Third-Party Licenses

DFIRe is built using open source software. This page lists the third-party libraries and their licenses.

License Summary

DFIRe uses only open source libraries with licenses that permit commercial use. The following license types are used by our dependencies:

License Type Commercial Use
MIT Permissive Allowed
BSD (2-Clause, 3-Clause) Permissive Allowed
Apache 2.0 Permissive Allowed
ISC Permissive Allowed
MPL 2.0 Weak Copyleft Allowed
LGPL 3.0 Weak Copyleft Allowed (see note below)
PSF (Python) Permissive Allowed
ZPL 2.1 Permissive Allowed

LGPL Note: The psycopg2 PostgreSQL driver is licensed under LGPL 3.0. Under LGPL terms, you may use this library in commercial applications without releasing your own source code, provided you do not modify the library itself. DFIRe uses psycopg2 as an unmodified dependency.

Backend Dependencies (Python)

The DFIRe backend is built with Python and uses the following key libraries:

Web Framework

Package License Purpose
Django BSD-3-Clause Web framework
Django REST Framework BSD-3-Clause REST API
Django Channels BSD-3-Clause WebSocket support
Daphne BSD-3-Clause ASGI server

Database & Caching

Package License Purpose
psycopg2 LGPL-3.0 PostgreSQL driver
redis-py MIT Redis client
Django-Q2 MIT Background task queue

Security & Authentication

Package License Purpose
cryptography Apache-2.0 / BSD Encryption primitives
mozilla-django-oidc MPL-2.0 OpenID Connect authentication
PyJWT MIT JSON Web Token handling
pyOpenSSL Apache-2.0 TLS/SSL support

Storage & Cloud

Package License Purpose
boto3 Apache-2.0 AWS/S3-compatible storage
django-storages BSD-3-Clause Storage backend abstraction
smbprotocol MIT SMB/CIFS file sharing

Data Processing

Package License Purpose
Pillow HPND Image processing
Pydantic MIT Data validation
Requests Apache-2.0 HTTP client
HTTPX BSD-3-Clause Async HTTP client

Networking

Package License Purpose
Twisted MIT Async networking
Autobahn MIT WebSocket implementation
zope.interface ZPL-2.1 Interface definitions

Frontend Dependencies (JavaScript)

The DFIRe frontend is a React single-page application using the following libraries:

Core Framework

Package License Purpose
React MIT UI framework
React Router MIT Client-side routing
TanStack Query MIT Server state management

Styling & UI

Package License Purpose
Tailwind CSS MIT Utility-first CSS framework
Lucide React ISC Icon library
Recharts MIT Charting library

Data & HTTP

Package License Purpose
Axios MIT HTTP client
date-fns MIT Date manipulation

Content & Security

Package License Purpose
DOMPurify Apache-2.0 / MPL-2.0 HTML sanitization
react-markdown MIT Markdown rendering

Build Tools

Package License Purpose
Vite MIT Build tool & dev server
TypeScript Apache-2.0 Type checking
ESLint MIT Code linting
Vitest MIT Testing framework

Runtime Dependencies

DFIRe runs on the following open source infrastructure components:

Component License Purpose
Python PSF License Backend runtime
Node.js MIT Frontend build
PostgreSQL PostgreSQL License Database
Redis BSD-3-Clause Caching & message broker
Nginx BSD-2-Clause Web server (production)

License Compliance

DFIRe complies with all license requirements of its dependencies:

  • Attribution: This page provides attribution as required by BSD, MIT, and Apache licenses.
  • Source availability: All dependencies are available from their respective package registries (PyPI, npm) or source repositories.
  • No modification: DFIRe uses all dependencies as unmodified libraries, satisfying LGPL requirements without source disclosure obligations.
  • License texts: Full license texts are included in the respective packages and available from the links above.

Questions? If you have questions about licensing or need additional compliance documentation, please contact us at contact@dfire.fi.