LicenseDB overview #
LicenseDB is likely the largest collection of software licenses available on
earth and may be beyond.
LicenseDB is a free and open database of mostly all the software licenses, in
particular all the open source software licenses, with over 2000 curated licenses
texts and their metadata.
LicenseDB is built from the ScanCode Toolkit license dataset. ScanCode Toolkit
is a leading open source code scanner and license detection engine.
LicenseDB is an essential reference license resource for license compliance and
SBOMs. LicenseDB includes all the SPDX and OSI licenses together with an extended
curated collection of other licenses and license metadata. These licenses are
carefully reviewed and curated and continusouly updated by an open community of
LicenseDB is available as a web site, an JSON or YAML API and a git repository
making it easy to reuse and integrate in tools that need a database of reference
LicenseDB API #
The API index is available at these endpoints:
The index contains a list of the license keys with key metadata and links to the
license details and texts using this license key as an identifier:
LicenseDB's own license #
SPDX-License-Identifier: CC-BY-4.0 AND Apache-2.0
Copyright (c) nexB Inc. and others.
ScanCode is a trademark of nexB Inc.
ScanCode LicenseDB data is licensed under the Creative Commons Attribution
License 4.0 (CC-BY-4.0).
Some licenses, such as the GNU GENERAL PUBLIC LICENSE, are subject to other licenses.
See the corresponding license text for the specific license conditions.
ScanCode LicenseDB software is licensed under the Apache License version 2.0.
You may not use this software except in compliance with the License.
You may obtain a copy of the License at: http://apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed
under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
CONDITIONS OF ANY KIND, either express or implied. See the License for the
specific language governing permissions and limitations under the License.
ScanCode LicenseDB is generated with ScanCode Toolkit. The database and its contents
are provided on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
either express or implied.
No content from ScanCode LicenseDB should be considered or used as legal advice.
Consult an attorney for any legal advice.
Visit https://github.com/nexB/scancode-licensedb for support.
ScanCode Toolkit is a free Software Composition Analysis tool from nexB Inc. and
Visit https://github.com/nexB/scancode-toolkit for support and download.
Field Definitions #
The unique identifier for the license in the ScanCode LicenseDB as assigned by scancode-toolkit.
Note that this identifier is permanent and never changes and never goes away once published: no license key is ever deleted.
Instead a license can be marked as deprecated.
- A short descriptive name (title) for the license in the ScanCode LicenseDB as assigned by scancode-toolkit.
- A long name for the license in the ScanCode LicenseDB as assigned by scancode-toolkit.
When this is “yes”, the license is no longer used. For deprecated licenses, the notes may contain commentaries
and the license key that this license may be replaced by when relevant.
The SPDX Short Identifier for the license if it exists in the SPDX license list at
Otherwise this is an SPDX license reference in the form of
- Alternative (or older, deprecated or obsolete) SPDX Short Identifiers or LicenseRef for the license.
- URLs to the standard text of the license.
- Notes and comments about the license.
A license category code, assigned by scancode-toolkit, that provides a major grouping for licenses,
generally describing the relationship between the licensor and the licensee. These license categories are not
legally precise, and are only intended to support Software Composition Analysis and usage policy implementations.
An owner is an entity that is the original author or custodian of a software license, and which may be responsible
for the text of the license. This is mandatory and should be set to "Unspecified" if it cannot be determined.
- The homepage URL where the license is described.
Other URLs that identify or are related to this license, such as URLs to this license in different open-source projects.
Obsolete links may be kept here, as they may be useful for historical analysis purposes.
- The identifier assigned by the OSI to a license for OSI-approved licenses.
- A URL on the OSI website http://opensource.org for OSI-approved licenses.
- A URL that provides answers to frequently asked questions about the license.
When this is "yes", indicates that this license is actually an exception applied to another license in order to
modify specific conditions of that other license.
- The standard text to provide in source or documentation that identifies the license or exception that applies to the software.
These fields are used only to support certain technical aspects of code scanning:
- URLs found in the license text but that can be ignored when scanning for URLs.
- Email addresses found in the license text but that can be ignored when scanning for emails.
- Copyright statements found in the license text but that can be ignored when scanning for copyright.
- Copyright holders found in the license text but that can be ignored when scanning for copyright holders.
- Author names found in the license text but that can be ignored when scanning for authors.
- Minimum percentage of the license text words that need to be matched to consider a license detection as a valid match.
License Categories #
A Contributor License Agreement (CLA) describes and defines the contribution acceptance rules for the ongoing
development and enhancement of a software project. The CLA may specify how the resulting software contribution
itself will be licensed.
Third-party proprietary software offered under a direct commercial license between supplier and customer.
Further fact-finding by Product Teams will be necessary to determine the code's license status and function,
Open source software with a "copyleft" license that offers irrevocable permission to the public to copy and
redistribute the work in the same or modified form, but with the conditions that all such redistributions
make the work available in a form that facilitates further modification and use the same license terms.
A copyleft license can require code interacting with copyleft-licensed code to be licensed the same way.
- Copyleft Limited
A license that requires you to redistribute source code, including your changes, and also to provide
attribution for the software authors. Your obligation to redistribute source code, including proprietary
code linked with code under this license, is limited according to license-specific rules.
- Free Restricted
A Permissive-style license, that contains restrictions regarding the usage of the software
(for example, where the software is not intended for use in nuclear power plants) or the redistribution
of the software (for example, where commercial redistribution of the software is not allowed without
express permission). The Free Software Foundation (FSF) says that a license with this kind of restriction
is not really open source, although the OSI point of view is not that strict.
- Patent License
A license that applies to patents rather than specific software. May be used in conjunction with other
software license(s) that apply to a software component.
Open Source software that is made available under "non-copyleft" licenses. These generally require
attribution of the included open source and may include other obligations.
- Proprietary Free
Proprietary Free software that may not require a commercial license but may have specific terms and
conditions which Product Teams are obligated to follow. Some of these terms and conditions are provided
with or in the code or in clickable downloaded licenses. Examples are the Sun Binary Code License Agreement
or a freely offered BSP.
- Public Domain
Open source software that is made available without explicit obligations, but which has a license notice
that must be kept with the code per organization policy. The match may be to software, code examples
on a website, published public domain specifications or another type of publication.
Source-available software is software released through a source code distribution model that includes
arrangements where the source can be viewed, and in some cases modified, but without necessarily meeting
the criteria to be called open-source.
- Unstated License
Third-party software that has a copyright notice, but no stated license. Common examples include code snippets
from publications and websites (such as those from O'Reilly Media). The absence of a license poses a risk
that the copyright owner may assert license obligations at some future time. Product Teams may need to
contact the copyright owner to determine the license obligations, if any.