## license-checker
Scan Python source trees for imports, map them to installed distributions, and report each package's license in a table or JSON. Useful for CI/CD license compliance gates and quick audits.
### Features
- Detects top-level imports across a project (recursively, ignoring common build/venv folders)
- Maps modules to installed distributions and aggregates license metadata
- Outputs a readable table or machine-friendly JSON
- Exit codes suitable for CI gating
- Optional helpers for discovering `.env` files and summarizing their key/value pairs
## Installation
### From PyPI
```bash
pip install license-checker
```
Requires Python 3.8+.
## Usage
### Basic scan
```bash
license-checker --path .
```
### JSON output
```bash
license-checker --path . --format json
```
### Discover .env-like files (filenames only)
```bash
license-checker --path . --simulate-env
```
### Summarize .env key/value pairs
```bash
license-checker --path . --env-summary
```
### CLI help
```bash
license-checker --help
```
## Exit codes (for CI)
- 0: all detected licenses are allowed
- 1: at least one dependency is marked deny
- 2: at least one dependency has unknown status
License policy is heuristic: permissive/business-friendly terms like MIT, Apache-2.0, BSD-2/3, ISC, MPL-2.0, PSF, Boost, Zlib, Unlicense, and Public Domain are treated as OK. Others are marked deny for review.
## Expected output
### Table format (default)
```text
MODULE | DISTRIBUTIONS | LICENSE | STATUS
----------+---------------+-----------------------------------------+-------
requests | requests | Apache Software License | ok
numpy | numpy | BSD License | ok
pkgutil | - | <stdlib or local> | ok
somepkg | somepkg | Proprietary License | deny
```
### JSON format
```json
[
{
"module": "requests",
"distributions": ["requests"],
"license": "Apache Software License",
"status": "ok"
},
{
"module": "somepkg",
"distributions": ["somepkg"],
"license": "Proprietary License",
"status": "deny"
}
]
```
## Programmatic use (optional)
```python
from license_checker.scanner import find_imports_in_tree
from license_checker.license_meta import build_license_report, print_report
modules = find_imports_in_tree(".")
report = build_license_report(modules)
print_report(report, fmt="table") # or fmt="json"
```
## License
MIT
Raw data
{
"_id": null,
"home_page": null,
"name": "license-checker",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": null,
"keywords": "license, compliance, imports, security, supply-chain",
"author": "Student",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/3c/fb/91c243bfc778e819929ce7555e34d7364d3a2d0ad5a5311ba86bf7b32686/license_checker-0.1.3.tar.gz",
"platform": null,
"description": "## license-checker\n\nScan Python source trees for imports, map them to installed distributions, and report each package's license in a table or JSON. Useful for CI/CD license compliance gates and quick audits.\n\n### Features\n- Detects top-level imports across a project (recursively, ignoring common build/venv folders)\n- Maps modules to installed distributions and aggregates license metadata\n- Outputs a readable table or machine-friendly JSON\n- Exit codes suitable for CI gating\n- Optional helpers for discovering `.env` files and summarizing their key/value pairs\n\n## Installation\n\n### From PyPI\n```bash\npip install license-checker\n```\n\nRequires Python 3.8+.\n\n## Usage\n\n### Basic scan\n```bash\nlicense-checker --path .\n```\n\n### JSON output\n```bash\nlicense-checker --path . --format json\n```\n\n### Discover .env-like files (filenames only)\n```bash\nlicense-checker --path . --simulate-env\n```\n\n### Summarize .env key/value pairs\n```bash\nlicense-checker --path . --env-summary\n```\n\n### CLI help\n```bash\nlicense-checker --help\n```\n\n## Exit codes (for CI)\n- 0: all detected licenses are allowed\n- 1: at least one dependency is marked deny\n- 2: at least one dependency has unknown status\n\nLicense policy is heuristic: permissive/business-friendly terms like MIT, Apache-2.0, BSD-2/3, ISC, MPL-2.0, PSF, Boost, Zlib, Unlicense, and Public Domain are treated as OK. Others are marked deny for review.\n\n## Expected output\n\n### Table format (default)\n```text\nMODULE | DISTRIBUTIONS | LICENSE | STATUS\n----------+---------------+-----------------------------------------+-------\nrequests | requests | Apache Software License | ok\nnumpy | numpy | BSD License | ok\npkgutil | - | <stdlib or local> | ok\nsomepkg | somepkg | Proprietary License | deny\n```\n\n### JSON format\n```json\n[\n {\n \"module\": \"requests\",\n \"distributions\": [\"requests\"],\n \"license\": \"Apache Software License\",\n \"status\": \"ok\"\n },\n {\n \"module\": \"somepkg\",\n \"distributions\": [\"somepkg\"],\n \"license\": \"Proprietary License\",\n \"status\": \"deny\"\n }\n]\n```\n\n## Programmatic use (optional)\n```python\nfrom license_checker.scanner import find_imports_in_tree\nfrom license_checker.license_meta import build_license_report, print_report\n\nmodules = find_imports_in_tree(\".\")\nreport = build_license_report(modules)\nprint_report(report, fmt=\"table\") # or fmt=\"json\"\n```\n\n## License\nMIT\n",
"bugtrack_url": null,
"license": null,
"summary": "Scan Python sources for imports and check distribution licenses.",
"version": "0.1.3",
"project_urls": {
"Homepage": "https://example.com/import-license-checker"
},
"split_keywords": [
"license",
" compliance",
" imports",
" security",
" supply-chain"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "aeaac19203062807ece59a54178ae4d40b238254b72dbe042181bc25002744c1",
"md5": "c5a782a2f31cfd3e6404f425bc0ce041",
"sha256": "93b86cc388893c4204b01efb92d14a218c980337f570aa4e2c37383233568f95"
},
"downloads": -1,
"filename": "license_checker-0.1.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "c5a782a2f31cfd3e6404f425bc0ce041",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 7473,
"upload_time": "2025-08-29T14:40:21",
"upload_time_iso_8601": "2025-08-29T14:40:21.372840Z",
"url": "https://files.pythonhosted.org/packages/ae/aa/c19203062807ece59a54178ae4d40b238254b72dbe042181bc25002744c1/license_checker-0.1.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "3cfb91c243bfc778e819929ce7555e34d7364d3a2d0ad5a5311ba86bf7b32686",
"md5": "30f6644e6ee4c612029b5d7473683454",
"sha256": "5104c172545674b54ddf36b6ddc5440b2d75b7e276929d41f4ccfab20de2fe54"
},
"downloads": -1,
"filename": "license_checker-0.1.3.tar.gz",
"has_sig": false,
"md5_digest": "30f6644e6ee4c612029b5d7473683454",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 6275,
"upload_time": "2025-08-29T14:40:22",
"upload_time_iso_8601": "2025-08-29T14:40:22.474435Z",
"url": "https://files.pythonhosted.org/packages/3c/fb/91c243bfc778e819929ce7555e34d7364d3a2d0ad5a5311ba86bf7b32686/license_checker-0.1.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-08-29 14:40:22",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "license-checker"
}
JSON