{"id":15937475,"url":"https://github.com/andersy005/gh-action-py-liccheck","last_synced_at":"2025-07-19T02:03:06.162Z","repository":{"id":37936084,"uuid":"338728717","full_name":"andersy005/gh-action-py-liccheck","owner":"andersy005","description":"A GitHub Action to check license of Python packages and their dependencies.","archived":false,"fork":false,"pushed_at":"2025-07-01T12:31:55.000Z","size":2517,"stargazers_count":3,"open_issues_count":1,"forks_count":6,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-07-05T03:01:44.938Z","etag":null,"topics":["hacktoberfest"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/andersy005.png","metadata":{"files":{"readme":"README.md","changelog":"changelog.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-02-14T04:29:20.000Z","updated_at":"2025-03-13T12:32:36.000Z","dependencies_parsed_at":"2024-01-10T07:26:27.279Z","dependency_job_id":"5a588872-9df2-49b1-b781-451e42bca7c6","html_url":"https://github.com/andersy005/gh-action-py-liccheck","commit_stats":{"total_commits":364,"total_committers":7,"mean_commits":52.0,"dds":0.2554945054945055,"last_synced_commit":"2c508c0be4f48bbaf1db2bbc77ba44b831f61226"},"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/andersy005/gh-action-py-liccheck","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andersy005%2Fgh-action-py-liccheck","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andersy005%2Fgh-action-py-liccheck/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andersy005%2Fgh-action-py-liccheck/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andersy005%2Fgh-action-py-liccheck/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/andersy005","download_url":"https://codeload.github.com/andersy005/gh-action-py-liccheck/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/andersy005%2Fgh-action-py-liccheck/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265871981,"owners_count":23842112,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest"],"created_at":"2024-10-07T05:03:10.024Z","updated_at":"2025-07-19T02:03:06.138Z","avatar_url":"https://github.com/andersy005.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![pre-commit.ci status](https://results.pre-commit.ci/badge/github/andersy005/gh-action-py-liccheck/main.svg)](https://results.pre-commit.ci/latest/github/andersy005/gh-action-py-liccheck/main)\n\n# `andersy005/gh-action-py-liccheck`\n\n- [`andersy005/gh-action-py-liccheck`](#andersy005gh-action-py-liccheck)\n  - [Usage](#usage)\n    - [Basic](#basic)\n    - [With custom locations for strategy and requirements files](#with-custom-locations-for-strategy-and-requirements-files)\n  - [GitHub action outcomes](#github-action-outcomes)\n  - [Arguments](#arguments)\n  - [How `liccheck` works](#how-liccheck-works)\n  - [Example strategy files](#example-strategy-files)\n  - [Contributing](#contributing)\n  - [License](#license)\n\nThis GitHub action checks license of Python packages and their dependencies via the [liccheck](https://github.com/dhatim/python-license-check) package.\n\n## Usage\n\nTo integrate this action with your action pipelines, add the following step to your workflow file (e.g. `.github/workflows/ci.yml`).\n\n### Basic\n\nThe basic usage uses the default values defined in table below. Therefore, as a user you don't have to specify any argument:\n\n```yaml\n- name: License Checker\n  uses: andersy005/gh-action-py-liccheck@main\n```\n\n### With custom locations for strategy and requirements files\n\n```yaml\n- name: License Checker\n  uses: andersy005/gh-action-py-liccheck@main\n  with:\n    strategy-ini-file: ./my-strategy.ini\n    level: standard\n    requirements-txt-file: ./my-requirements.txt\n    no-deps: true\n    liccheck-version: 0.6.4\n```\n\n## GitHub action outcomes\n\nOnce this action finishes running, it reports the status of compliance of packages. Depending on your settings (strategy, level, etc), you should see something of this sort in your workflow's logs:\n\n\u003cdetails\u003e\n\u003csummary\u003eOutcome 1 - Success\u003c/summary\u003e\n\n\u003cimg src=\"images/success.png\"\u003e\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eOutcome 2 - Failure\u003c/summary\u003e\n\n\u003cimg src=\"images/failure.png\"\u003e\n\n\u003c/details\u003e\n\n## Arguments\n\nThis action currently supports four inputs from the user: `strategy-ini-file`, `level`, `requirements-txt-file`, and `no-deps`.