License
Manage licensing across your workspace: synchronise LICENSE files and source code headers for your own code (license.source), and check that every dependency conforms to a license allowlist (license.dependencies).
Run the Generator
Section titled “Run the Generator”- Install the Nx Console VSCode Plugin if you haven't already
- Open the Nx Console in VSCode
- Click
Generate (UI)in the "Common Nx Commands" section - Search for
@aws/nx-plugin - license - Fill in the required parameters
- Click
Generate
pnpm nx g @aws/nx-plugin:licenseyarn nx g @aws/nx-plugin:licensenpx nx g @aws/nx-plugin:licensebunx nx g @aws/nx-plugin:licenseYou can also perform a dry-run to see what files would be changed
pnpm nx g @aws/nx-plugin:license --dry-runyarn nx g @aws/nx-plugin:license --dry-runnpx nx g @aws/nx-plugin:license --dry-runbunx nx g @aws/nx-plugin:license --dry-runOptions
Section titled “Options”| Parameter | Type | Default | Description |
|---|---|---|---|
| license | Apache-2.0 | MIT | ASL | Apache-2.0 | SPDX License Identifier for your chosen license |
| copyrightHolder | string | Amazon.com, Inc. or its affiliates | The copyright holder, included in the LICENSE file and source file headers by default. |
| dependencyCheck | boolean | true | Configure a license-check target that fails when dependencies declare licenses outside the configured allowlist. |
| preferInstallDependencies | boolean | true | Whether to prefer installing dependencies after the generator runs. Set to false to defer installing when batching multiple generators (an install still runs if needed so subsequent generators can compute the Nx project graph); install once at the end. |
Generator Output
Section titled “Generator Output”The generator will create or update the following files:
- nx.json The lint target is configured to run the license sync generator and depends on the license-check target
- aws-nx-plugin.config.mts Configuration for license source sync (
license.source) and dependency checking (license.dependencies)
License Headers & Files
Section titled “License Headers & Files”The generator registers a sync generator to execute as part of your lint targets which ensures that your source files contain the correct license headers, your projects contain LICENSE files, and licensing metadata is set in package.json and pyproject.toml.
Workflow
Section titled “Workflow”Whenever you build your projects (and a lint target runs), the license sync generator will make sure that the licensing in your project matches your configuration. If it detects that anything is out of sync, you will receive a message such as:
NX The workspace is out of sync
[@aws/nx-plugin:license#sync]: Project LICENSE files are out of sync:- LICENSE- packages/<my-project>LICENSE
Project package.json files are out of sync:- package.json
Project pyproject.toml files are out of sync:- pyproject.toml- packages/<my-python-project>/pyproject.toml
License headers are out of sync in the following source files:- packages/<my-project>/src/index.ts- packages/<my-python-project>/main.py
This will result in an error in CI.
? Would you like to sync the identified changes to get your workspace up to date?Yes, sync the changes and run the tasksNo, run the tasks without syncing the changesSelect Yes to sync the changes.
Sync Behaviour
Section titled “Sync Behaviour”The license sync generator performs three main tasks:
1. Synchronise Source File License Headers
Section titled “1. Synchronise Source File License Headers”When the sync generator is run, it will ensure that all source code files in your workspace (based on your configuration) contain the appropriate license header. The header is written as the first block comment or consecutive series of line comments in the file (besides the shebang/hashbang if present in a file).
2. Synchronise LICENSE Files
Section titled “2. Synchronise LICENSE Files”When the sync generator is run, it will ensure that the root LICENSE file corresponds to your configured license, as well as ensuring that all subprojects in your workspace also contain the correct LICENSE file.
3. Synchronise licensing information in project files
Section titled “3. Synchronise licensing information in project files”When the sync generator is run, it will ensure the license fields in package.json and pyproject.toml files are set to your configured license.
Header & File Configuration
Section titled “Header & File Configuration”Configuration is defined in the aws-nx-plugin.config.mts file in the root of your workspace.
