TrustSource Open Source Risk Management and Compliance

The TrustSource SaaS offers a simple way to operate Open Source Governance. This plugin resolves all transitive dependencies of your project and transfers this data to the TrustSource solution. Please visit https://www.trustsource.io for more details on the platform, hosting and privacy policy. The platform knows all license and vulnerability information of open source components, derives the obligations depending on your specific case and helps to organize all required materials (e.g. Bill of materials, Notice files, etc.). NBut not enough it also supports the creation and publication of the corresponding materials. Compliance or Project managers may view all dependencies, security analysts may assess vulnerabilities or compliance ,managers may manage legal obligations without the need to access code, while developers may supply the platform from within their IDE. Find more information at https://www.trustsource.io/features Additional dependency graphs as well a magnitude of reports, lists and filters help to manage the complexity of even larger project in a smooth way. The plugin itself is open source (see Github) the platform has a free usage tier (API key required).