Audit the LICENSE of every npm dependency before you ship. Resolves each dependency's real license from the live npm registry and flags GPL/AGPL/LGPL copyleft, BUSL/SSPL/Elastic source-available, non-commercial and unlicensed packages incompatible with yo
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
Audit the LICENSE of every npm dependency before you ship. Resolves each dependency's real license from the live npm registry and flags GPL/AGPL/LGPL copyleft, BUSL/SSPL/Elastic source-available, non-commercial and unlicensed packages incompatible with yo