SPDX and Copyright Holder
Section titled “SPDX and Copyright Holder”Your chosen license can be updated at any time via the spdx configuration property:
export default { license: { source: { spdx: 'MIT', }, },} satisfies AwsNxPluginConfig;When the sync generator runs, all LICENSE files, package.json and pyproject.toml files will be updated to reflect the configured license.
You can additionally configure the copyright holder and copyright year, which are included in some LICENSE files:
export default { license: { source: { spdx: 'MIT', copyrightHolder: 'Amazon.com, Inc. or its affiliates', copyrightYear: 2025, }, },} satisfies AwsNxPluginConfig;License Header Content
Section titled “License Header Content”The license header content can be configured in two ways:
- Using inline content:
export default { license: { source: { header: { content: { lines: [ 'Copyright: My Company, Incorporated.', 'Licensed under the MIT License', 'All rights reserved', ]; } // ... format configuration } } }} satisfies AwsNxPluginConfig;- Loading from a file:
export default { license: { source: { header: { content: { filePath: 'license-header.txt'; // relative to workspace root } // ... format configuration } } }} satisfies AwsNxPluginConfig;Header Format
Section titled “Header Format”You can specify how license headers should be formatted for different file types using glob patterns. The format configuration supports line comments, block comments, or a combination of both:
export default { license: { source: { header: { content: { lines: ['Copyright notice here'], }, format: { // Line comments '**/*.ts': { lineStart: '// ', }, // Block comments '**/*.css': { blockStart: '/*', blockEnd: '*/', }, // Block comments with line prefixes '**/*.java': { blockStart: '/*', lineStart: ' * ', blockEnd: ' */', }, // Line comments with header/footer '**/*.py': { blockStart: '# ------------', lineStart: '# ', blockEnd: '# ------------', }, }, }, }, },} satisfies AwsNxPluginConfig;The format configuration supports:
blockStart: Text written before the license content (e.g. to start a block comment)lineStart: Text prepended to each line of the license contentlineEnd: Text appended to each line of the license contentblockEnd: Text written after the license content (e.g. to end a block comment)
Custom Comment Syntax
Section titled “Custom Comment Syntax”For file types that aren’t natively supported, you can specify custom comment syntax to tell the sync generator how to identify existing license headers in these file types.
export default { license: { source: { header: { content: { lines: ['My license header'], }, format: { '**/*.xyz': { lineStart: '## ', }, }, commentSyntax: { xyz: { line: '##', // Define line comment syntax }, abc: { block: { // Define block comment syntax start: '<!--', end: '-->', }, }, }, }, }, },} satisfies AwsNxPluginConfig;Excluding Files from Header Sync
Section titled “Excluding Files from Header Sync”By default, in a git repository, all .gitignore files are honored to ensure that only files managed by version control are synchronized. In non-git repositories, all files are considered unless explicitly excluded in configuration.
You can exclude additional files from license header synchronization using glob patterns:
export default { license: { source: { header: { content: { lines: ['My license header'], }, format: { '**/*.ts': { lineStart: '// ', }, }, exclude: ['**/generated/**', '**/dist/**', 'some-specific-file.ts'], }, }, },} satisfies AwsNxPluginConfig;Excluding Projects from File Sync
Section titled “Excluding Projects from File Sync”All LICENSE files, package.json files and pyproject.toml files are synchronised with the configured license by default.
You can exclude specific projects or files from synchronization using glob patterns:
export default { license: { source: { files: { exclude: [ // do not sync LICENSE file, package.json or pyproject.toml 'packages/excluded-project', // do not sync LICENSE file, but sync package.json and/or pyproject.toml 'apps/internal/LICENSE', ]; } } }} satisfies AwsNxPluginConfig;Disabling License Sync
Section titled “Disabling License Sync”License source sync is enabled by the presence of the license.source key in your configuration. To disable it:
- Remove the
license.sourcesection from your configuration inaws-nx-plugin.config.mts(you can keeplicense.dependenciesif you still want dependency license checking) - If you also want to fully remove the sync generator, remove the
@aws/nx-plugin:license#syncgenerator fromtargetDefaults.lint.syncGenerators
To re-enable license sync, simply run the license generator again.
