Scan npm Dependencies for License Conflicts
Upload your package.json or connect a GitHub repo. LicenseGuard analyzes your entire dependency tree, flags incompatible licenses against your policy, and generates downloadable compliance reports — in seconds.
Deep Dependency Scan
Analyzes transitive dependencies across your entire package tree, not just top-level packages.
Policy-Based Checks
Define allowed and forbidden licenses. Get instant alerts when a dependency violates your policy.
Downloadable Reports
Export PDF or CSV compliance reports with risk scores, ready for legal review.
Simple Pricing
- ✓Unlimited package.json scans
- ✓GitHub repo integration
- ✓Custom license policies
- ✓PDF & CSV report exports
- ✓Background job queue for large trees
- ✓Risk assessment scoring
- ✓Email alerts on new conflicts
Cancel anytime. No contracts.
FAQ
Which licenses does LicenseGuard detect?
LicenseGuard detects all SPDX-standard licenses including MIT, Apache-2.0, GPL-2.0, GPL-3.0, LGPL, AGPL, MPL, BSD variants, ISC, and more. You can define custom allow/deny lists based on your organization's policy.
Can I scan private GitHub repositories?
Yes. Connect your GitHub account via OAuth and LicenseGuard can scan any private repo you have access to. All data is processed securely and never stored beyond your session.
How are compliance reports generated?
After scanning, LicenseGuard compiles a full dependency manifest with license metadata, conflict flags, and risk scores. Reports are available as downloadable PDF or CSV files suitable for legal and audit teams.