Product
Socket Now Supports pylock.toml Files
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
By Trevor Norris - Jun 05, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
- Maintainers
- 1
pip-licenses-cli
Dump the software license list of Python packages installed with pip.
Description
pip-licenses-cli is a CLI tool for checking the software licenses of installed Python packages with pip.
Implemented with the idea inspired by composer licenses command in Composer (a.k.a PHP package management tool):
https://getcomposer.org/doc/03-cli.md#licenses
This is a fork of the original pip-licenses project. While pip-licenses-cli provides a CLI,
pip-licenses-lib provides the library functionality. The CLI builds upon the library.
Installation
You can install this package from PyPI:
python -m pip install pip-licenses-cli
If you want to additionally parse license declarations with SPDX expressions, then also install the spdx extra:
python -m pip install 'pip-licenses-cli[spdx]'
Alternatively, you can use the package from source directly after installing the required dependencies.
Usage
Execute the command with your venv (or virtualenv) environment.
# Install packages in your venv environment
(venv) $ pip install Django pip-licenses-cli
# Check the licenses with your venv environment
(venv) $ pip-licenses
Name Version License
Django 2.0.2 BSD
pytz 2017.3 MIT
For further details, see the detailed docs.
About UnicodeEncodeError
If a UnicodeEncodeError occurs, check your environment variables LANG and LC_TYPE.
Additionally, you can set PYTHONIOENCODING to override the encoding used for stdout.
This mostly occurs in isolated environments such as Docker and tox.
See useful reports:
Dependencies
pip-licenses-cli has been implemented in the policy to minimize the dependencies on external packages.
- pip-licenses-cli by the same authors as the CLI (MIT License).
- prettytable by Luke Maurits, subject to the BSD-3-Clause License.
- Note: This package implicitly requires wcwidth by Jeff Quast (MIT License).
- For Python < 3.11: tomli by Taneli Hukkinen under the MIT License.
If you are using SPDX support with the spdx extra, the following additional dependencies are required:
- license-expression by nexB Inc. under the Apache-2.0 License.
- boolean.py by Sebastian Krämer under the BSD-2-Clause License.
Contributing
License
This package is subject to the terms of the MIT license.
Disclaimer
All results are generated automatically from the data supplied by the corresponding package maintainers and provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. No generated content should be considered or used as legal advice. Consult an Attorney for any legal advice.
FAQs
Dump the software license list of Python packages installed with pip.
We found that pip-licenses-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Destructive npm Packages Disguised as Utilities Enable Remote System Wipe
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.
By Kush Pandya - Jun 05, 2025
Research
Security News
Malicious Ruby Gems Exfiltrate Telegram Tokens and Messages Following Vietnam Ban
Malicious Ruby gems typosquat Fastlane plugins to steal Telegram bot tokens, messages, and files, exploiting demand after Vietnam’s Telegram ban.
By Kirill Boychenko - Jun 03, 2025