A suite of tools to automate software compliance checks.
Get the dependencies of your projects, supporting over a dozen different package managers.
Download the source code of your dependencies from version control systems or source artifacts.
Scan the source code using the supported license, copyright, and snippet scanners.
Get the vulnerabilities of your dependencies from different providers.
Apply custom policy rules against the gathered data using Kotlin scripting.
Generate visual reports, open source notices, SBOMs, and more.