New release v1.7 introduces Notice-file-Generator

We are proud to announce the long awaited Notice File Generator. With this tool the time consuming digging through files and collection of license information belongs to the past. With the Notice-File Generator it will be available in only one click!

For all scanned projects TrustSource evaluates resulting obligations depending on project context. For each license-component combination the resulting documentation requirements are derived and the information will be assembled into the Notice-File. Wherever change notices or author credits will be required, TrustSource will try to fill the information from its Knowledgebase or outline a Todo. So the Compliance Managers work can focus on closing the gaps. Due to our shared open source component base, digging for authorship or copyright information must not be done, where another customer already did the job. This will reduce clearing time a lot!

In addition to that we renovated and extended some of our plugins. Now it is possible to break your build based on the results of a scan, e.g. on violations using most of the plugins. This extends your compliance  control over the CI/CD chains. Also proxy capability has been added, so that a use behind corporate firewalls is possible as well.

The new user management allows free accounts to login using Github or LinkedIn-accounts.  Also the new Identity Management introduces the option, to add multiple roles to a single user inside the same  company.  This increases the flexibility of your role design. Starting from corporate versions on, also Multi-factor-authentication is available. Integration of LDAP and other identity providers is available as well.

Read more about the features in our Knowledge base.


New Release v1.6 available

We are happy to announce availability of v1.6! Also v1.6 comes with massive new features, focused on process improvements. Read more:

New Features

  • Vulnerability-alert -  It took us quiet a bit, to get the matching towards a reasonable quality, but we manged it after all. You will now get notified by TrustSource, if new vulnerabilities appear for components that you are using in your most recent build.
  • "Action required" items in inbox - Especially for our compliance managers we provide an in box on the dashboard listing all open approval requests. This allows you to immediately see, where action is required.
  • Dependency graph - The so called dependency list is a flat list of all components entering the project even through transitive dependencies. To allow a better understanding of the impact this component has, the graphical display allows to actually _see_ the position within the dependency graph. You may modify the appearance and expand or shrink single nodes for better visibility.

Improvements

  • Improve rule sets - Based on customer feedback and own research, we were able to improve the analysis results of several licenses.
  • Improved maven Plugin - The maven plugin has been extended to support the check functionality allowing to verify components on dev-desktop without the need to push a scan.
  • Improved Jenkins Plugin - Also the Jenkins plugin has been extended to use the transient version of the check-API.

Fixes

  • Add name in register form - Changing your name after having been invited while login in the first time is possible now.
  • Propagate deletion of all members - Changing members of a project respectively a all modules within a project at once has been introduced since a while. But it has not been recognized that the propagation of an empty list does not immediately take effect. This has been fixed now.

Our next version v1.7 will focus on security and extend the login capabilities. We will introduce alternative ways to authenticate and simplify corporate SSO. The given role model has been reviewed and will be tuned towards more flexibility.

If you want to get an overview or some insights in to our roadmap, feel free contacting our sales team! They will be happy presenting you the upcoming steps.

If you feel like there should be some features you do not see on the horizon, please let us know! Our business development or your engagement manager will be happy to hear about your ambitions.