Add support for License-Expression parsing (PEP 639)#213
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## dev-5.5.0 #213 +/- ##
==========================================
Coverage 99.13% 99.14%
==========================================
Files 1 1
Lines 462 466 +4
==========================================
+ Hits 458 462 +4
Misses 4 4 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
Isn't the proposed handling against PEP 639? According to https://packaging.python.org/en/latest/specifications/core-metadata/#license, the following holds true:
With PyPI not allowing both keys to be set and |
Yeah, you're correct.
Not quite sure about that one. The breaking change is in the |
The License field is deprecated, as is the trove classifier. Note that pip show does not support properly detecting these yet, but it will. Note also that `pip-licenses` does not support PEP 639 (see raimon49/pip-licenses#213) the implications of which are that we are already broken (the `license_check` noxenv fails because of packages already using the newer standard). This doesn't fix that yet. AFAICT no tool exists that does this properly yet/now. So let's see... I guess we reimplement that functionality?! Refs: https://peps.python.org/pep-0639/ Refs: pypa/pip#13112 Refs: pypa/pip#6677
SMoraisAnsys
left a comment
SMoraisAnsys
left a comment
There was a problem hiding this comment.
Thanks for this PR ! Could you update the dependency file to add a package using license expression ? I proposed attrs but any other package doing it is fine :)
I'd prefer not to add an additional test dependency just for that. The last |
Attrs is already a dependency (see the top of the dependency file) |
It's only a transitive dependency on an old pytest version. Will be removed with #217 it seems. Anyway, I'd like to keep dependency bumps separate. Will update the asserts here, if #217 and / or #222 ever gets merged. |
|
@raimon49 Sorry for the direct ping but this package doesn't seem to have much activity since 6 months. Could you have a look at this PR or should we assume the repo to be dead and move with a fork ? |
|
Hi - any chance of getting something merged for this? Packages are starting to use the new standard. On our project we've started blocking some updates, but that can only be done for so long. Getting a new release onto PyPI that supports the new standard would be really helpful. |
|
desperately asking that this get merged so that we don't have to perform surgery to roll our own pip license code. |
|
For those in need of this, consider |
Minor change to avoid possible bug risk.
reactive-firewall
dismissed
SMoraisAnsys’s stale review
Previous reviews are sufficiently resolved.
9 participants
PEP 639 has been (provisionally) accepted recently.
hatchadded support1 for it early on and so the first packages which store the license metadata inside theLicense-Expressionfield start popping up. E.g. for ftfy it looks like thisThis PR adds the basic parsing support without any validation similar to the existing behavior for the
Licensemetadata field or the classifier. It might make sense to add the validation at a later point though.To keep the changes to a minimum, the behavior of
--from=mixedis preserved. However:Caution
Breaking change: The
--from=alloutput now includes theLicense-Expressionvalue.Fixes #225
Footnotes
https://hatch.pypa.io/1.9/config/metadata/#spdx-expression ↩