Adds automated job to check for dependency licensing (#2488)

# Description Automated job that runs on every PR to check for any dependencies that have non-permissive licenses. ## Type of change - Bug fix (non-breaking change which fixes an issue) ## Checklist - [x] I have run the [`pre-commit` checks](https://pre-commit.com/) with `./isaaclab.sh --format` - [ ] I have made corresponding changes to the documentation - [x] My changes generate no new warnings - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] I have updated the changelog and the corresponding version in the extension's `config/extension.toml` file - [ ] I have added my name to the `CONTRIBUTORS.md` or my name already exists there  --------- Signed-off-by: Kelly Guo <kellyguo123@hotmail.com>

Adds automated job to check for dependency licensing (#2488)
# Description Automated job that runs on every PR to check for any dependencies that have non-permissive licenses. ## Type of change - Bug fix (non-breaking change which fixes an issue) ## Checklist - [x] I have run the [`pre-commit` checks](https://pre-commit.com/) with `./isaaclab.sh --format` - [ ] I have made corresponding changes to the documentation - [x] My changes generate no new warnings - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] I have updated the changelog and the corresponding version in the extension's `config/extension.toml` file - [ ] I have added my name to the `CONTRIBUTORS.md` or my name already exists there  --------- Signed-off-by: Kelly Guo <kellyguo123@hotmail.com>
d6796446 · Kelly Guo · Kelly Guo · d90bd30e · d6796446 · d6796446
Commit d6796446 authored Jul 20, 2025 by Kelly Guo Committed by Kelly Guo Jul 24, 2025
Hide whitespace changes
Inline Side-by-side

