Manuel Zabelt

Hi @simonpercivall, I'm actually not really aware what the licensing of astunparse is. Does it contain BSD as well as PSF-2.0 Code? Or is it duallicensed in the sense, that...

Hi @WhyJee, thanks for bringing the different categories up! One could argue, that in some component that is licenses as "MIT AND LGPL-2.1-only" there actually are "sub components" that are...

Hi there, I did some cross check and found that other CyclonDX-Tools seem to struggle with Licenses Expressions such as "(LGPLv3+ or GPLv2+) and GPLv3+" as well: https://github.com/CycloneDX/cyclonedx-python/discussions/377 https://github.com/DependencyTrack/dependency-track/issues/170 The...

Hi @Devante7, please let me know if there is anything I can help with. I currently see nothing I could do about the failed check. But maybe I'm missing something.

Hi, I've just started to dig into that as well. flit discussed this in some detail here: https://github.com/pypa/flit/issues/377#issuecomment-728198300 What I can see is that the flit wheel does NOT contain...

Making pip-license PEP-639 aware sounds pretty neat and future proof to me. On the other hand I'm not sure how many of this libs that adopted PEP-0621 also adopted PEP...