Snyk Open Source License Compliance Management

Maintain a rapid development pace while remaining compliant with the open source software licenses in your projects. Available as a part of all paid plans.

“Open source license compliance wasn’t on our radar initially but Snyk changed that and makes it a lot easier for us to effectively manage the different licenses we use across our projects”

Ryan Kimber, Founder and CEO of FormHero


Comply at scale by empowering developers to easily integrate license compliance into their workflows.

Flexible governance

Control open source license compliance effectively with automated policy enforcement and granular management.

End-to-end visibility

Gain wide and deep visibility into open source license usage in your projects.

Easily integrate open source license compliance into your development workflows


Identify open source license issues from your very first line of code.


Scan your projects locally or as part of your CI/CD pipelines using a friendly CLI.

Pull requests

Automatically scan pull requests for license violations as part of development workflows.

Native Git scanning

Scan your repositories to get an overview of your compliance status.


Ensure your deployed application does not include any open source license violations.

Govern compliance effectively with automated policy enforcement

License policies

Create, customize and manage license policies across the different teams in your organization.

Automated compliance gating

Automate license scanning for pull requests or as part of your CI/CD pipelines to keep noncompliant code out of your builds.

Legal instructions

Provide developers with actionable instructions per each license type.


Monitor the state of all the license issues in one place and export reports to share with other stakeholders.

Notifications & alerts

Get alerts for violations via Slack, Jira and email for easier tracking and monitoring.

Gain end-to-end visibility into open source license usage

Integrations across the SDLC

Verify license compliance in each step of the software development lifecycle.

Dependency tree view

Accelerate triaging with a full dependency path that allows you to understand the path through which license issue was introduced.

Language coverage

License data is collected from various registries and compared against SPDX’s license standards, support includes: npm (JS), Maven (Java), .Net (Nuget), pypi (Python), Ruby Gems (Ruby) and CocoaPods (Swift and Objective-c).


Generate an automated report including the type of license available for each package your organization is using.

Copyright info

A report defining the copyright information that has a sharing requirement for each package that your organization is using.

Recent Blog Posts

Recent blog post from the Snyk team about best practices, security incidents and securing development.


Cheat Sheet

Quick and handy one-page tips and tricks for dev and sec teams.


Security Resources

Reports, videos, and other helpful content for securing your SDLC.


Want to see how your projects are doing?