file. +- `poetry run task release`. + + +%prep +%autosetup -n pylic-3.5.0 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-pylic -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Fri May 05 2023 Python_Bot <Python_Bot@openeuler.org> - 3.5.0-1 +- Package Spec generated @@ -0,0 +1 @@ +44bd3d881b20f256bf9c3943e233f65b pylic-3.5.0.tar.gz |