Scan npm dependencies for license compliance issues. Catch GPL contamination.
MCP server that scans npm project dependencies for license compliance issues. Catch GPL contamination before code ships. Scan a project's npm dependencies against a license policy and get a detailed compliance report. (required) — Absolute path to the project root (optional, default: ) — Policy preset or custom SPDX expression — Only MIT, ISC, BSD, Apache-2.0, etc. — Adds LGPL, MPL-2.0, EPL-2.0…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
MCP server that scans npm project dependencies for license compliance issues. Catch GPL contamination before code ships. Scan a project's npm dependencies against a license policy and get a detailed compliance report. (required) — Absolute path to the project root (optional, default: ) — Policy preset or custom SPDX expression — Only MIT, ISC, BSD, Apache-2.0, etc. — Adds LGPL, MPL-2.0, EPL-2.0 Custom: — Any valid SPDX expression Get a plain-language explanation of any SPDX license —…