What is licenses.dev?
licenses.dev assists developers in gaining a comprehensive understanding of the licenses associated with open-source software (OSS) packages and their dependencies.
Our platform conducts a thorough analysis across the entire dependency graph of a package, presenting the findings in a user-friendly summary. For each package within the dependency graph, you will find detailed information, including the package name, version, license(s), publish date, and its direct or indirect connection to the original package query.
Furthermore, our results are easily shareable. You can generate README badges for quick linking or sharing, or export the analysis in convenient formats such as CSV or JSON files for seamless integration into your workflows.
We consistently strive to provide the most accurate information. We derive insights from first-party sources directly and verify findings with third-party sources.
It's important to note that the dependency graph for a package may not always be idempotent, influenced by factors such as enabled features, included tests, and more. Given the transitive nature of graph calculation, even a minor alteration in any aspect of the dependency specification can impact the entire graph. Discrepancies may arise due to version skew, undocumented or obscure features of the packaging model, input from the build system not accessible to us, and other contributing factors.
Latency in graph calculation may arise when new versions of a package, as well as its direct or indirect dependencies, are published, potentially leading to staleness. However, it's important to note that any such staleness should be short-lived, as our results are continuously updating.
How are licenses determined?
We extract license information from package metadata by identifying SPDX expressions. In cases where no associated SPDX identifier is found, we denote the license as non-standard. If we encounter difficulties obtaining license information, we label it as unknown.
Please note that the displayed license information is not meant as legal advice. It is advisable to independently verify the license or terms of any software to meet your specific requirements.
What are green licenses?
Green licenses allow a software to be freely used, modified, and shared. These licenses respect the users' liberty to run, copy, distribute, study, change, and/or improve the software.
The following table indicates which SPDX licenses are considered to be green:
How to generate a badge?
You can generate a badge for a package's README by constructing the following URL template:
https://licenses.dev/b/:registry/:name
or, to a specific package version:
https://licenses.dev/b/:registry/:name/:version
:registry- The package registry. Allowed values:
npm :name- The package name. Must be URI encoded. Example:
express, %40acme%2Fanvil :version- The package semver version. Must be exact. Example:
1.2.0
It is recommended that you link the badge to the package's detailed view; for example:
[](https://licenses.dev/:registry/:name)
Or, using HTML:
<a href="https://licenses.dev/:registry/:name">
<img src="https://licenses.dev/b/:registry/:name" alt="licenses" />
</a>