Skip to content

Commit bb43905

Browse files
yeisonvargasfyeisonvargasf
authored
chore: add a refresh notice utility script and update the NOTICE file (#687)
With this utility you can refresh the NOTICE.md for all the dependencies required by Safety
1 parent 667f712 commit bb43905

File tree

2 files changed

+113
-72
lines changed

2 files changed

+113
-72
lines changed

LICENSES/NOTICE.md

Lines changed: 40 additions & 72 deletions
Original file line numberDiff line numberDiff line change
@@ -1,72 +1,40 @@
1-
| Name | Version | License |
2-
|--------------------|-----------------|--------------------------------------------------------------------------------------------------|
3-
| Authlib | 1.3.1 | BSD License |
4-
| Jinja2 | 3.1.4 | BSD License |
5-
| MarkupSafe | 2.1.5 | BSD License |
6-
| Pygments | 2.18.0 | BSD License |
7-
| annotated-types | 0.7.0 | MIT License |
8-
| backports.tarfile | 1.2.0 | MIT License |
9-
| build | 1.2.1 | MIT License |
10-
| cachetools | 5.3.3 | MIT License |
11-
| certifi | 2024.7.4 | Mozilla Public License 2.0 (MPL 2.0) |
12-
| cffi | 1.17.0 | MIT License |
13-
| chardet | 5.2.0 | GNU Lesser General Public License v2 or later (LGPLv2+) |
14-
| charset-normalizer | 3.3.2 | MIT License |
15-
| click | 8.1.7 | BSD License |
16-
| colorama | 0.4.6 | BSD License |
17-
| coverage | 7.5.4 | Apache Software License |
18-
| cryptography | 43.0.0 | Apache Software License; BSD License |
19-
| distlib | 0.3.8 | Python Software Foundation License |
20-
| docutils | 0.21.2 | BSD License; GNU General Public License (GPL); Public Domain; Python Software Foundation License |
21-
| dparse | 0.6.4 | MIT License |
22-
| filelock | 3.12.4 | The Unlicense (Unlicense) |
23-
| idna | 3.7 | BSD License |
24-
| importlib_metadata | 8.4.0 | Apache Software License |
25-
| iniconfig | 2.0.0 | MIT License |
26-
| install | 1.3.5 | MIT License |
27-
| jaraco.classes | 3.4.0 | MIT License |
28-
| jaraco.context | 6.0.1 | MIT License |
29-
| jaraco.functools | 4.0.2 | MIT License |
30-
| keyring | 25.3.0 | MIT License |
31-
| markdown-it-py | 3.0.0 | MIT License |
32-
| marshmallow | 3.21.3 | MIT License |
33-
| mdurl | 0.1.2 | MIT License |
34-
| more-itertools | 10.4.0 | MIT License |
35-
| mypy | 1.10.1 | MIT License |
36-
| mypy-extensions | 1.0.0 | MIT License |
37-
| nh3 | 0.2.18 | MIT |
38-
| packaging | 24.1 | Apache Software License; BSD License |
39-
| pkginfo | 1.10.0 | MIT License |
40-
| platformdirs | 4.2.2 | MIT License |
41-
| pluggy | 1.5.0 | MIT License |
42-
| psutil | 6.0.0 | BSD License |
43-
| pycparser | 2.22 | BSD License |
44-
| pydantic | 2.8.2 | MIT License |
45-
| pydantic_core | 2.20.1 | MIT License |
46-
| pyproject-api | 1.7.1 | MIT License |
47-
| pyproject_hooks | 1.1.0 | MIT License |
48-
| pytest | 7.4.4 | MIT License |
49-
| pytest-cov | 4.1.0 | MIT License |
50-
| readme_renderer | 44.0 | Apache Software License |
51-
| requests | 2.32.3 | Apache Software License |
52-
| requests-toolbelt | 1.0.0 | Apache Software License |
53-
| rfc3986 | 2.0.0 | Apache Software License |
54-
| rich | 13.7.1 | MIT License |
55-
| ruamel.yaml | 0.18.6 | MIT License |
56-
| ruamel.yaml.clib | 0.2.8 | MIT License |
57-
| safety | 3.2.5 | MIT License |
58-
| safety-schemas | 0.0.3 | MIT License |
59-
| shellingham | 1.5.4 | ISC License (ISCL) |
60-
| toml | 0.10.2 | MIT License |
61-
| tox | 4.15.1 | MIT License |
62-
| twine | 5.1.1 | Apache Software License |
63-
| typer | 0.12.3 | MIT License |
64-
| types-Pygments | 2.18.0.20240506 | Apache Software License |
65-
| types-colorama | 0.4.15.20240311 | Apache Software License |
66-
| types-docutils | 0.21.0.20240708 | Apache Software License |
67-
| types-requests | 2.32.0.20240622 | Apache Software License |
68-
| types-setuptools | 70.2.0.20240704 | Apache Software License |
69-
| typing_extensions | 4.12.2 | Python Software Foundation License |
70-
| urllib3 | 2.2.2 | MIT License |
71-
| virtualenv | 20.26.3 | MIT License |
72-
| zipp | 3.20.0 | MIT License |
1+
# Package Licenses
2+
3+
| Name | Version | License |
4+
|------|---------|----------|
5+
| annotated-types | 0.7.0 | MIT License |
6+
| authlib | 1.4.0 | BSD-3-Clause |
7+
| certifi | 2024.12.14 | MPL-2.0 |
8+
| cffi | 1.17.1 | MIT |
9+
| charset-normalizer | 3.4.1 | MIT |
10+
| click | 8.1.8 | BSD License |
11+
| cryptography | 44.0.0 | Apache-2.0 OR BSD-3-Clause |
12+
| dparse | 0.6.4 | MIT license |
13+
| filelock | 3.16.1 | Unlicense |
14+
| idna | 3.10 | BSD License |
15+
| jinja2 | 3.1.5 | BSD License |
16+
| joblib | 1.4.2 | BSD 3-Clause |
17+
| markdown-it-py | 3.0.0 | MIT License |
18+
| markupsafe | 3.0.2 | BSD License |
19+
| marshmallow | 3.23.3 | MIT License |
20+
| mdurl | 0.1.2 | MIT License |
21+
| nltk | 3.9.1 | Apache License, Version 2.0 |
22+
| packaging | 24.2 | Apache Software License |
23+
| psutil | 6.1.1 | BSD-3-Clause |
24+
| pycparser | 2.22 | BSD-3-Clause |
25+
| pydantic | 2.9.2 | MIT |
26+
| pydantic-core | 2.23.4 | MIT |
27+
| pygments | 2.18.0 | BSD-2-Clause |
28+
| regex | 2024.11.6 | Apache Software License |
29+
| requests | 2.32.3 | Apache-2.0 |
30+
| rich | 13.9.4 | MIT |
31+
| ruamel-yaml | 0.18.8 | MIT license |
32+
| ruamel-yaml-clib | 0.2.12 | MIT |
33+
| safety | 3.3.0 | MIT |
34+
| safety-schemas | 0.0.11 | MIT |
35+
| setuptools | 75.8.0 | MIT License |
36+
| shellingham | 1.5.4 | ISC License |
37+
| tqdm | 4.67.1 | MPL-2.0 AND MIT |
38+
| typer | 0.15.1 | MIT License |
39+
| typing-extensions | 4.12.2 | Python Software Foundation License |
40+
| urllib3 | 2.3.0 | MIT License |

