Informational only. Not legal advice. Read more.
yourlicense.ca

» Guide

How to apply a licence

The practical steps to add a licence to a software project, a content work, or a dataset.

Picking a licence is half the work. Actually attaching it so it is discoverable, enforceable, and scannable by compliance tooling is the other half.

For a software repository

  1. Add a LICENSE file at the root of the repository containing the full text of the chosen licence. Use the canonical text from the licence’s official source, not a paraphrase.

  2. Fill in the copyright line if the licence template has one (MIT, BSD, Apache all do). Use the current year and the correct author or organisation name.

  3. Add SPDX headers to every source file:

    // SPDX-License-Identifier: MIT

  4. Update package.json / pyproject.toml / equivalent to declare the licence using its SPDX identifier.

  5. If the licence has a NOTICE requirement (Apache-2.0 does, indirectly), include a NOTICE file listing attributions.

  6. Commit the change with a clear message. A fresh repo’s first commit should include the licence.

For content (text, images, video)

  1. Publish the work with a visible attribution + licence line near the work, for example:

    "Work Title" by Author Name is licensed under CC BY 4.0.
https://creativecommons.org/licenses/by/4.0/

  2. For images, include EXIF or IPTC metadata where possible.

  3. For websites, add a <link rel="license"> in the page head and/or footer links.

For datasets

  1. Include a LICENSE file in the dataset archive.
  2. Include a README that names the licence and provides citation instructions.
  3. If the data has sui generis database rights (EU), pick a licence that addresses those rights (ODbL, CC-BY-4.0, CC-BY-SA-4.0).
  4. Record the licence in the dataset’s catalogue metadata (DataCite, schema.org/Dataset).

For proprietary or confidential work

  1. Put a copyright notice at the top of each file.
  2. For distributed software, write an EULA and require acceptance before installation or first use.
  3. Record the accepted version of the EULA per user, with timestamp.
  4. If the work is confidential, pair the licence with an NDA.

Making the licence discoverable

  • GitHub and GitLab surface the licence automatically when the LICENSE file matches a recognised template.
  • Crates.io, npm, PyPI all read the licence from the manifest.
  • Package managers sometimes gate installations on the licence — make sure yours is a well-known SPDX identifier if you publish to a registry.
Notice

Informational only

Nothing on yourlicense.ca is legal advice. Confirm with a lawyer before you license anything that matters.

Read the disclaimer →