https://github.com/skimit/pypi-license-checker-github-action

GitHub Action that validates project's dependencies licenses, failing if it finds any dependency that uses GPL, MPL, and EPL licensing.
https://github.com/skimit/pypi-license-checker-github-action

actions github-actions

Last synced: about 2 months ago
JSON representation

GitHub Action that validates project's dependencies licenses, failing if it finds any dependency that uses GPL, MPL, and EPL licensing.

• Host: GitHub
• URL: https://github.com/skimit/pypi-license-checker-github-action
• Owner: skimit
• License: mit
• Created: 2022-01-03T19:37:33.000Z (about 3 years ago)
• Default Branch: master
• Last Pushed: 2024-09-30T12:07:07.000Z (4 months ago)
• Last Synced: 2024-10-31T10:38:41.578Z (3 months ago)
• Topics: actions, github-actions
• Language: Shell
• Homepage:
• Size: 30.3 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE
  • Code of conduct: CODE_OF_CONDUCT.md
  • Codeowners: CODEOWNERS

Awesome Lists containing this project

README

        
# PyPI License Checker GitHub Action

This action validates project's dependencies licenses, failing if it finds any dependency that uses GPL, MPL, and EPL licensing.

## Example usage

```yaml

name: 'Validate Project Dependencies Licenses'

on: push

jobs:

  validate-project-dependencies:

    runs-on: ubuntu-latest

    steps:

      - name: Checkout

        uses: actions/checkout@v4

      - name: Validate Dependencies Licenses

        uses: skimit/[email protected]

        env:

          EXTRA_INDEX_URL: ${{ secrets.EXTRA_INDEX_URL }}

          EXTRA_INDEX_URL_USERNAME: ${{ secrets.EXTRA_INDEX_URL_USERNAME }}

          EXTRA_INDEX_URL_PASSWORD: ${{ secrets.EXTRA_INDEX_URL_PASSWORD }}

```

## Ignore specific dependencies

Should you with to ignore specific dependencies from having their licenses checked, all you need to do is create a new file on your repository root folder called `allowed_dependencies.txt`. Inside the file, just place the names of the dependencies you want to ignore. E.g.:

```shell

▶ cat allowed_dependencies.txt

bidict

fastapi

tqdm

```

## Motivation

[Deeper Insights](https://deeperinsights.com)™ mission is to empower people to use data more effectively and to demystify artificial intelligence. Rather than holding up the common narrative of machines replacing humans, we see how machines can help humans to have easier lives and better businesses. Creating bespoke solutions is part of our DNA. We came up with this solution to help our specialists focus on delivering the best version of their work, using automation to take care of the repetitive tasks.

## Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

## License

[MIT](https://choosealicense.com/licenses/mit/)