PHPackages gentics/composer-plugin-license-check - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. gentics/composer-plugin-license-check ActiveComposer-plugin gentics/composer-plugin-license-check ===================================== Plugin for Composer to restrict installation of packages to valid licenses via whitelist. 1.1.0(5y ago)219.1k↓47.8%1[2 issues](https://github.com/gentics/composer-plugin-license-check/issues)MITPHPPHP >=7.4 Since May 28Pushed 5y ago13 watchersCompare [ Source](https://github.com/gentics/composer-plugin-license-check)[ Packagist](https://packagist.org/packages/gentics/composer-plugin-license-check)[ RSS](/packages/gentics-composer-plugin-license-check/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (3)Versions (5)Used By (0) metasyntactical / composer-plugin-license-check =============================================== [](#metasyntactical--composer-plugin-license-check) This composer plugin allows to define a white- and/or blacklist of licenses packages which will be installed in a project will be validated against. If a forbidden license is found in a package the installation of the particular package will be failed. Additionally a new composer command `check-licenses` is provided to list all packages in the dependencies including their license and if it is allowed to use. How to install -------------- [](#how-to-install) Installation procedure follows the general installation process of packages with composer. Run `composer require metasyntactical/composer-plugin-license-check` to add the package to the `composer.json` and install the package. How to use ---------- [](#how-to-use) The composer plugin reacts on extra variables in the extra-section of the composer.json. ``` { "extra": { "metasyntactical/composer-plugin-license-check": { "whitelist": [], "blacklist": [] } } } ``` Just specify the allowed (whitelist) or forbidden (blacklist) licenses as array. Use the license identifiers allowed/used in the version-property of the composer.json to be compatible with the general usage. **Important Note**: This plugin is licensed under MIT license. Even if you forbid to use MIT licensed packages in your project the plugin itself is the only package it would not complain about (otherwise further checking would not work obviously). ### Health Score 31 — LowBetter than 68% of packages Maintenance0 Infrequent updates — may be unmaintained Popularity29 Limited adoption so far Community15 Small or concentrated contributor base Maturity66 Established project with proven stability Bus Factor1 Top contributor holds 80% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~469 days Total 4 Last Release 1869d ago Major Versions v0.3.0 → 1.1.02021-04-06 PHP version history (3 changes)v0.1.0PHP >=7.1.0,<7.2.0 v0.2.0PHP >=7.1.0,<7.3.0 1.1.0PHP >=7.4 ### Community Maintainers ![](https://www.gravatar.com/avatar/d88b8821b2345b9b7f50b7a789dd386ff31b6dcd810ebe3bc30c27bcbfe75a72?d=identicon)[gentics](/maintainers/gentics) --- Top Contributors [![dkreuer](https://avatars.githubusercontent.com/u/461576?v=4)](https://github.com/dkreuer "dkreuer (8 commits)")[![dinamic](https://avatars.githubusercontent.com/u/11616?v=4)](https://github.com/dinamic "dinamic (1 commits)")[![netwarex](https://avatars.githubusercontent.com/u/6048614?v=4)](https://github.com/netwarex "netwarex (1 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/gentics-composer-plugin-license-check/health.svg) ``` [![Health](https://phpackages.com/badges/gentics-composer-plugin-license-check/health.svg)](https://phpackages.com/packages/gentics-composer-plugin-license-check) ``` ### Alternatives [humbug/box Fast, zero config application bundler with PHARs. 1.3k801.5k69](/packages/humbug-box)[vaimo/composer-patches Applies a patch from a local or remote file to any package that is part of a given composer project. Patches can be defined both on project and on package level. Optional support for patch versioning, sequencing, custom patch applier configuration and patch command for testing/troubleshooting added patches. 2994.3M16](/packages/vaimo-composer-patches)[mglaman/composer-drupal-lenient 1317.4M15](/packages/mglaman-composer-drupal-lenient)[drupal/core-composer-scaffold A flexible Composer project scaffold builder. 5341.9M446](/packages/drupal-core-composer-scaffold)[roots/wordpress-core-installer A Composer custom installer to handle installing WordPress as a dependency 4115.6M19](/packages/roots-wordpress-core-installer)[drupal/core-project-message Adds a message after Composer installation. 2122.6M172](/packages/drupal-core-project-message) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)