EN/DE Start free trial
Licences

License Compliance

Open-source use is not a grey area — it is precisely regulated by law. TrustSource automatically determines all obligations based on your actual components and their status, generates Notice Files and checks for licence conflicts. Legally sound, not guesswork.

Check your licence posture now →
License Compliance

At a Glance

SBOM & Notice Files

On demand: complete SBOM in CycloneDX or SPDX format, plus Notice Files with all copyrights, authors, licence texts and legal disclaimers.

LegalCheck per Component

Legal obligations are determined automatically per component status (modified/unmodified) and licence type — no manual case-by-case review.

Licence Compatibility

LegalCheck detects incompatible licence combinations, flags conflicts and helps resolve them — including when your distribution model changes.

Shared Clearing

Cleared once, available to all: every user benefits from the community's clearing work. Bulk-scanning prepares information for automatic reuse.

Bulk Scanning

Automated dependency scans at file level — TrustSource scans, clears and retains clearing information for future projects.

Release SBOMs

SBOMs available at any time — current state or tied to a specific release — for audits, customers, regulators or internal documentation.

The Challenge

Anyone using open-source components takes on obligations — towards licence holders, customers and regulators. The question is not whether, but which ones: Must you provide the source code? Is a notice in the documentation sufficient? What happens if you modified the component? All of this depends on the licence type, component status and deployment scenario — and changes as soon as any of these parameters change.

How LegalCheck works

LegalCheck analyses every component in the project context: which licence applies, was the component modified, how is the software distributed? Based on this, TrustSource determines the concrete legal obligations and automatically creates the required Notice File structure — pre-filled with known information such as copyrights, authors, licence texts and legal disclaimers.

LegalCheck is open source and free to use — ts-legalcheck on GitHub ↗

Licence Compatibility: when licences clash

Not all open-source licences are compatible. GPL-2.0 and Apache-2.0 in the same product can become a real problem — LegalCheck detects such incompatibilities, explains the root cause and suggests ways to resolve the conflict.

Use case: when the distribution model changes

A web application is suddenly going to be deployed via Docker at the customer's site. What does that mean for documentation obligations? With automated legal analysis, alternative deployment scenarios can be simulated and consequences identified early: if a copyleft licence is in the stack and a component has been modified, a changed distribution model may trigger additional declaration obligations — before the customer receives the software.

Shared Clearing: cleared once, everyone benefits

Bulk scanning at file level automates the collection and preparation of clearing information for reuse. Every component a user clears becomes available to the entire community — a collective body of knowledge that grows with every project.