Dependency License Checks
Section titled “Dependency License Checks”The license generator also configures a license-check target that fails when one of your project’s dependencies (or any transitive dependency) declares a license that is not in your allowlist.
How it runs
Section titled “How it runs”The generator writes a license-check target to your root project.json:
{ "targets": { "license-check": { "executor": "@aws/nx-plugin:license-check", "cache": true, "inputs": [ "{workspaceRoot}/pnpm-lock.yaml", "{workspaceRoot}/aws-nx-plugin.config.mts" ], "options": {} } }}The inputs are computed for your workspace: only lockfiles that are actually present are included, along with aws-nx-plugin.config.mts, plus a {workspaceRoot}/**/uv.lock glob when Python dependency checking is enabled (i.e. a Python collector is configured).
You can run the check directly:
pnpm nx license-checkyarn nx license-checknpx nx license-checkbunx nx license-checkResults are cached against your lockfiles and aws-nx-plugin.config.mts — re-runs are instant when nothing has changed.
Collectors determine what gets scanned. The npmCollector uses license-checker-rseidelsohn, and the pythonCollector uses pip-licenses. If no installed dependencies are found, the check passes with nothing to inspect.
Running as part of lint/build
Section titled “Running as part of lint/build”The dependency license check runs automatically whenever you lint or build any project in your workspace. The license generator wires each project’s lint target to depend on the root license-check target, and the project generators (ts#* and py#*) do the same when they run — so the check is wired up regardless of the order generators are run in.
This means you don’t need to run the check explicitly, though you can still do so with the license-check target:
pnpm nx license-checkyarn nx license-checknpx nx license-checkbunx nx license-checkThe wiring is a cross-project dependsOn on each project’s lint target that points at the root license-check target. To skip the check during a lint or build, set the LICENSE_DEPENDENCY_CHECK=skip environment variable:
pnpm LICENSE_DEPENDENCY_CHECK=skip lintyarn LICENSE_DEPENDENCY_CHECK=skip lintnpm run LICENSE_DEPENDENCY_CHECK=skip lintbun LICENSE_DEPENDENCY_CHECK=skip lintConfiguration
Section titled “Configuration”By default the check uses a built-in set of common permissive licenses (MIT, Apache-2.0, BSD, ISC, etc.) exported as DEFAULT_LICENSE_ALLOWLIST. You can extend or override this in your config:
import { AwsNxPluginConfig } from '@aws/nx-plugin';import { DEFAULT_LICENSE_ALLOWLIST } from '@aws/nx-plugin/sdk/license';
export default { license: { // ... dependencies: { allow: [...DEFAULT_LICENSE_ALLOWLIST, { spdxId: 'LGPL-2.1-or-later', fullName: 'GNU Lesser General Public License v2.1 or later', aliases: [] }], exceptions: [ { package: 'some-package', reason: 'Audited manually — ships MIT text without SPDX field' }, ], }, },} satisfies AwsNxPluginConfig;Default License Allowlist
| SPDX ID | Full Name |
|---|---|
0BSD | BSD Zero Clause License |
AFL-2.1 | Academic Free License v2.1 |
AFL-3.0 | Academic Free License v3.0 |
AMD-newlib | AMD newlib License |
AML | Apple MIT License |
AML-glslang | AML glslang variant License |
ANTLR-PD | ANTLR Software Rights Notice |
ANTLR-PD-fallback | ANTLR Software Rights Notice with license fallback |
APAFML | Adobe Postscript AFM License |
AdaCore-doc | AdaCore Doc License |
