Skip to main content
Glama
gemini2026

Documentation Search MCP Server

by gemini2026
OverviewSchemaRelated ServersScoreDiscussions
Python
Remote

snyk_license_check

Check license compliance for project dependencies using Snyk to assess risks and ensure adherence to selected policies.

Instructions

Check license compliance for project dependencies using Snyk.

Args:
    project_path: Path to the project directory
    policy: License policy to apply ("permissive", "copyleft-limited", "strict")

Returns:
    License compliance report with risk assessment

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
project_pathNo.
policyNopermissive

Implementation Reference

  • src/documentation_search_enhanced/main.py:1998-2108 (handler)
    Main handler function decorated with @mcp.tool() that implements the snyk_license_check tool. It scans project dependencies, uses Snyk integration for license compliance checking, applies customizable policies, and generates a risk assessment report.
    async def snyk_license_check(project_path: str = ".", policy: str = "permissive"):
    """
    Check license compliance for project dependencies using Snyk.

    Args:
        project_path: Path to the project directory
        policy: License policy to apply ("permissive", "copyleft-limited", "strict")

    Returns:
        License compliance report with risk assessment
    """
    from .snyk_integration import snyk_integration
    from .project_scanner import find_and_parse_dependencies

    try:
        # Find project dependencies
        dep_result = find_and_parse_dependencies(project_path)
        if not dep_result:
            return {"error": "No supported dependency files found"}

        filename, ecosystem, dependencies = dep_result

        # Convert dependencies to list of tuples
        packages = [(name, version) for name, version in dependencies.items()]

        # Get license compliance report
        compliance_report = await snyk_integration.get_license_compliance(
            packages, ecosystem
        )

        # Apply policy-specific analysis
        policy_rules = {
            "permissive": {
                "allowed": {"MIT", "Apache-2.0", "BSD-2-Clause", "BSD-3-Clause", "ISC"},
                "restricted": {
                    "GPL-2.0",
                    "GPL-3.0",
                    "LGPL-2.1",
                    "LGPL-3.0",
                    "AGPL-3.0",
                },
                "name": "Permissive Policy",
            },
            "copyleft-limited": {
                "allowed": {
                    "MIT",
                    "Apache-2.0",
                    "BSD-2-Clause",
                    "BSD-3-Clause",
                    "ISC",
                    "LGPL-2.1",
                    "LGPL-3.0",
                },
                "restricted": {"GPL-2.0", "GPL-3.0", "AGPL-3.0"},
                "name": "Limited Copyleft Policy",
            },
            "strict": {
                "allowed": {"MIT", "Apache-2.0", "BSD-2-Clause", "BSD-3-Clause"},
                "restricted": {
                    "GPL-2.0",
                    "GPL-3.0",
                    "LGPL-2.1",
                    "LGPL-3.0",
                    "AGPL-3.0",
                },
                "name": "Strict Policy",
            },
        }

        selected_policy = policy_rules.get(policy, policy_rules["permissive"])

        # Risk assessment
        risk_assessment = {
            "policy_applied": selected_policy["name"],
            "overall_compliance": (
                "compliant"
                if compliance_report["non_compliant_packages"] == 0
                else "non-compliant"
            ),
            "risk_level": (
                "low"
                if compliance_report["non_compliant_packages"] == 0
                else (
                    "high"
                    if compliance_report["non_compliant_packages"] > 5
                    else "medium"
                )
            ),
            "action_required": compliance_report["non_compliant_packages"] > 0,
        }

        return {
            "project_path": project_path,
            "policy": selected_policy["name"],
            "scan_timestamp": datetime.now().isoformat(),
            "compliance_summary": compliance_report,
            "risk_assessment": risk_assessment,
            "recommendations": [
                "📋 Review all non-compliant packages",
                "🔄 Find alternative packages with compatible licenses",
                "⚖️ Consult legal team for high-risk licenses",
                "📝 Document license decisions for audit trail",
            ],
        }

    except Exception as e:
        return {
            "error": f"License check failed: {str(e)}",
            "project_path": project_path,
        }
  • src/documentation_search_enhanced/snyk_integration.py:298-371 (helper)
    Core helper function in SnykIntegration class that scans multiple packages for licenses using Snyk API, categorizes them as compliant/non-compliant based on predefined allowed/restricted lists, and generates compliance statistics.
        self, packages: List[Tuple[str, str]], ecosystem: str = "pypi"
) -> Dict[str, Any]:
    """Check license compliance for multiple packages"""
    compliance_results = {
        "total_packages": len(packages),
        "compliant_packages": 0,
        "non_compliant_packages": 0,
        "unknown_licenses": 0,
        "license_summary": {},
        "compliance_details": [],
    }

    # Define license policies (configurable)
    allowed_licenses = {
        "MIT",
        "Apache-2.0",
        "BSD-2-Clause",
        "BSD-3-Clause",
        "ISC",
        "Unlicense",
        "WTFPL",
    }

    restricted_licenses = {
        "GPL-2.0",
        "GPL-3.0",
        "LGPL-2.1",
        "LGPL-3.0",
        "AGPL-3.0",
        "SSPL-1.0",
    }

    for package_name, version in packages:
        try:
            package_info = await self.scan_package(package_name, version, ecosystem)

            package_compliance = {
                "package": package_name,
                "version": version,
                "licenses": [license.name for license in package_info.licenses],
                "compliance_status": "unknown",
                "risk_level": "unknown",
            }

            if package_info.licenses:
                license_names = {license.name for license in package_info.licenses}

                if license_names.intersection(restricted_licenses):
                    package_compliance["compliance_status"] = "non-compliant"
                    package_compliance["risk_level"] = "high"
                    compliance_results["non_compliant_packages"] += 1
                elif license_names.intersection(allowed_licenses):
                    package_compliance["compliance_status"] = "compliant"
                    package_compliance["risk_level"] = "low"
                    compliance_results["compliant_packages"] += 1
                else:
                    package_compliance["compliance_status"] = "review_required"
                    package_compliance["risk_level"] = "medium"
                    compliance_results["unknown_licenses"] += 1
            else:
                compliance_results["unknown_licenses"] += 1

            compliance_results["compliance_details"].append(package_compliance)

            # Update license summary
            for license in package_info.licenses:
                if license.name not in compliance_results["license_summary"]:
                    compliance_results["license_summary"][license.name] = 0
                compliance_results["license_summary"][license.name] += 1

        except Exception as e:
            print(f"License check error for {package_name}: {e}", file=sys.stderr)

    return compliance_results
  • src/documentation_search_enhanced/snyk_integration.py:72-82 (helper)
    Dataclass defining the structure for Snyk license information, used in license compliance checking.
    class SnykLicense:
    """License information from Snyk"""

    id: str
    name: str
    spdx_id: Optional[str]
    type: str  # "copyleft", "permissive", "proprietary", etc.
    url: Optional[str]
    is_deprecated: bool
    instructions: str
  • src/documentation_search_enhanced/main.py:1998-2009 (registration)
    Import statement registering the global snyk_integration instance used by the tool.
    async def snyk_license_check(project_path: str = ".", policy: str = "permissive"):
    """
    Check license compliance for project dependencies using Snyk.

    Args:
        project_path: Path to the project directory
        policy: License policy to apply ("permissive", "copyleft-limited", "strict")

    Returns:
        License compliance report with risk assessment
    """
    from .snyk_integration import snyk_integration
Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/gemini2026/documentation-search-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server