Skip to main content

What It Does

The license check verifies that your project includes a LICENSE file, which is essential for open-source projects to define usage rights and legal protections. Key Features:
  • Checks for common LICENSE file names
  • Detects license type (MIT, Apache, GPL, BSD, ISC)
  • Warns if no license is found
  • Passes with license details if found
Source: /src/checks/license.ts

What It Checks

The check searches for these file names (case-sensitive):
/src/checks/license.ts:5-12
const LICENSE_NAMES = [
  "LICENSE",
  "LICENSE.md",
  "LICENSE.txt",
  "LICENCE",
  "LICENCE.md",
  "LICENCE.txt",
];
If found, it reads the file content and attempts to detect the license type by matching against common patterns:
  • MIT License/MIT License/i
  • Apache 2.0/Apache License/i
  • GPL/GNU GENERAL PUBLIC LICENSE/i
  • ISC/ISC License/i
  • BSD/BSD/i
/src/checks/license.ts:14-58
export async function checkLicense(): Promise<CheckResult> {
  const cwd = process.cwd();

  const found = LICENSE_NAMES.find((name) =>
    fs.existsSync(path.join(cwd, name)),
  );

  if (found) {
    // Try to read what kind of license it is
    const content = fs.readFileSync(path.join(cwd, found), "utf-8");
    let licenseType = "Unknown";

    if (/MIT License/i.test(content)) licenseType = "MIT";
    else if (/Apache License/i.test(content)) licenseType = "Apache 2.0";
    else if (/GNU GENERAL PUBLIC LICENSE/i.test(content)) licenseType = "GPL";
    else if (/ISC License/i.test(content)) licenseType = "ISC";
    else if (/BSD/i.test(content)) licenseType = "BSD";

    return {
      checkName: "license",
      status: "pass",
      messages: [
        {
          level: "info",
          text: `${found} found (${licenseType})`,
        },
      ],
    };
  }

  return {
    checkName: "license",
    status: "warn",
    messages: [
      {
        level: "warn",
        text: "No LICENSE file found — open source projects should have one",
      },
      {
        level: "info",
        text: "Add a LICENSE file. Not sure which? → https://choosealicense.com",
      },
    ],
  };
}

Example Output

 license LICENSE found (MIT)

Why It Matters

Legal & Community RisksProjects without a license file:
  • Cannot be legally used by others (default copyright applies)
  • Won’t be accepted by most companies or enterprises
  • Risk copyright disputes and legal issues
  • Discourage contributions — developers avoid unlicensed code
  • Fail open-source audits in enterprise environments
Fun Fact: GitHub shows “No license” on repos without a LICENSE file, which can hurt adoption.

How to Fix

1. Choose a License

Visit choosealicense.com to find the right license for your project:

MIT

PermissiveMost popular. Allows commercial use with minimal restrictions.

Apache 2.0

Permissive + PatentLike MIT but includes explicit patent grant.

GPL v3

CopyleftRequires derivatives to be open-source too.

2. Add the LICENSE File

curl -o LICENSE https://raw.githubusercontent.com/licenses/license-templates/master/templates/mit.txt
Most licenses require you to fill in:
  • Year: Current year (e.g., 2024)
  • Copyright holder: Your name or organization
LICENSE (MIT example)
MIT License

Copyright (c) 2024 Your Name

Permission is hereby granted, free of charge, to any person obtaining a copy...

4. Verify

stackprobe audit --only license
Expected output: 
✓ license — LICENSE found (MIT)

Supported License Types

The check automatically detects these common licenses:
LicensePattern MatchedUse Case
MITMIT LicenseMost permissive, widely used
Apache 2.0Apache LicenseIncludes patent protection
GPLGNU GENERAL PUBLIC LICENSEStrong copyleft
ISCISC LicenseSimilar to MIT, simpler wording
BSDBSDPermissive with attribution
If your license doesn’t match these patterns, it shows as “Unknown” but still passes.

Adding License to package.json

While not checked by this tool, it’s good practice to also specify the license in package.json:
package.json
{
  "name": "your-project",
  "version": "1.0.0",
  "license": "MIT"
}
This helps npm, GitHub, and other tools understand your licensing.

FAQ

Use a proprietary license or add:
LICENSE
Copyright (c) 2024 Your Company
All rights reserved.

This software is proprietary and confidential.
Unauthorized copying or distribution is prohibited.
Or set in package.json:
{ "license": "UNLICENSED" }
Yes, but:
  • Previous versions remain under the old license
  • Contributors may need to agree to the change
  • Use semantic versioning for major license changes (e.g., v2.0.0)
You can offer multiple licenses:
LICENSE
This project is dual-licensed under MIT and Apache 2.0.
You may choose either license for your use.
Not strictly required, but recommended:
  • Clarifies usage rights for team members
  • Simplifies future open-sourcing
  • Helps if the repo becomes public later

Configuration

To disable this check:
stackprobe.config.json
{
  "ignore": ["license"]
}
Or run it exclusively: 
stackprobe audit --only license

Next Steps

Engine Check

Verify Node.js version requirements

Environment Check

Validate .env file synchronization

Build docs developers (and LLMs) love

Get started for freeTalk to us