Adobe-Display-PostScript | Adobe Display PostScript License |
Adobe-Glyph | Adobe Glyph List License |
Adobe-Utopia | Adobe Utopia Font License |
Apache-1.1 | Apache License 1.1 |
Apache-2.0 | Apache License 2.0 |
Apache-2.0 WITH LLVM-exception | Apache License 2.0 with LLVM Exception |
Artistic-1.0 | Artistic License 1.0 |
Artistic-1.0-Perl | Artistic License 1.0(Perl) |
Artistic-2.0 | Artistic License 2.0 |
Artistic-dist | Artistic License 1.0 (dist) |
BSD-1-Clause | BSD 1-Clause License |
BSD-2-Clause | BSD 2-clause "Simplified" License |
BSD-2-Clause-Darwin | BSD 2-Clause - Ian Darwin variant |
BSD-2-Clause-FreeBSD | BSD 2-clause FreeBSD License |
BSD-2-Clause-NetBSD | BSD 2-clause NetBSD License |
BSD-2-Clause-Views | BSD 2-Clause with views sentence |
BSD-2-Clause-first-lines | BSD 2-Clause - first lines requirement |
BSD-2-Clause-pkgconf-disclaimer | BSD 2-Clause pkgconf disclaimer variant |
BSD-3-Clause | BSD 3-clause "New" or "Revised" License |
BSD-3-Clause-Attribution | BSD with attribution |
BSD-3-Clause-HP | Hewlett-Packard BSD variant license |
BSD-3-Clause-LBNL | Lawrence Berkeley National Labs BSD variant license |
BSD-3-Clause-Modification | BSD 3-Clause Modification |
BSD-3-Clause-Open-MPI | BSD 3-Clause Open MPI variant |
BSD-3-Clause-Sun | BSD 3-Clause Sun Microsystems |
BSD-3-Clause-acpica | BSD 3-Clause acpica variant |
BSD-3-Clause-flex | BSD 3-Clause Flex variant |
BSD-4.3RENO | BSD 4.3 RENO License |
BSD-Source-Code | BSD Source Code Attribution |
BSD-Source-beginning-file | BSD Source Code Attribution - beginning of file variant |
BSL-1.0 | Boost Software License 1.0 |
Baekmuk | Baekmuk License |
Beerware | Beerware License |
Bitstream-Charter | Bitstream Charter Font License |
Bitstream-Vera | Bitstream Vera Font License |
BlueOak-1.0.0 | Blue Oak Model License 1.0.0 |
Boehm-GC | Boehm-Demers-Weiser GC License |
Boehm-GC-without-fee | Boehm-Demers-Weiser GC License (without fee) |
Brian-Gladman-2-Clause | Brian Gladman 2-Clause License |
Brian-Gladman-3-Clause | Brian Gladman 3-Clause License |
CC-BY-2.0 | Creative Commons Attribution 2.0 |
CC-BY-2.5 | Creative Commons Attribution 2.5 |
CC-BY-2.5-AU | Creative Commons Attribution 2.5 Australia |
CC-BY-3.0 | Creative Commons Attribution 3.0 |
CC-BY-3.0-AU | Creative Commons Attribution 3.0 Australia |
CC-BY-3.0-IGO | Creative Commons Attribution 3.0 IGO |
CC-BY-3.0-US | Creative Commons Attribution 3.0 United States |
CC-BY-4.0 | Creative Commons Attribution 4.0 |
CC-PDDC | Creative Commons Public Domain Dedication and Certification |
CC0-1.0 | Creative Commons Zero v1.0 Universal |
CDDL-1.0 | Common Development and Distribution License 1.0 |
CDDL-1.1 | Common Development and Distribution License 1.1 |
CFITSIO | CFITSIO License |
CMU-Mach-nodoc | CMU Mach - no notices-in-documentation variant |
CNRI-Jython | CNRI Jython License |
CNRI-Python | CNRI Python License |
CPOL-1.02 | Code Project Open License 1.02 |
Clips | Clips License |
Cornell-Lossless-JPEG | Cornell Lossless JPEG License |
Cronyx | Cronyx License |
CryptoSwift | CryptoSwift License |
DEC-3-Clause | DEC 3-Clause License |
DocBook-DTD | DocBook DTD License |
DocBook-Schema | DocBook Schema License |
DocBook-Stylesheet | DocBook Stylesheet License |
DocBook-XML | DocBook XML License |
EFL-2.0 | Eiffel Forum License v2.0 |
EPL-1.0 | Eclipse Public License 1.0 |
EPL-2.0 | Eclipse Public License 2.0 |
Entessa | Entessa Public License v1.0 |
FBM | Fuzzy Bitmap License |
