License chooser · dependency conflict checker
Pick the right license — and catch the GPL footgun.
Answer four questions to get the right open-source license with full text and SPDX id, then check your package.json or requirements.txt dependencies for license conflicts.
Open the license tool ↗What it does
choosealicense.com helps you pick. licensepicker also checks what you’re pulling in — it resolves each dependency’s license from npm/PyPI and flags GPL-in-MIT and similar conflicts against your project license.
Licenses at a glance
Use anywhere, even closed-source; just keep the notice. Apache adds a patent grant.
Keep the changed files / library open; can still combine with closed code.
The whole distributed work must stay open under the GPL.
GPL plus a clause triggered by running it as a web service.
Frequently asked questions
Is licensepicker free?
Yes — completely free, no account, no sign-up. It runs entirely in your browser.
Is this legal advice?
No. licensepicker gives informational guidance to help you choose a license and spot obvious dependency conflicts. License compatibility — especially around copyleft — can depend on how code is combined and distributed, so confirm important decisions with a qualified professional.
How does the dependency check work?
Paste a package.json or requirements.txt. For each dependency, licensepicker fetches the declared license from the public npm or PyPI registry (CORS, no API key), classifies it, and checks it against the project license you chose. Your manifest is never uploaded to us — the registry calls go straight from your browser.
Why does a GPL dependency “conflict” with my MIT project?
A strong-copyleft (GPL) dependency generally requires the entire combined work to be released under the GPL. If your project is MIT, Apache, or proprietary, distributing it with a GPL dependency is a conflict unless you relicense the whole project. AGPL goes further and is triggered even by network/SaaS use.
What is the difference between MIT, Apache-2.0 and BSD?
All three are permissive: anyone can use your code, even commercially, as long as they keep your notice. MIT and BSD are short and simple; Apache-2.0 adds an explicit patent grant and a NOTICE requirement, which companies often prefer. BSD-3-Clause additionally forbids using your name to endorse derivatives.
When should I pick GPL, LGPL, MPL or AGPL?
MPL-2.0 keeps only the files you change open (you can still combine it with closed code). LGPL is for libraries you want usable in closed apps via dynamic linking. GPL keeps the whole distributed work open. AGPL extends that to software run as a network service.
Which weekday numbering or version suffix do you use?
licensepicker recommends the current GNU versions (e.g. GPL-3.0, AGPL-3.0) and outputs canonical SPDX identifiers so they’re machine-readable in your package metadata.