License.sh ensures license compliance of your codebase
Available as a configurable OSS package as well as SaaS web platform, License.sh helps you with compliance of your codebase.
Web development, Design
React, TypeScript, GraphQL, Firebase
SaaS web applicationbuilt on top of OSS core
Vercel’s Next.jstechnology used
GitHub and GitLabintegrations
License.sh serves as a continuous integration tool that aims to ensure license compliance of a codebase. It is accessible both as a configurable OSS package and as a SaaS web platform which requires a few clicks to get running as it provides seamless integrations with both GitHub and GitLab. While the OSS package focuses on configurability, the web platform is all about simplicity, ease of use and education in the field of software licensing.
Why Did We Develop License.sh?
We’ve decided to build License.sh due to both internal and our customers' demand. Before developing License.sh, we spent a considerable amount of time implementing and maintaining various license compliance and third party license extractor scripts. It made sense to us to resolve the problem and package it as a dedicated service so that everyone can enjoy a tool that's always ready within the given CI/CD pipeline.
Besides, every developer or project manager who’s ever had a chance to encounter licensing (both in the startup and enterprise world), sooner or later finds out that it’s not straightforward to stay compliant. Especially today when OSS world where not every package maintainer takes proper care of their creation’s licensing. License.sh aims to help even with that.
Technologies And a Tough Nut to Crack
License.sh core functionality is encapsulated in an OSS tool written in Python. This tool does all the heavy lifting of the license check itself and is powerful enough to provide a complete tooling as for licensing compliance. However, it’s the due diligence of the user to understand the licensing problematics, configure the tool accordingly and deploy it as a part of CI/CD.
Ultimately, that’s why we decided to create a complete easy-to-use SaaS platform. The platform is built on top of the OSS tool, which helps the user understand licensing better, navigates them to create a tailored compliance environment and most importantly, makes the user stay safe.
The platform itself is built with React and Typescript. We have an easy and fast development environment, with the power of Vercel deployment and their Next.js SSR tooling.
The biggest challenge was to run the tool itself in a secure and conternaized environment so that we are sure that the results are safe, consistent and reliable. We managed to do that with the power of Docker and AWS (CodeBuild, S3, Lambda, …).
The license check infrastructure is quite complex, however seamless user experience is a must-have. We’ve spent much time iterating the UX to achieve smooth synchronization of providers API (Github, Gitlab), check runtime and UI. Google’s Firestore managed to be a great help with that.
As for the payment system, Stripe has become a SOTA solution. Their excellent developer-focused environment is hard to substitute.
We've decided to build License.sh in a lean and customer-driven manner. Considering this and the fact of having only a small team, the project management has to be agile.
The core person that does all the heavy lifting is Bogdan Sikora, who currently works on the project full-time. He manages to cover all the demands as they come on both OSS and the Web platform side.
While the OSS package is meant to live it’s own lifecycle in the OSS world, the web platform, (which aims to be the all-in-one license compliance hammer) is a subject to standard project management practice.
Wrapping Things Up
License.sh is a small startup, quickly built and driven by customer demand. We’ve managed to deliver the POC within 6 months and continued with the development for a couple of months to release the first version. We're confident to say, it’s likely the leanest startup product we’ve built so far as for both features and budget.