FSFAP | FSF All Permissive License |
FSFAP-no-warranty-disclaimer | FSF All Permissive License (without Warranty) |
FSFULLR | FSF Unlimited License (with License Retention) |
FSFULLRSD | FSF Unlimited License (with License Retention and Short Disclaimer) |
FSFULLRWD | FSF Unlimited License (With License Retention and Warranty Disclaimer) |
FTL | Freetype Project License |
Fair | Fair License |
Ferguson-Twofish | Ferguson Twofish License |
FreeBSD-DOC | FreeBSD Documentation License |
Furuseth | Furuseth License |
GD | GD License |
Graphics-Gems | Graphics Gems License |
Gutmann | Gutmann License |
HDF5 | HDF5 License |
HIDAPI | HIDAPI License |
HP-1986 | Hewlett-Packard 1986 License |
HP-1989 | Hewlett-Packard 1989 License |
HPND | Historical Permission Notice and Disclaimer |
HPND-DEC | Historical Permission Notice and Disclaimer - DEC variant |
HPND-Fenneberg-Livingston | Historical Permission Notice and Disclaimer - Fenneberg-Livingston variant |
HPND-INRIA-IMAG | Historical Permission Notice and Disclaimer - INRIA-IMAG variant |
HPND-Intel | Historical Permission Notice and Disclaimer - Intel variant |
HPND-Kevlin-Henney | Historical Permission Notice and Disclaimer - Kevlin Henney variant |
HPND-MIT-disclaimer | Historical Permission Notice and Disclaimer with MIT disclaimer |
HPND-Markus-Kuhn | Historical Permission Notice and Disclaimer - Markus Kuhn variant |
HPND-Netrek | Historical Permission Notice and Disclaimer - Netrek variant |
HPND-Pbmplus | Historical Permission Notice and Disclaimer - Pbmplus variant |
HPND-UC | Historical Permission Notice and Disclaimer - University of California variant |
HPND-doc | Historical Permission Notice and Disclaimer - documentation variant |
HPND-doc-sell | Historical Permission Notice and Disclaimer - documentation sell variant |
HPND-merchantability-variant | Historical Permission Notice and Disclaimer - merchantability variant |
HPND-sell-MIT-disclaimer-xserver | Historical Permission Notice and Disclaimer - sell xserver variant with MIT disclaimer |
HPND-sell-regexpr | Historical Permission Notice and Disclaimer - sell regexpr variant |
HPND-sell-variant | Historical Permission Notice and Disclaimer - sell variant |
HPND-sell-variant-MIT-disclaimer | HPND sell variant with MIT disclaimer |
HPND-sell-variant-MIT-disclaimer-rev | HPND sell variant with MIT disclaimer - reverse |
HTMLTIDY | HTML Tidy License |
ICU | ICU License |
IJG | Independent JPEG Group License |
IJG-short | Independent JPEG Group License - short |
ISC | ISC License |
ISC-Veillard | ISC Veillard variant |
ImageMagick | ImageMagick License |
Inner-Net-2.0 | Inner Net License v2.0 |
JPNIC | Japan Network Information Center License |
JSON | JSON License |
Jam | Jam License |
Kastrup | Kastrup License |
Knuth-CTAN | Knuth CTAN License |
LOOP | Common Lisp LOOP License |
LZMA-SDK-9.11-to-9.20 | LZMA SDK License (versions 9.11 to 9.20) |
LZMA-SDK-9.22 | LZMA SDK License (versions 9.22 and beyond) |
Leptonica | Leptonica License |
Libpng | libpng License |
LicenseRef-NoVersion-Apache | Apache Software License |
LicenseRef-NoVersion-BSD | BSD License |
LicenseRef-Proprietary-NVIDIA-CUDA-Python-2021 | NVIDIA Software License for CUDA Python (2021) |
LicenseRef-Proprietary-NVIDIA-Math-Libraries-SDK-2022 | License Agreement for NVIDIA Math Libraries SDKs (2022) |
LicenseRef-Proprietary-NVIDIA-Nsight-Systems-2024 | Software License Agreement for NVIDIA Nsight Systems (2024) |
