Quick reference. Print it, bookmark it, share it with your team.
Tools you use to build (IDE, compiler, build tool) impose no obligations on your output. Components shipped in your product (libraries, frameworks, fonts) carry their license conditions into your product.
| License | Mobile App | Web Frontend | Web Backend | Public API | CLI Tool |
|---|---|---|---|---|---|
| MIT / BSD / Apache | Include notices | Include notices | No distribution** | No distribution** | Include notices |
| GPL v2/v3 | Source disclosure | Source disclosure | No distribution*/** | No distribution*/** | Source disclosure |
| LGPL | Check linking method | Check linking method | No distribution** | No distribution** | Check linking method |
| AGPL | Source disclosure | Source disclosure | Source disclosure | Source disclosure | Source disclosure |
| SSPL | Check terms | Check terms | Check service terms | Check service terms | Check terms |
| Proprietary | Per license terms | Per license terms | Per license terms | Per license terms | Per license terms |
* Standard GPL conditions are triggered by distribution, not by execution on your server.
** “No distribution” assumes the code stays on your server. If you ship on-prem versions, provide code or builds to enterprise customers, or share Docker images externally, that counts as distribution, and all standard license conditions apply.
| Layer | Examples | Obligations |
|---|---|---|
| IDE / Editor | VS Code, IntelliJ, Xcode, Vim, Emacs | None |
| Compiler | GCC, Clang, Rustc, Go, javac | None |
| Build tool / Bundler | Webpack, Vite, Rollup, esbuild, Gradle, Make, Cargo | None* |
| Linter / Formatter | ESLint, Prettier, Pylint, SwiftLint, clippy, Black | None |
| Test runner | Jest, Vitest, pytest, go test, XCTest | None |
| Package manager | npm, pip, cargo, Maven, CocoaPods | None |
| Version control | Git, GitHub, GitLab | None |
| CI/CD | GitHub Actions, Jenkins, CircleCI | None |
| Cloud / hosting | AWS, GCP, Azure, Vercel, Netlify | None |
| Operating system | Linux, macOS, Windows | None (user-space programs are independent) |
* Some bundlers inject a small runtime snippet into your output (e.g. Webpack’s module loader). These snippets typically use the same permissive license as the bundler (MIT). The condition is to include the copyright notice, which is usually embedded as a comment.
| Product Type | Standard Location | Tools |
|---|---|---|
| Mobile App (iOS) | Settings > Acknowledgements screen | LicensePlist |
| Mobile App (Android) | Open Source Licenses activity | Google OSS Licenses Plugin |
| Mobile App (React Native) | Dedicated screen | react-native-oss-license |
| Web App (Frontend) | /licenses page or embedded in JS bundle | LicenseWebpackPlugin, rollup-plugin-license |
| Web App (Backend) | THIRD-PARTY-LICENSES file in repo | pip-licenses, license-checker |
| Public API | THIRD-PARTY-LICENSES file in repo | Same as backend |
| CLI Tool | —licenses flag + NOTICES file in package | license-checker, cargo-about, go-licenses |
Run a license scanner. Know every license in your tree.
Define which licenses your team can use without review, which need legal review, and which are not compatible with your product type.
Use the tools listed above to automate notice generation. Make it part of your build process.
License to Build: a plain-language guide to open-source license obligations. Not legal advice. When in doubt, consult a lawyer.