upgrade-license-check (#398)

Author: JKL98ISR

.github/workflows/license-check.yml

@@ -40,35 +40,13 @@ jobs:
           python-version: 3.11
       - name: Get explicit and transitive dependencies
         run: |
-          pip install -U pip==22.0.4 setuptools==58.3.0
-          pip install -q -r requirements.txt
-          pip freeze > requirements-all.txt
-        working-directory: ./backend
-      - name: Check python
-        id: license_check_report
-        uses: pilosus/[email protected]
-        with:
-          requirements: "backend/requirements-all.txt"
-          fail: "Copyleft,Other,Error"
-          exclude: '(category_encoders.*2\.7\..*|attrs.*25\.3\..*|referencing.*0\.36\..*|envier.*0\.5\.0|psycopg2.*2\.9\.3|fqdn.*1\.5\.1|pyzmq.*25\.1\.2|debugpy.*1\.6\.7|certifi.*2025\.1\.31|tqdm.*4\.67\..*|webencodings.*0\.5\.1|torch.*1\.10\.2.*|torch.*1\.11\.0.*|pytorch-ignite.*0\.4\.10.*|torchaudio.*0\.11\.0.*|torchvision.*0\.12\.0.*|terminado.*0\.15\.0|qudida.*0\.0\.4|expiringdict.*1\.2\.2|botocore.*1\.29\.80|orderedmultidict.*1\.0\.1|termcolor.*3\.0\.1|pillow.*11\.2\.1|deepchecks.*)'          
-          # psycopg2 is LGPL 2
-          # category_encoders is BSD https://github.com/scikit-learn-contrib/category_encoders/tree/master?tab=BSD-3-Clause-1-ov-file
-          # attrs is MIT https://github.com/python-attrs/attrs/blob/main/LICENSE
-          # referencing is MIT https://github.com/python-jsonschema/referencing?tab=MIT-1-ov-file
-          # pyzmq is Revised BSD https://github.com/zeromq/pyzmq/blob/main/examples/LICENSE
-          # debugpy is MIT https://github.com/microsoft/debugpy/blob/main/LICENSE
-          # certifi is MPL-2.0 https://github.com/certifi/python-certifi/blob/master/LICENSE
-          # tqdm is MPL-2.0 https://github.com/tqdm/tqdm/blob/master/LICENCE
-          # webencodings is BSD https://github.com/gsnedders/python-webencodings/blob/master/LICENSE
-          # torch is BSD https://github.com/pytorch/pytorch/blob/master/LICENSE
-          # torchvision is BSD https://github.com/pytorch/vision/blob/main/LICENSE
-          # torchaudio is BSD https://github.com/pytorch/audio/blob/main/LICENSE
-          # terminado is BSD https://github.com/jupyter/terminado/blob/main/LICENSE
-          # termcolor is MIT https://github.com/termcolor/termcolor/blob/main/COPYING.txt
-          # orderedmultidict is freeley distributed https://github.com/gruns/orderedmultidict/blob/master/LICENSE.md
-      - name: Print report
-        if: ${{ always() }}
-        run: echo "${{ steps.license_check_report.outputs.report }}"
+          pip install -U pip==25.1.1 setuptools==80.9.0
+          pip install -q -r backend/requirements.txt
+      - name: Set up liccheck
+        run: pip install liccheck
+      - name: Run liccheck
+        run: python -m liccheck -r backend/requirements.txt -s liccheck.ini 
+
   frontend-license-check:
     runs-on: ubuntu-latest
     steps:

Dockerfile

@@ -48,7 +48,7 @@ ENV MIXPANEL_ID=$MIXPANEL_ID
 # ---
 ARG DEEPCHECKS_CI_TOKEN
 
-RUN ln -s /usr/bin/python3.11 /usr/bin/python && python -m pip install -U pip "setuptools"
+RUN ln -s /usr/bin/python3.11 /usr/bin/python && python -m pip install -U pip==25.1.1 setuptools==80.9.0 --no-cache-dir
 # For ARM arch, ray>2.3.1 uses grpcio==1.51.3 which doesn't has wheel and takes forever to build from source
 RUN python -m pip install ray==2.9.0 grpcio==1.60.0 --no-cache-dir
 RUN python -m pip install -r backend_requirements.txt --compile --no-cache-dir

liccheck.ini

@@ -0,0 +1,52 @@
+[Licenses]
+authorized_licenses:
+        bsd
+        new bsd
+        bsd license
+        new bsd license
+        simplified bsd
+	BSD 3-Clause
+        BSD-3-Clause
+        2-clause BSD
+        LICENSE.BSD3
+        3-Clause BSD
+
+        apache
+        apache 2.0
+        apache software license
+        apache software
+	Apache License, Version 2.0
+        Apache-2.0
+
+        gnu lgpl
+        GNU Library or Lesser General Public License (LGPL)
+        GNU Affero General Public License v3 or later (AGPLv3+)
+
+        isc license
+        isc license (iscl)
+
+        mit
+        mit license
+        MIT-CMU
+        CMU License (MIT-CMU)
+        MIT AND Python-2.0
+
+        Python Software Foundation
+        PSF-2.0
+
+	Historical Permission Notice and Disclaimer (HPND)
+	Mozilla Public License 2.0 (MPL 2.0)
+	The Unlicense (Unlicense)
+        Freely Distributable
+        Public Domain
+
+[Authorized Packages]
+# MIT
+qudida: 0.0.4
+sqloxide: 0.1.54
+# BSD
+category-encoders: 2.7.0
+# BSD + APACHe + Third Party
+pypdfium2: 4.30.1
+
+setuptools: 80.9.0