LicenseRef-Proprietary-NVIDIA-SDK-nvTIFF-2022 | License Agreement for NVIDIA SDKs with nvTIFF Supplement (2022) |
LicenseRef-Proprietary-NVIDIA-TensorRT-2021 | Software License Agreement for NVIDIA TensorRT (2021) |
LicenseRef-Proprietary-NVIDIA-Warp | Software License Agreement for NVIDIA Warp |
LicenseRef-com.oracle-BCL | Oracle Binary Code License |
LicenseRef-scancode-amazon-sl | Amazon Software License |
LicenseRef-scancode-apple-excl | Apple Java Extensions |
LicenseRef-scancode-indiana-extreme | Indiana University Extreme! Lab Software 1.1.1 |
LicenseRef-scancode-wordnet | WordNet 3.0 license |
Linux-OpenIB | Linux Kernel Variant of OpenIB.org license |
Linux-man-pages-1-para | Linux man-pages - 1 paragraph |
MIPS | MIPS License |
MIT | MIT License |
MIT-0 | MIT No Attribution License |
MIT-CMU | CMU License |
MIT-Click | MIT Click License |
MIT-Festival | MIT Festival Variant |
MIT-Khronos-old | MIT Khronos - old variant |
MIT-Modern-Variant | MIT License Modern Variant |
MIT-Wu | MIT Tom Wu Variant |
MIT-open-group | MIT Open Group variant |
MIT-testregex | MIT testregex Variant |
MITNFA | MIT +no-false-attribs license |
MMIXware | MMIXware License |
MPL-1.1 | Mozilla Public License 1.1 |
MPL-2.0 | Mozilla Public License 2.0 |
MPL-2.0-no-copyleft-exception | Mozilla Public License 2.0 (no copyleft exception) |
MS-PL | Microsoft Public License |
Mackerras-3-Clause | Mackerras 3-Clause License |
Mackerras-3-Clause-acknowledgment | Mackerras 3-Clause - acknowledgment variant |
Martin-Birgmeier | Martin Birgmeier License |
Minpack | Minpack License |
MirOS | MirOS Licence |
MulanPSL-2.0 | Mulan Permissive Software License, Version 2 |
NCBI-PD | NCBI Public Domain Notice |
NCL | NCL Source Code License |
NCSA | University of Illinois/NCSA Open Source License |
NICTA-1.0 | NICTA Public Software License, Version 1.0 |
NIST-PD | NIST Public Domain Notice |
NIST-Software | NIST Software License |
NLPL | No Limit Public License |
NTIA-PD | NTIA Public Domain Notice |
NTP | NTP License |
NTP-0 | NTP No Attribution |
Net-SNMP | Net-SNMP License |
OAR | OAR License |
OFFIS | OFFIS License |
OFL-1.0 | SIL Open Font License 1.0 |
OFL-1.0-RFN | SIL Open Font License 1.0 with Reserved Font Name |
OFL-1.0-no-RFN | SIL Open Font License 1.0 with no Reserved Font Name |
OFL-1.1 | SIL Open Font License 1.1 |
OFL-1.1-RFN | SIL Open Font License 1.1 with Reserved Font Name |
OFL-1.1-no-RFN | SIL Open Font License 1.1 with no Reserved Font Name |
OGC-1.0 | OGC Software License, Version 1.0 |
OLDAP-2.0 | Open LDAP Public License v2.0 (or possibly 2.0A and 2.0B) |
OLDAP-2.0.1 | Open LDAP Public License v2.0.1 |
OLDAP-2.1 | Open LDAP Public License v2.1 |
OLDAP-2.2 | Open LDAP Public License v2.2 |
OLDAP-2.2.1 | Open LDAP Public License v2.2.1 |
OLDAP-2.2.2 | Open LDAP Public License 2.2.2 |
OLDAP-2.3 | Open LDAP Public License v2.3 |
OLDAP-2.4 | Open LDAP Public License v2.4 |
OLDAP-2.5 | Open LDAP Public License v2.5 |
OLDAP-2.6 | Open LDAP Public License v2.6 |
OLDAP-2.7 | Open LDAP Public License v2.7 |
OLDAP-2.8 | Open LDAP Public License v2.8 |
OpenSSL | OpenSSL License |
OpenSSL-standalone | OpenSSL License - standalone |
PADL | PADL License |
PDDL-1.0 | ODC Public Domain Dedication & License 1.0 |
PHP-3.0 | PHP License v3.0 |
PHP-3.01 | PHP LIcense v3.01 |
PSF-2.0 | Python Software Foundation License 2.0 |
Pixar | Pixar License |
PostgreSQL | PostgreSQL License |
Python-2.0 | Python License 2.0 |
