Managing the License Policy

Overview

Manage license risk with confidence—especially in the age of AI-assisted development. As AI-generated code becomes more common, managing open source licenses has grown both more complex and more critical. Heeler now helps teams reduce license risk with:

• A global license policy to define what’s allowed

• Real-time detection of license violations in dependencies

• A guardrail to automatically block risky license usage in pull requests

Customizable Global License Policy

A default license policy based on OSI-approved licenses is now available. Admins can customize this policy to align with your organization’s legal or compliance requirements. This policy powers Heeler’s detection and enforcement capabilities, including the Unapproved License guardrail.

License Violations in Dependency Listings

Heeler now flags any dependency—direct or transitive—that violates the license policy. This gives developers and security teams immediate visibility into license risk across the codebase.

Guardrail: Unapproved License Blocking

Use the Unapproved License guardrail to automatically prevent risky licenses from being introduced. This guardrail can block pull requests that attempt to add any dependency (direct or transitive) that violates your policy—stopping issues before they reach production.