"I worked on M&A at a variety of companies that acquired all sorts of different kind/stages of startups. They rarely are compliant with even simple notice licenses (don't bother to post notices), let alone any of the more restrictive licenses."
- D. Berlin, Google Lawyer
Modern software projects rely on hundreds, if not thousands, of open-source code packages. Using open source can save valuable engineering time, but also creates legal responsibilities.
Before you close a funding round or sign up a major enterprise customer, your investors and clients will ask:
CorePlane will scan your codebase, flag potential issues, and document your open-source compliance, continuously and automatically.
Automatically create a file that lists all your open-source dependencies, including licenses, copyright owners, and any required legal text. Receive GitHub pull requests for updates on a configurable schedule, or anytime on demand.
Automatically flag dependencies that have license terms incompatible with your project. For example, some projects may need to avoid using GPL-licensed dependencies.
Export data products to satisfy your security audits and IP diligence, such as an Excel spreadsheet listing all your dependencies with complete license and ownership data.
More than half of all open-source packages have missing or out-of-date ownership and license data. CorePlane uses machine learning and an expert-optimized database of dependencies to track down and repair inaccurate information.
Identify packages that have been abandoned by their authors, or suffer from known security vulnerabilities.
CorePlane keeps a digital “paper trail” for outside contributions, ensuring that your intellectual property is protected.