Can pip (or setuptools, distribute etc…) list the license used by each installed package?

Question

I\'m trying to audit a Python project with a large number of dependencies and while I can manually look up each project\'s homepage/license terms, it seems like most OSS pac

Answer 1

Based on answer provided by @garromark and tweaked for Python 3, I use this on the command line:

import pkg_resources import copy

def get_packages_info():
    KEY_MAP = {
        "Name": 'name',
        "Version": 'version',
        "License": 'license',
    }
    empty_info = {}
    for key, name in KEY_MAP.items():
        empty_info[name] = ""

    packages = pkg_resources.working_set.by_key
    infos = []
    for pkg_name, pkg in packages.items():
        info = copy.deepcopy(empty_info)
        try:
            lines = pkg.get_metadata_lines('METADATA')
        except (KeyError, IOError):
            lines = pkg.get_metadata_lines('PKG-INFO')

        for line in lines:
            try:
                key, value = line.split(': ', 1)
                if key in KEY_MAP:
                    info[KEY_MAP[key]] = value
            except ValueError:
                pass

        infos += [info]

    return "name,version,license\n%s" % "\n".join(['"%s","%s","%s"' % (info['name'], info['version'], info['license']) for info in sorted(infos, key=(lambda item: item['name'].lower()))])

     print(get_packages_info())