Audit npm Dependencies for License Compliance
Upload your package.json and instantly detect GPL/copyleft conflicts, commercial restrictions, and hidden legal risks across all your dependencies.
Cancel anytime. Instant access.
Deep Scan
Checks every direct and transitive dependency against our license database.
Risk Flags
Highlights GPL, AGPL, SSPL, and other copyleft licenses that affect commercial use.
PDF Report
Download a compliance report ready to share with legal or investors.
Simple Pricing
Pro Plan
$13/mo
Everything you need to stay compliant
- ✓Unlimited package.json scans
- ✓Full transitive dependency analysis
- ✓GPL / AGPL / SSPL conflict detection
- ✓Commercial restriction flags
- ✓Downloadable PDF compliance reports
- ✓Priority email support
FAQ
Which licenses are flagged as risky?
We flag GPL-2.0, GPL-3.0, AGPL-3.0, SSPL, EUPL, and other strong copyleft licenses that impose obligations on commercial software. We also flag licenses with commercial-use restrictions.
Does it scan transitive dependencies?
Yes. We resolve the full dependency tree — not just your direct dependencies — so you catch risks buried deep in your node_modules.
Is my package.json data kept private?
Absolutely. Uploaded files are analyzed in memory and never stored on our servers. Your dependency list stays confidential.