Enterprise OSS Compliance Platform

Comprehensive code similarity detection and license compliance for modern software development

58%
Complete
10
Components
700+
SPDX Licenses

Platform Capabilities

Available Features

  • Package Download Engine Automated source retrieval from PURL (npm, PyPI, Maven, Go, Cargo)
  • Code Pattern Mining Advanced signature extraction and semantic analysis algorithms
  • Binary Component Scanner Detection of embedded OSS components in compiled binaries
  • License Detection System Identification of 700+ SPDX licenses with confidence scoring
  • AI-Powered Analysis Intelligent pattern recognition using agentic framework
  • Metadata Extraction Universal parser supporting 13 package ecosystems
  • Source Identification Package coordinate mapping using SWHIDs and fingerprinting

In Development

  • Web Management Interface Enterprise dashboard for scan submission and monitoring
  • RESTful API Programmatic access with authentication and rate limiting
  • Automated Notice Generation Legal document creation with attribution requirements
  • Batch Processing Pipeline Concurrent analysis of multiple packages with queue management
  • Compliance Dashboard Real-time metrics, trends, and risk assessment reports
  • CI/CD Integration Native plugins for Jenkins, GitLab, GitHub Actions

Component Status

Frontend UI In Dev

Web interface for scan submission and results visualization

Version: 0.0.0 | License: MIT
Backend API In Dev

Core API services with scan queue management and orchestration

Version: 0.0.0 | License: MIT
PURL to Source Ready

Downloads source code from Package URLs (npm, PyPI, Maven, etc.)

Version: 0.1.1 | License: MIT
🔗 GitHub 📦 PyPI
Code Miner Ready

Extracts code patterns and performs initial license detection

Version: 1.7.0 | License: Private Beta
Binary Sniffer Ready

Identifies hidden OSS components embedded in binary files

Version: 1.10.1 | License: MIT
🔗 GitHub 📦 PyPI
Open Agentic Framework Ready

Agentic analysis framework for intelligent code pattern detection

Version: 1.1.0 | License: Apache-2.0
🔗 GitHub
OS License Identification Library Ready

High-performance license detection across 700+ SPDX identifiers with confidence scores

Version: 1.2.6 | License: Apache-2.0
🔗 GitHub 📦 PyPI
PURL to Notice In Dev

Generates legal notices with licenses and copyright information

Version: 0.0.0 | License: MIT
CCDA In Dev

Code Copycat Defender Advisory - Evolution of OSSA Scanner for semantic code copycat detection and advisory generation

Version: 0.0.0 | License: MIT
UPMEX Ready

Universal package metadata extractor supporting 13 package ecosystems

Version: 1.5.0 | License: MIT
🔗 GitHub 📦 PyPI
Source To ID Ready

Identifies package coordinates from source code using SWHIDs and multiple strategies

Version: 1.1.2 | License: AGPL-3.0
🔗 GitHub 📦 PyPI
PURL2Risk In Dev

Comprehensive risk intelligence including CVEs, business continuity, and OSS health metrics

Version: 0.0.0 | License: MIT
View on GitHub