Python-2.0.1 | Python License 2.0.1 |
Ruby | Ruby License |
Ruby-pty | Ruby pty extension license |
SAX-PD-2.0 | Sax Public Domain Notice 2.0 |
SGI-B-2.0 | SGI Free Software License B v2.0 |
SL | SL License |
SMLNJ | Standard ML of New Jersey License |
SMPPL | Secure Messaging Protocol Public License |
SSH-OpenSSH | SSH OpenSSH license |
SSH-short | SSH short notice |
SSLeay-standalone | SSLeay License - standalone |
Soundex | Soundex License |
Spencer-86 | Spencer License 86 |
Spencer-94 | Spencer License 94 |
Spencer-99 | Spencer License 99 |
StandardML-NJ | Standard ML of New Jersey License |
Sun-PPP | Sun PPP License |
Sun-PPP-2000 | Sun PPP License (2000) |
SunPro | SunPro License |
Symlinks | Symlinks License |
TCL | Tcl/Tk |
TCP-wrappers | TCP Wrappers License |
TPDL | Time::ParseDate License |
TPL-1.0 | THOR Public License 1.0 |
TTWL | Text-Tabs+Wrap License |
TTYP0 | TTYP0 License |
TU-Berlin-1.0 | Technische Universitaet Berlin License 1.0 |
TU-Berlin-2.0 | Technische Universitaet Berlin License 2.0 |
TermReadKey | TermReadKey License |
ThirdEye | ThirdEye License |
TrustedQSL | TrustedQSL License |
UCAR | UCAR License |
UMich-Merit | Michigan/Merit Networks License |
UPL-1.0 | Universal Permissive License v1.0 |
Ubuntu-font-1.0 | Ubuntu Font Licence v1.0 |
Unicode-3.0 | Unicode License v3 |
Unicode-DFS-2015 | Unicode License Agreement - Data Files and Software (2015) |
Unicode-DFS-2016 | Unicode License Agreement - Data Files and Software (2016) |
UnixCrypt | UnixCrypt License |
Unlicense | Unlicense |
Unlicense-libtelnet | Unlicense - libtelnet variant |
Unlicense-libwhirlpool | Unlicense - libwhirlpool variant |
Vim | Vim License |
W3C | W3C Software and Notice License |
W3C-19980720 | W3C Software Notice and License (1998-07-20) |
W3C-20150513 | W3C Software Notice and Document License (2015-05-13) |
WTFPL | Do What The F*ck You Want To Public License |
Widget-Workshop | Widget Workshop License |
X11 | X11 License |
X11-distribute-modifications-variant | X11 License Distribution Modification Variant |
X11-swapped | X11 swapped final paragraphs |
XFree86-1.1 | XFree86 License 1.1 |
Xdebug-1.03 | Xdebug License v 1.03 |
Xfig | Xfig License |
Xnet | X.Net License |
ZPL-2.1 | Zope Public License 2.1 |
Zed | Zed License |
Zeeff | Zeeff License |
Zlib | zlib License |
any-OSI-perl-modules | Any OSI License - Perl Modules |
bcrypt-Solar-Designer | bcrypt Solar Designer License |
blessing | SQLite Blessing |
bzip2-1.0.6 | bzip2 and libbzip2 License v1.0.6 |
check-cvs | check-cvs License |
checkmk | Checkmk License |
curl | curl License |
cve-tou | Common Vulnerability Enumeration ToU License |
dtoa | David M. Gay dtoa License |
fwlw | fwlw License |
generic-xts | Generic XTS License |
gtkbook | gtkbook License |
hdparm | hdparm License |
jove | Jove License |
libpng-1.6.35 | PNG Reference Library License v1 (for libpng 0.5 through 1.6.35) |
libpng-2.0 | PNG Reference Library version 2 |
libselinux-1.0 | libselinux public domain notice |
libtiff | libtiff License |
libutil-David-Nugent | libutil David Nugent License |
lsof | lsof License |
magaz | magaz License |
mailprio | mailprio License |
man2html | man2html License |
metamail | metamail License |
mpi-permissive | mpi Permissive License |
mplus | mplus Font License |
pkgconf | pkgconf License |
snprintf | snprintf License |
softSurfer | softSurfer License |
ssh-keyscan | ssh-keyscan License |
swrule | swrule License |
