License Compliance

Benched.ai Editorial Team

License compliance ensures that models, datasets, and code respect the usage terms (e.g., MIT, Apache-2.0, Llama Community) of third-party assets.

Compliance Checklist

Asset	Required Action	Tool
Open-source code	Include LICENSE, NOTICE	licensee, reuse-tool
Dataset CC-BY	Provide attribution	SPDX tags
Non-commercial weights	Block commercial endpoints	Policy enforcer
LGPL library	Dynamic link only	build scripts

Risk Matrix

Severity	Example Violation	Potential Penalty
Critical	Redistribute proprietary weights	Lawsuit, takedown
High	Omit CC-BY attribution	DMCA notice
Medium	Missing NOTICE file	Deprecation PR
Low	SPDX header formatting	Linter failure

Current Trends (2025)

SBOMs (Software Bill of Materials) now include model checkpoints.
AI license scanners parse .safetensors metadata for embedded notices.
EU AI Act mandates disclosure of training data licenses for high-risk systems.

Implementation Tips

Generate SBOM on every release via CycloneDX.
Track license obligations in CI; fail build on new non-compliant assets.
Provide an attribution.md page bundled with model weights.