License block policy

Prevent addition of packages with specific open source licenses

The License Block policy prevents addition of packages with specified open source licenses to a registry.

Block problematic open source licenses in registries, ensuring license compliance.

License block policy settings

What open source licenses to block is configured in the policy settings. The policy accepts defintions of both standardized SPDX licenses as well as custom licenses.

License id definitions are not case-sensitive.

licence-block-definitions-list

To store any changes and exit the settings, simply click on the Save settings button.

Use cases

Prevent copyleft licenses in registries

Avoid license compliance issues with proprietary software and copyleft licenses in open source dependencies.

Copyleft (or strong copyleft) licenses allow derivative work, but requires you to release such work under a compatible copyleft license (as open source).

Prevent non-compatible licenses in registries

Not all open source licenses are compatible with each other. Configure a list of non-compatible licenses and make sure they are not used as dependencies for your projects.

Prevent non-compliant licenses in registries

Configure a list of non-compliant licenses and make sure they are not used as dependencies for your projects.