threeparttable | threeparttable License |
ulem | ulem License |
w3m | w3m License |
xkeyboard-config-Zinoviev | xkeyboard-config Zinoviev License |
xlock | xlock License |
xpp | XPP License |
zlib-acknowledgement | zlib/libpng License with Acknowledgement |
Customizing the allowlist
Section titled “Customizing the allowlist”To restrict the allowlist, replace DEFAULT_LICENSE_ALLOWLIST with your own array. To extend it, spread the default and add entries. Entries are matched by SPDX id, full license name, or any of the listed aliases (case-insensitive).
Per-package exceptions
Section titled “Per-package exceptions”Use exceptions for packages that fail the check — either because their license is not in the allowlist, or because they ship without detectable license metadata. The reason field is required so reviewers can see why the exception was granted.
exceptions: [ { package: 'union', version: '0.5.0', reason: 'Package ships verbatim MIT text without declaring license', },];Generators that introduce dependencies with problematic metadata (e.g. the MCP server generator) automatically add the required exceptions to your config when they run.
Collectors
Section titled “Collectors”Collectors discover dependencies and extract license metadata. The built-in collectors are npmCollector() (scans node_modules) and pythonCollector() (scans Python virtual environments). The license generator configures npmCollector() by default and adds pythonCollector() when Python projects are present.
To implement a custom collector, conform to the LicenseCollector interface:
import type { LicenseCollector } from '@aws/nx-plugin/sdk/license';
const myCollector = (): LicenseCollector => ({ name: 'my-ecosystem', traceCommand: 'my-tool why <package>', async collect({ workspaceRoot }) { return [ { name: 'some-dep', version: '1.0.0', rawLicense: 'MIT', ecosystem: 'my-ecosystem' }, ]; },});The onDependency hook
Section titled “The onDependency hook”license.dependencies accepts an optional onDependency callback that is invoked once for every discovered dependency, regardless of whether it passes or fails the check. It receives { package, spdx }, where package is the package name and spdx is the resolved SPDX license expression. An exception’s spdx takes precedence over the raw declared license, and spdx may be an empty string if no license was declared.
This is a handy way to print out all of the licenses across your project. Run the license-check target to see the output:
import { AwsNxPluginConfig } from '@aws/nx-plugin';import { DEFAULT_LICENSE_ALLOWLIST } from '@aws/nx-plugin/sdk/license';
export default { license: { dependencies: { allow: DEFAULT_LICENSE_ALLOWLIST, onDependency: ({ package: pkg, spdx }) => { console.log(`${pkg} - ${spdx}`); }, }, },} satisfies AwsNxPluginConfig;Disabling Dependency Checks
Section titled “Disabling Dependency Checks”Dependency license checking is enabled by the presence of the license.dependencies key in your configuration.
To disable the checks for a single run, set the LICENSE_DEPENDENCY_CHECK=skip environment variable:
pnpm LICENSE_DEPENDENCY_CHECK=skip lintyarn LICENSE_DEPENDENCY_CHECK=skip lintnpm run LICENSE_DEPENDENCY_CHECK=skip lintbun LICENSE_DEPENDENCY_CHECK=skip lintTo disable permanently, remove the license.dependencies key from your configuration in aws-nx-plugin.config.mts. You can also re-run the license generator with --dependencyCheck=false to scaffold without it.