License scanner plugin
Beta feature
License scanner is a new Bytesafe feature. More fine grained control is work in progress and is coming soon.
If you experience any issues or have any feedback, please report your findings to Bytesafe Support
Bytesafe supports scanning of packages for license information.
When enabled, the License Scanner plugin scans all packages in a registry and flags potential license issues.
Packages in a registry will be scanned for license issues when:
- The plugin is enabled.
- A new package is added to the registry.
When a license issue is found by the scanner, a red LICENSE badge will be added to the package:
An overview of all package licenses for a registry, as well as warning and problem flags, are displayed on the registry page in Bytesafe.
Identified licenses for a package are displayed as license badges. A package can have one or multiple license badges (packages can have multiple licenses).
In addition, if no license information is found for a package, the license information will be empty (an issue the license scanner will flag with a red LICENSE badge).
Notifications
For users that have enabled the Slack integration (available from the Account Settings), a notification will be sent to Slack whenever potential license issues are found in a registry.
Use cases
- Unlicensed source code - identify packages that are unlicensed and potentially an issue
- Non-standardized licenses - identify non-standardized licenses that require manual action
- Coming soon: License compliance - configure custom license policies of unwanted licenses and get notified when packages with non-compliant licenses are found
- Coming soon: Restrict licenses with policies - prevent packages with non-compliant licenses from entering your registry