Packages stored in Bytesafe registries are scanned for license information. This includes both standardized open source licenses and custom licenses.
Package license information is retrieved from:
- Licenses defined in
- License analysis of any LICENSE files available in package root
- License analysis of any license information stored in any other package file
Enhanced License Compliance with Bytesafe Business & EnterpriseGet in-depth license analysis with License Compliance. License information for free accounts is based on
To display the source for a specific license, hover over a license badge.
Identified package licenses
Identified licenses will be displayed as badges on both the package and version levels. Hover over a license badge for details on the source for the license.
Bytesafe differentiate between different license information types, depending on the information origin and if the license information can be matched to a standardized license id.
License information identified by Bytesafe is compared to a list of standardized SPDX licenses. Licenses that are matched to a known type, will be classified as a standardized license.
License badges for standardized licenses provide a link to more detailed license information.
Custom licenses defined in
package.json metadata will be displayed alongside standardized licenses. Custom licenses are displayed using a lighter shade of gray to allow for easy identification.
Multiple licenses from different sourcesA single package can have multiple licenses. Different and additional licenses can be available in
package.jsoncompared to other license and package files.
Packages with license files that can’t be matched to any known license will be tagged with a license
More information on specific licenses
Users that require more information on a specific license can access an overview of the licenses directly from inside Bytesafe.
Clicking on the badge for any standardized license will direct the user to an overview page for the specific license.