Showing with 432 additions and 0 deletions

license-check.yaml .github/workflows/license-check.yaml +118 -0

license-exceptions.json .github/workflows/license-exceptions.json +314 -0

No files found.
--- a/.github/workflows/license-check.yaml
+++ b/.github/workflows/license-check.yaml
+name: Check Python Dependency Licenses
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+jobs:
+  license-check:
+    runs-on: ubuntu-24.04
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v3
+    # - name: Install jq
+    #   run: sudo apt-get update && sudo apt-get install -y jq
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: '3.10'  # Adjust as needed
+    - name: Install dependencies using ./isaaclab.sh -i
+      run: |
+        # first install isaac sim
+        pip install --upgrade pip
+        pip install 'isaacsim[all,extscache]==4.5.0' --extra-index-url https://pypi.nvidia.com
+        chmod +x ./isaaclab.sh  # Make sure the script is executable
+        # install all lab dependencies
+        ./isaaclab.sh -i
+    - name: Install pip-licenses
+      run: |
+        pip install pip-licenses
+        pip install -r tools/template/requirements.txt
+        pip install -r docs/requirements.txt
+    # Optional: Print the license report for visibility
+    - name: Print License Report
+      run: pip-licenses --from=mixed --format=markdown
+    - name: Check licenses against whitelist and exceptions
+      run: |
+        # Define the whitelist of allowed licenses
+        ALLOWED_LICENSES="MIT Apache BSD ISC zlib"
+        # Load the exceptions list from the exceptions.json file
+        EXCEPTIONS_FILE=".github/workflows/license-exceptions.json"
+        # Get the list of installed packages and their licenses
+        pip-licenses --from=mixed --format=json > licenses.json
+        # Check the output of pip-licenses to ensure it is valid JSON
+        if ! jq empty licenses.json; then
+          echo "ERROR: Failed to parse pip-licenses output. Exiting..."
+          exit 1
+        fi
+        # Split ALLOWED_LICENSES into individual words
+        IFS=' ' read -r -a allowed_licenses <<< "$ALLOWED_LICENSES"
+        # Loop through the installed packages and their licenses
+        for pkg in $(jq -r '.[].Name' licenses.json); do
+          LICENSE=$(jq -r --arg pkg "$pkg" '.[] | select(.Name == $pkg) | .License' licenses.json)
+          # Check if any of the allowed licenses are a substring of the package's license
+          match_found=false
+          for allowed_license in "${allowed_licenses[@]}"; do
+            if [[ "$LICENSE" == *"$allowed_license"* ]]; then
+              match_found=true
+              break
+            fi
+          done
+          if [ "$match_found" = false ]; then
+            # Check if the package is in the exceptions list
+            EXCEPTION=$(jq -r --arg pkg "$pkg" --arg license "$LICENSE" \
+              '.[] | select(.package == $pkg)' "$EXCEPTIONS_FILE")
+            # If the package is in the exceptions list
+            if [ -n "$EXCEPTION" ]; then
+              # If the license is provided in the exceptions list, check the license
+              EXCEPTION_LICENSE=$(echo "$EXCEPTION" | jq -r '.license')
+              # echo "Comparing licenses for $pkg:"
+              # echo "  EXCEPTION_LICENSE='${EXCEPTION_LICENSE}' (len=${#EXCEPTION_LICENSE})"
+              # echo "  LICENSE='${LICENSE}' (len=${#LICENSE})"
+              # If the exceptions list has a license and doesn't match the current license
+              if [ "$EXCEPTION_LICENSE" != "null" ] && [ "$EXCEPTION_LICENSE" != "$LICENSE" ]; then
+                echo "ERROR: $pkg has license: $LICENSE"
+                FAILED_PACKAGES=$((FAILED_PACKAGES + 1))  # Increment the counter
+              fi
+            else
+              # If the package is not in the exceptions list
+              echo "ERROR: $pkg has license: $LICENSE"
+              FAILED_PACKAGES=$((FAILED_PACKAGES + 1))  # Increment the counter
+            fi
+          fi
+        done
+        # After all packages are processed, check if there were any errors
+        if [ "$FAILED_PACKAGES" -gt 0 ]; then
+          echo "ERROR: $FAILED_PACKAGES packages were flagged."
+          exit 1  # Fail the build
+        else
+          echo "All packages were checked."
+        fi
+    # Print pipdeptree
+    - name: Print pipdeptree
+      run: |
+        pip install pipdeptree
+        pipdeptree
--- a/.github/workflows/license-exceptions.json
+++ b/.github/workflows/license-exceptions.json
+[
+  {
+    "package": "isaaclab",
+    "license": null
+  },
+  {
+    "package": "isaaclab_assets",
+    "license": null
+  },
+  {
+    "package": "isaaclab_mimic",
+    "license": null
+  },
+  {
+    "package": "isaaclab_rl",
+    "license": null
+  },
+  {
+    "package": "isaaclab_tasks",
+    "license": null
+  },
+  {
+    "package": "isaacsim",
+    "license": null
+  },
+  {
+    "package": "isaacsim-app",
+    "license": null
+  },
+  {
+    "package": "isaacsim-asset",
+    "license": null
+  },
+  {
+    "package": "isaacsim-benchmark",
+    "license": null
+  },
+  {
+    "package": "isaacsim-code-editor",
+    "license": null
+  },
+  {
+    "package": "isaacsim-core",
+    "license": null
+  },
+  {
+    "package": "isaacsim-cortex",
+    "license": null
+  },
+  {
+    "package": "isaacsim-example",
+    "license": null
+  },
+  {
+    "package": "isaacsim-extscache-kit",
+    "license": null
+  },
+  {
+    "package": "isaacsim-extscache-kit-sdk",
+    "license": null
+  },
+  {
+    "package": "isaacsim-extscache-physics",
+    "license": null
+  },
+  {
+    "package": "isaacsim-gui",
+    "license": null
+  },
+  {
+    "package": "isaacsim-kernel",
+    "license": null
+  },
+  {
+    "package": "isaacsim-replicator",
+    "license": null
+  },
+  {
+    "package": "isaacsim-rl",
+    "license": null
+  },
+  {
+    "package": "isaacsim-robot",
+    "license": null
+  },
+  {
+    "package": "isaacsim-robot-motion",
+    "license": null
+  },
+  {
+    "package": "isaacsim-robot-setup",
+    "license": null
+  },
+  {
+    "package": "isaacsim-ros1",
+    "license": null
+  },
+  {
+    "package": "isaacsim-ros2",
+    "license": null
+  },
+  {
+    "package": "isaacsim-sensor",
+    "license": null
+  },
+  {
+    "package": "isaacsim-storage",
+    "license": null
+  },
+  {
+    "package": "isaacsim-template",
+    "license": null
+  },
+  {
+    "package": "isaacsim-test",
+    "license": null
+  },
+  {
+    "package": "isaacsim-utils",
+    "license": null
+  },
+  {
+    "package": "nvidia-cublas-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cuda-cupti-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cuda-nvrtc-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cuda-runtime-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cudnn-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cufft-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cufile-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-curand-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cusolver-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cusparse-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-cusparselt-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-nccl-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-nvjitlink-cu12",
+    "license": null
+  },
+  {
+    "package": "nvidia-nvtx-cu12",
+    "license": null
+  },
+  {
+    "package": "omniverse-kit",
+    "license": null
+  },
+  {
+    "package": "warp-lang",
+    "license": null
+  },
+  {
+    "package": "cmeel",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "cmeel-assimp",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "cmeel-boost",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "cmeel-console-bridge",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "cmeel-octomap",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "cmeel-qhull",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "cmeel-tinyxml",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "cmeel-urdfdom",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "cmeel-zlib",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "matplotlib",
+    "license": "Python Software Foundation License"
+  },
+  {
+    "package": "certifi",
+    "license": "Mozilla Public License 2.0 (MPL 2.0)"
+  },
+  {
+      "package": "rl_games",
+      "license": "UNKNOWN"
+  },
+  {
+      "package": "robomimic",
+      "license": "UNKNOWN"
+  },
+  {
+      "package": "hpp-fcl",
+      "license": "UNKNOWN"
+  },
+  {
+      "package": "pin",
+      "license": "UNKNOWN"
+  },
+  {
+      "package": "eigenpy",
+      "license": "UNKNOWN"
+  },
+  {
+      "package": "qpsolvers",
+      "license": "GNU Lesser General Public License v3 (LGPLv3)"
+  },
+  {
+      "package": "quadprog",
+      "license": "GNU General Public License v2 or later (GPLv2+)"
+  },
+  {
+    "package": "Markdown",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "anytree",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "click",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "egl_probe",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "filelock",
+    "license": "The Unlicense (Unlicense)"
+  },
+  {
+    "package": "proglog",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "termcolor",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "typing_extensions",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "urllib3",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "h5py",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "pillow",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "pygame",
+    "license": "GNU Library or Lesser General Public License (LGPL)"
+  },
+  {
+    "package": "scikit-learn",
+    "license": "UNKNOWN"
+  },
+  {
+    "package": "tensorboardX",
+    "license": "UNKNOWN"
+  }
+]