At times, we need to give management team a list of libraries that are used in a project with license details.
I found pip-licenses very handy to generate a easy to read license details of all the dependencies that we have in pip.
pip-licenses --from-classifier --with-urls --with-system --format=markdown
which will generate, for example, a proper markdown. Example:
| Name | Version | License |
| Django | 2.0.2 | BSD |
| pytz | 2017.3 | MIT |
Different options available and their usage details are described here
There is a huge list of tools to accomplish our needs with different output style, settings, configurations etc.Tools that I found useful:
- The output format is very simple. Sometimes we may need a rich format.
- Not lot of detailed fields. Very minimalistic
- Output format looks very neat.
- Easy for management users to review.
- More detailed fields are available
- Slowly getting good community’s attention. At the time of writing, 245 Github stars.
- Not able to filter only prod dependencies.
- More detailed fields are available.
- Output format looks neat.
- compared to legally, community’s attention is less as of now.
- ability to filter prod
To generate dependency license details using legally
npx legally --show licenses
this will generate a high level license details for the whole project something like:
To generate dependency module specific license details:
npx legally --show packages
This will generate something like this:
Generate using ‘license-report’
I like the ability to show only licenses for production dependencies. Command to generate production dependencies and licenses :
license-report --output=csv --only=prod --csvHeaders
license-report provides other output formats (table, json etc) and capability to view licenses of dev dependencies as well. Please visit the links below for detailed configuration tips.
Drawback: As of now, I am unable to see ways to configure fields required. So I need to generate csv and open it in excel or equivalent to remove the unwanted fields.