Does it require external tools?

It requires the WebFetch tool to access live SPDX data, and it works best when paired with the python-packaging-license-finder skill.

Can it handle common license nicknames?

Yes, the skill employs normalization logic and fuzzy matching to identify variations such as 'Apache 2', 'BSD 3-Clause', or 'GPLv3'.

How does the skill verify license accuracy?

It uses WebFetch to query the authoritative SPDX License List directly from the official GitHub repository for real-time validation and metadata.

What happens if a license is deprecated?

The skill flags the deprecation status, suggests the current equivalent license, and provides a risk assessment based on the deprecated terms.

Is this skill only for Red Hat environments?

No, while it provides specialized context for Red Hat vendor agreements, the core compliance and risk assessment logic is applicable to any Python development project.

Python License Checker

Name: Python License Checker
Author: opendatahub-io

byopendatahub-io

•

開発者ツール

Validates Python package licenses against SPDX standards to ensure legal compliance for wheel redistribution and enterprise use.

概要

This skill automates the complex task of licensing compliance for Python developers and enterprise architects by fetching real-time data from the official SPDX License List. It evaluates whether specific packages can be safely redistributed, built into wheels, or used in commercial environments, providing a structured risk assessment from Low to High risk. The tool incorporates specific enterprise contexts, including Red Hat vendor agreements for NVIDIA, Intel Gaudi, and IBM Spyre components, ensuring that developers meet redistribution requirements without manual research.

主な機能

Detailed Redistribution Requirements
Risk-based Compliance Classification
Real-time SPDX Database Integration
12 GitHub stars
Red Hat Vendor Agreement Context
Input Normalization for Fuzzy Matching

ユースケース

Auditing a Python project's dependencies before enterprise redistribution.
Identifying high-risk licenses like GPL or AGPL in commercial software stacks.
Verifying if a specific package license allows building and shipping wheels.

概要

主な機能

Detailed Redistribution Requirements
Risk-based Compliance Classification
Real-time SPDX Database Integration
12 GitHub stars
Red Hat Vendor Agreement Context
Input Normalization for Fuzzy Matching

ユースケース

Auditing a Python project's dependencies before enterprise redistribution.
Identifying high-risk licenses like GPL or AGPL in commercial software stacks.
Verifying if a specific package license allows building and shipping wheels.