{"id":4081,"library":"liccheck","title":"liccheck: Python License Checker","description":"liccheck is a Python library and command-line tool that checks package licenses listed in a requirements.txt file or pyproject.toml and their dependencies against a user-defined strategy. This strategy includes lists of authorized and unauthorized licenses, as well as explicitly authorized packages. The current version is 0.9.2, with a fairly active release cadence addressing features like Poetry support and improved license parsing.","status":"active","version":"0.9.2","language":"en","source_language":"en","source_url":"https://github.com/dhatim/python-license-check","tags":["license","compliance","security","cli","dependencies"],"install":[{"cmd":"pip install liccheck","lang":"bash","label":"Install latest version"}],"dependencies":[{"reason":"Requires Python 3.5 or newer.","package":"python","optional":false}],"imports":[],"quickstart":{"code":"import os\n\n# Create dummy requirements.txt\nwith open('requirements.txt', 'w') as f:\n    f.write('Flask\\nrequests==2.31.0\\n')\n\n# Create dummy liccheck.ini for configuration\n# Authorized and unauthorized licenses in LOWER CASE\nwith open('liccheck.ini', 'w') as f:\n    f.write(''[Licenses]\\n'')\n    f.write(''authorized_licenses: mit, bsd new, apache 2.0, python software foundation license, isc license (iscl)\\n'')\n    f.write(''unauthorized_licenses: gpl v3, agpl\\n\\n'')\n    f.write(''[Authorized Packages]\\n'')\n    f.write(''; Example: Specify exact version or range using PEP-0440\\n'')\n    f.write(''requests: >=2.31.0,<3.0.0\\n'')\n\nprint(\"Running liccheck. This assumes 'Flask' and 'requests' are installed in the current environment.\")\nprint(\"To run this properly, ensure `pip install Flask requests liccheck` is executed first.\")\nprint(\"--- Output from liccheck ---\")\n# Use os.system for demonstration as it's primarily a CLI tool\nos.system('liccheck --strategy-ini-file liccheck.ini --requirement-txt-file requirements.txt')\nprint(\"---------------------------\")\n\n# Clean up dummy files\nos.remove('requirements.txt')\nos.remove('liccheck.ini')","lang":"python","description":"This quickstart demonstrates how to use `liccheck` as a command-line tool. It creates a mock `requirements.txt` and `liccheck.ini` strategy file, then executes `liccheck` to verify licenses. For a real-world scenario, ensure the packages listed in `requirements.txt` are actually installed in the same Python environment where `liccheck` is run."},"warnings":[{"fix":"Upgrade to Python 3.5+ or pin `liccheck<0.9.2` for Python 2 projects.","message":"Starting with version 0.9.2, `liccheck` officially dropped support for Python 2. Projects still using Python 2 will need to use an older version (pre-0.9.2) or migrate to Python 3.","severity":"breaking","affected_versions":"<0.9.2"},{"fix":"Install `liccheck` alongside your project's dependencies: `pip install -r requirements.txt liccheck`.","message":"`liccheck` must be installed in the *same* Python (virtual) environment as the packages it needs to check. This is because it uses `pkg_resources` to access installed package metadata and license information directly.","severity":"gotcha","affected_versions":"All"},{"fix":"Always provide a strategy file, either explicitly via `--strategy-ini-file` or by placing `liccheck.ini` or a `[tool.liccheck]` section in `pyproject.toml` in the current working directory. Refer to documentation for example configurations.","message":"A license strategy file (`liccheck.ini` or `pyproject.toml`) is mandatory for `liccheck` to operate correctly. Without it, the tool cannot determine authorized or unauthorized licenses and packages, often leading to errors or unhelpful output.","severity":"gotcha","affected_versions":"All"},{"fix":"Ensure you are using `liccheck` version 0.9.1 or newer for accurate handling of complex license expressions.","message":"Older versions of `liccheck` (prior to 0.9.1) had limitations or incorrect behavior when dealing with multiple licenses, especially those combined with SPDX `OR` operators. This was addressed in version 0.9.1.","severity":"gotcha","affected_versions":"<0.9.1"},{"fix":"For new projects or migration, consider using `pyproject.toml` for your `liccheck` configuration. For older `liccheck` versions, `.ini` files are the primary option.","message":"While `liccheck.ini` is a valid configuration file, modern Python projects increasingly prefer `pyproject.toml`. `liccheck` supports a `[tool.liccheck]` section in `pyproject.toml` since version 0.9.0.","severity":"gotcha","affected_versions":"<0.9.0"}],"env_vars":null,"last_verified":"2026-04-11T00:00:00.000Z","next_check":"2026-07-10T00:00:00.000Z"}