nix-license

Automated software license compliance for the AI era

A scan tells you what's wrong. A build gate prevents it.

Logger

i-am-logger · nix-license.dev

The problem

AI is generating code faster than humans can audit it.

A developer using Copilot, Claude, or Cursor can introduce 50 dependencies in an afternoon. No compliance team can review that manually.

Compliance moved from manual to automated in AML because transaction volume made manual review impossible. License compliance is at the same inflection point.

Features — free

Feature
License enforcement — restrictions, obligations, allowed-use
2649 classified licenses (SALT)
Full nixpkgs coverage (289 licenses mapped)
Commitments — declare what you can fulfill
Assurances — require patent grants, source, warranty
Content policy — per-user entitlements (OARS 1.1)
200,000+ compliance checks per build

Features — commercial + planned

Feature	Status
Cryptographic license verification (GPG + openssl)
Compliance reports — JSON + HTML dashboard
GitHub Action — CI/CD integration
SBOM generation (SPDX/CycloneDX)	planned
OpenChain ISO/IEC 5230 conformance	planned
Audit trail	planned
License change detection	planned

How you use it

Who are you? → commercial (or personal, educational, research, government, nonprofit)

Commercial use? → true

Distributing software? → true

Running SaaS? → false

Can you open-source your product? → false ← blocks GPL, AGPL

Require patent grants? → true ← blocks licenses without patent rights

The build won't succeed if any package violates these declarations.

What you get

Demo — live reports generated on every release from nix-license examples

Thank you

Logger

i-am-logger

nix-license.dev

github.com/i-am-logger/nix-license

github.com/i-am-logger/salt — 2649 classified licenses