refresh_notice.py

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
#!/usr/bin/env python3
2+
import importlib.metadata
3+
from pathlib import Path
4+
from typing import List, Tuple
5+
6+
def normalize_package_name(name: str) -> str:
7+
"""Normalize package name to lowercase with hyphens."""
8+
return name.lower().replace('_', '-').replace('.', '-')
9+
10+
def get_license_from_classifier(classifiers: List[str]) -> str:
11+
"""Extract license from classifier if available."""
12+
for c in classifiers:
13+
if 'License :: OSI Approved ::' in c:
14+
return c.split('License :: OSI Approved :: ')[-1]
15+
return ''
16+
17+
def get_license(dist) -> str:
18+
"""Get license information from package metadata."""
19+
classifiers = dist.metadata.get_all('Classifier') or []
20+
classifier_license = get_license_from_classifier(classifiers)
21+
22+
# Get direct license field
23+
license = dist.metadata.get('License', '')
24+
25+
# If license is too long (probably full license text) and we have a classifier, use classifier
26+
if len(license) > 100 and classifier_license:
27+
return classifier_license
28+
29+
# Try License field first
30+
if license:
31+
return license
32+
33+
# Try License-Expression
34+
if dist.metadata.get('License-Expression'):
35+
return dist.metadata['License-Expression']
36+
37+
# Use classifier license if available
38+
if classifier_license:
39+
return classifier_license
40+
41+
return 'License not found'
42+
43+
def get_all_packages() -> List[Tuple[str, str, str]]:
44+
"""Get all packages with their versions and licenses."""
45+
packages = [
46+
(normalize_package_name(dist.metadata['Name']),
47+
dist.version,
48+
get_license(dist))
49+
for dist in importlib.metadata.distributions()
50+
]
51+
return sorted(packages)
52+
53+
def generate_markdown_table(packages: List[Tuple[str, str, str]], output_file: str):
54+
"""Generate markdown table and save to file."""
55+
with open(output_file, 'w') as f:
56+
# Write header
57+
f.write('# Package Licenses\n\n')
58+
f.write('| Name | Version | License |\n')
59+
f.write('|------|---------|----------|\n')
60+
61+
# Write package rows
62+
for name, version, license in packages:
63+
# Escape any pipe characters in the license
64+
license = license.replace('|', '\\|')
65+
f.write(f'| {name} | {version} | {license} |\n')
66+
67+
def main():
68+
packages = get_all_packages()
69+
generate_markdown_table(packages, 'LICENSES/NOTICE.md')
70+
print(f"Generated package_licenses.md with {len(packages)} packages")
71+
72+
if __name__ == '__main__':
73+
main()

0 commit comments

Comments
 (0)