At TrustSource our aim is to almost free our customers from the work related to open source compliance. this is one of the major reasons why we introduced the legal service, capable of resolving the obligations related to a particular project situation.
However, compliance as well as open source risk management are more complex than just resolving license obligations. While our initial work grows in breadth (more and more specific licenses are analyzed) and depth (additional criteria appear and rules are identified) the overall solution also grows in functionality and complexity.
We have introduced additional scanning services, we added more sources to crawl, etc. Currently we are extending the platform with several edges:
One of the reasons why all this compliance work is done, is the notice file. Starting from version 1.7 TrustSource will also provide support in creating and publishing notice files.
Often we see a difference between declared and effective license. This bears high risks to users not having identified the effective license(s). To help users identifying the effective licenses, our researchers have developed DeepScan, a service that assesses all text files of a repository and scans them for license like conditions. The results are marvellous and we are keen getting the tool out to allow you a more precise analysis of the used components.
- Further documentation support:
The following timeline gives a rough overview, on when we currently plan to deliver what:
For more information and feature requests, feel free to contact support at firstname.lastname@example.org We will be happy hearing from you!