From c74aebf44b00e2c1ace17f68ee985ffdb66e52c8 Mon Sep 17 00:00:00 2001 From: Yong Date: Mon, 15 Sep 2025 22:53:03 -0500 Subject: [PATCH 1/5] Python client: add license check --- .github/workflows/python-client.yml | 4 ++++ Makefile | 6 ++++++ client/python/pyproject.toml | 26 ++++++++++++++++++++++++++ 3 files changed, 36 insertions(+) diff --git a/.github/workflows/python-client.yml b/.github/workflows/python-client.yml index 8ee2d50110..2bb3671ffd 100644 --- a/.github/workflows/python-client.yml +++ b/.github/workflows/python-client.yml @@ -59,6 +59,10 @@ jobs: run: | make client-lint + - name: License Compliance Check + run: | + make client-license-check + - name: Generated Client Tests run: | make client-unit-test diff --git a/Makefile b/Makefile index 6f8e899427..9211d791f1 100644 --- a/Makefile +++ b/Makefile @@ -162,6 +162,12 @@ client-integration-test: client-setup-env ## Run client integration tests @echo "Tearing down Docker Compose services..." @$(DOCKER) compose -f $(PYTHON_CLIENT_DIR)/docker-compose.yml down || true # Ensure teardown even if tests fail +.PHONY: client-license-check +client-license-check: client-setup-env ## Run license compliance check + @echo "--- Starting license compliance check ---" + @$(ACTIVATE_AND_CD) && pip-licenses + @echo "--- License compliance check complete ---" + .PHONY: client-build client-build: client-setup-env ## Build client distribution @echo "--- Building client distribution ---" diff --git a/client/python/pyproject.toml b/client/python/pyproject.toml index 7d4af8f1f4..0d850e22b4 100644 --- a/client/python/pyproject.toml +++ b/client/python/pyproject.toml @@ -62,10 +62,36 @@ mypy = ">=1.18, <=1.18.1" pyiceberg = "==0.10.0" pre-commit = "==4.3.0" openapi-generator-cli = "==7.11.0.post0" +pip-licenses = "==5.0.0" # pin virtualenv version to prevent poetry from upgrading to an incompatible version # see https://github.com/python-poetry/poetry/issues/10504#issuecomment-3176923981 virtualenv = ">=20.26.6,<20.33.0" +[tool.pip-licenses] +from-classifier = true +# Packages with "UNKNOWN" licenses in pip-licenses metadata. +# These have been manually verified and are known to be compatible with ASF. +ignore-packages = [ + "CacheControl", # Apache-2.0 + "RapidFuzz", # MIT License (MIT) + "anyio", # MIT License (MIT) + "build", # MIT License (MIT) + "cffi", # MIT License (MIT) + "click", # BSD-3-Clause + "fsspec", # BSD-3-Clause + "jaraco.functools", # MIT License (MIT) + "more-itertools", # MIT License (MIT) + "mypy_extensions", # MIT License (MIT) + "pyparsing", # MIT License (MIT) + "types-python-dateutil", # Apache-2.0 + "typing-inspection", # MIT License (MIT) + "typing_extensions", # PSF-2.0 + "urllib3", # MIT License (MIT) + "zstandard", # BSD-3-Clause +] +partial-match = true +allow-only = "MIT;Apache;BSD License;PSF-2.0;ISC;The Unlicense;Python Software Foundation License;Mozilla Public License" + [build-system] requires = ["poetry-core>=2.0.0,<3.0.0", "openapi-generator-cli==7.11.0.post0"] build-backend = "poetry.core.masonry.api" From 43c9771af4bac438981fcc531ec7b5904fbf76ba Mon Sep 17 00:00:00 2001 From: Yong Date: Mon, 15 Sep 2025 23:00:33 -0500 Subject: [PATCH 2/5] Python client: add license check --- client/python/pyproject.toml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/client/python/pyproject.toml b/client/python/pyproject.toml index 0d850e22b4..538c0f42b6 100644 --- a/client/python/pyproject.toml +++ b/client/python/pyproject.toml @@ -72,10 +72,9 @@ from-classifier = true # Packages with "UNKNOWN" licenses in pip-licenses metadata. # These have been manually verified and are known to be compatible with ASF. ignore-packages = [ - "CacheControl", # Apache-2.0 - "RapidFuzz", # MIT License (MIT) "anyio", # MIT License (MIT) "build", # MIT License (MIT) + "CacheControl", # Apache-2.0 "cffi", # MIT License (MIT) "click", # BSD-3-Clause "fsspec", # BSD-3-Clause @@ -83,10 +82,12 @@ ignore-packages = [ "more-itertools", # MIT License (MIT) "mypy_extensions", # MIT License (MIT) "pyparsing", # MIT License (MIT) + "RapidFuzz", # MIT License (MIT) "types-python-dateutil", # Apache-2.0 "typing-inspection", # MIT License (MIT) "typing_extensions", # PSF-2.0 "urllib3", # MIT License (MIT) + "zipp", # MIT License (MIT) "zstandard", # BSD-3-Clause ] partial-match = true From 42e7b3d344e643efabc222640f819cb22c3bb9b6 Mon Sep 17 00:00:00 2001 From: Yong Date: Mon, 15 Sep 2025 23:10:10 -0500 Subject: [PATCH 3/5] Python client: add license check --- client/python/pyproject.toml | 1 + 1 file changed, 1 insertion(+) diff --git a/client/python/pyproject.toml b/client/python/pyproject.toml index 538c0f42b6..cd03c71574 100644 --- a/client/python/pyproject.toml +++ b/client/python/pyproject.toml @@ -79,6 +79,7 @@ ignore-packages = [ "click", # BSD-3-Clause "fsspec", # BSD-3-Clause "jaraco.functools", # MIT License (MIT) + "jeepney", # MIT License (MIT) "more-itertools", # MIT License (MIT) "mypy_extensions", # MIT License (MIT) "pyparsing", # MIT License (MIT) From 6de18ee8ef5d81da37dac36da7184543a8139792 Mon Sep 17 00:00:00 2001 From: Yong Date: Mon, 15 Sep 2025 23:30:02 -0500 Subject: [PATCH 4/5] test --- client/python/pyproject.toml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/client/python/pyproject.toml b/client/python/pyproject.toml index cd03c71574..88366f3ecd 100644 --- a/client/python/pyproject.toml +++ b/client/python/pyproject.toml @@ -84,6 +84,7 @@ ignore-packages = [ "mypy_extensions", # MIT License (MIT) "pyparsing", # MIT License (MIT) "RapidFuzz", # MIT License (MIT) + "SecretStorage", # BSD-3-Clause "types-python-dateutil", # Apache-2.0 "typing-inspection", # MIT License (MIT) "typing_extensions", # PSF-2.0 @@ -92,7 +93,7 @@ ignore-packages = [ "zstandard", # BSD-3-Clause ] partial-match = true -allow-only = "MIT;Apache;BSD License;PSF-2.0;ISC;The Unlicense;Python Software Foundation License;Mozilla Public License" +# allow-only = "MIT;Apache;BSD License;PSF-2.0;ISC;The Unlicense;Python Software Foundation License;Mozilla Public License" [build-system] requires = ["poetry-core>=2.0.0,<3.0.0", "openapi-generator-cli==7.11.0.post0"] From f8aebf5c1156aaf0e69430c10959984f2b51b72d Mon Sep 17 00:00:00 2001 From: Yong Date: Mon, 15 Sep 2025 23:33:12 -0500 Subject: [PATCH 5/5] Enable license check --- client/python/pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/python/pyproject.toml b/client/python/pyproject.toml index 88366f3ecd..6d3f833899 100644 --- a/client/python/pyproject.toml +++ b/client/python/pyproject.toml @@ -93,7 +93,7 @@ ignore-packages = [ "zstandard", # BSD-3-Clause ] partial-match = true -# allow-only = "MIT;Apache;BSD License;PSF-2.0;ISC;The Unlicense;Python Software Foundation License;Mozilla Public License" +allow-only = "MIT;Apache;BSD License;PSF-2.0;ISC;The Unlicense;Python Software Foundation License;Mozilla Public License" [build-system] requires = ["poetry-core>=2.0.0,<3.0.0", "openapi-generator-cli==7.11.0.post0"]