Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
licenses.dev is an open-source license analysis tool for developers. Based on the crawled content, it currently appears to focus mainly on npm packages: users can enter an npm package, or upload/drag and drop a package.json file. It analyzes the full dependency graph rather than only checking top-level dependencies, and reports each package’s name, version, license, release date, and whether its relationship to the original query is direct or indirect.
Its license detection is based on SPDX expressions in package metadata. If it cannot match an SPDX license, the result is marked as non-standard; if the license cannot be retrieved, it is marked as unknown. The site also defines “green licenses” as software licenses that allow free use, modification, and sharing, and provides the corresponding SPDX list. Results can be shared, turned into a README badge, or exported as CSV or JSON, making them easier to include in project documentation or internal workflows. In terms of integrations, the text only mentions a badge URL template and export capabilities; there is no indication of an API, SDK, CLI, GitHub App, or CI plugin.
The crawled content does not disclose any pricing, paid plans, payment methods, account system, or enterprise edition information, nor does it state whether the service itself is open source. No self-hosting option is mentioned either. Therefore, if it is to be used in an enterprise compliance workflow, further confirmation is needed regarding service availability, data handling, SLA, and long-term maintenance.
Its strengths are clear positioning and a low barrier to entry. Dependency-graph-level analysis helps uncover license risks in transitive dependencies, while CSV/JSON exports and README badges are also practical. The FAQ is fairly transparent about the limits of accuracy, noting that dependency graphs may be affected by feature flags, tests, build system inputs, version discrepancies, and metadata lag. Its limitations are that the ecosystem scope appears to be limited to npm, and it lacks the policy rules, approval workflows, SBOM support, vulnerability correlation, and enterprise integration information commonly expected in legal compliance work.
It is suitable for open-source maintainers, npm package authors, and small to mid-sized teams that need a quick license inventory, especially for adding a license analysis entry point to a README. If you need multi-language support, multi-repository coverage, audit reports, or legal-grade compliance governance, you may want to compare it with options such as FOSSA, Snyk Open Source, and OSS Review Toolkit. The text does not provide information about access from mainland China; network connectivity and payment options are both unknown.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on licenses.dev official site.
licenses.dev is an Unknown Dev Tools provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach licenses.dev directly.