\n\nThese inputs, along with their descriptions and usage contexts, are listed in the table below:\n\n|          Input          |                                                                                                  Description                                                                                                   |  Usage   |      Default       |\n| :---------------------: | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------: | :------: | :----------------: |\n|   `strategy-ini-file`   |                                                  Path to a strategy ini file or a pyproject.toml file to use. See [examples](#example-strategy-files) below.                                                   | Optional |  `pyproject.toml`  |\n| `requirements-txt-file` |                                                                                    Path to a requirements.txt file to use.                                                                                     | Optional | `requirements.txt` |\n|        `no-deps`        |                                                                                     Whether **not** to check dependencies.                                                                                     | Optional |      `false`       |\n|         `level`         | Level for testing compliance of packages, where: `standard` - At least one authorized license (default); `cautious` - Per standard but no unauthorized licenses; `paranoid` - All licenses must be authorized. | Optional |     `standard`     |\n|   `liccheck-version`    |                                                                                       Set the liccheck package version.                                                                                        | Optional |      `0.6.4`       |\n\n## How `liccheck` works\n\n`liccheck` verifies compliance of packages defined in a `requirements.txt` file against a strategy defined in either a `pyproject.toml` or `.ini` file. To use this GitHub action, you have to define the following three items in your strategy file:\n\n- authorized license list\n- unauthorized license list\n- authorized package list (optional)\n\n**NOTE:** The packages from your `requirements.txt` need to all be installed in a Python environment prior to using this GitHub action.\n\n## Example strategy files\n\nHere are some examples showcasing how to define a strategy in both `pyproject.toml` and `.ini` files:\n\n\u003cdetails\u003e\n\u003csummary\u003eExample pyproject.toml\u003c/summary\u003e\n\n```toml\n[tool.liccheck]\n# Authorized and unauthorized licenses in LOWER CASE\nauthorized_licenses = [\n        \"bsd\",\n        \"new bsd\",\n        \"bsd license\",\n        \"new bsd license\",\n        \"simplified bsd\",\n        \"apache\",\n        \"apache 2.0\",\n        \"apache software license\",\n        \"apache software\",\n        \"gnu lgpl\",\n        \"lgpl with exceptions or zpl\",\n        \"isc license\",\n        \"isc license (iscl)\",\n        \"mit\",\n        \"mit license\",\n        \"python software foundation license\",\n        \"zpl 2.1\"\n]\n\nunauthorized_licenses = [\n        \"gpl v3\"\n]\n\n[tool.liccheck.authorized_packages]\nuuid = \"\u003c=1.30\"\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eExample strategy.ini\u003c/summary\u003e\n\n```ini\n# Authorized and unauthorized licenses in LOWER CASE\n[Licenses]\nauthorized_licenses:\n        bsd\n        new bsd\n        bsd license\n        new bsd license\n        simplified bsd\n        apache\n        apache 2.0\n        apache software license\n        apache software\n        gnu lgpl\n        lgpl with exceptions or zpl\n        isc license\n        isc license (iscl)\n        mit\n        mit license\n        python software foundation license\n        zpl 2.1\n\nunauthorized_licenses:\n        gpl v3\n\n[Authorized Packages]\nuuid: 1.30\n\n```\n\n\u003c/details\u003e\n\n## Contributing\n\nContributions are welcome!\n\n## License\n\nThe code and documentation in this project are released under the\n[MIT License](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fandersy005%2Fgh-action-py-liccheck","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fandersy005%2Fgh-action-py-liccheck","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fandersy005%2Fgh-action-py-liccheck/lists"}