๐Ÿ›ก๏ธSecOSS
+ Scan
๐Ÿ›ก๏ธSecOSS

No account needed

Data stays in your browser

Open Source License Audit

Identify copyleft obligations, missing licenses, and IP risk in any GitHub repo

Before an acquisition, product launch, or open-source contribution, you need to know whether your dependencies carry copyleft obligations (GPL, AGPL, LGPL) that could force you to open-source your code or affect your IP rights. SecOSS audits every npm and PyPI dependency in a GitHub repository, classifies each license as safe, notice, copyleft, or unknown, and flags missing LICENSE files and AI-generated code markers.

How to use

  1. 1Enter a GitHub repository URL โ€” public or private (add a token for private repos).
  2. 2SecOSS resolves the license of every npm and PyPI dependency directly from their registries.
  3. 3Each dependency is classified: safe (MIT, Apache), notice (attribution required), copyleft (GPL/AGPL โ€” share-alike risk), or unknown.
  4. 4Review the full report and share with legal counsel for M&A due diligence or compliance review.

Enter a GitHub repository URL. SecOSS will audit licenses, detect copyleft dependencies, and flag IP risks.