DejaCode - What's in your software!
The open data platform for managing open source and third-party software components in your products!
DejaCode(™) enables your organization to actively discover, manage and monitor the open source and third-party software components you use in software products. DejaCode helps you define efficient governance for evaluating and approving the use of open source components, implement effective policies to mitigate potential risk from open source licenses, and automate compliance with open source license obligations. Find out more at http://www.dejacode.com
DejaCode is a central business system for managing open source and third-party software components but also your policies, software licenses, software components, and products. DejaCode is designed to accept software inventories and Bill of Materials from any system.
DejaCode is nexB's product suite for managing a software component supply chain. Discover it today at http://www.dejacode.com
- Centrally manage software component and license information from any source - internal or external audit, software development system or other
- Track complete Software BOM for any product or system, including unlimited versions
- Apply your policies to usage of licenses or components
- Generate Attribution and Redistribution documentation for open source components of a Product
- License Library - A repository of software licenses including a comprehensive set of public open source licenses and proprietary licenses. For each license, DejaCode Enterprise has a comprehensive matrix of obligations and restrictions based on your policies.
- Component Catalog - A repository of reusable software components including open source, third-party and original software. For each component, DejaCode Enterprise has detailed metadata including origin, license, language, recommended usage and "where used" in your organization.
- Product Portfolio - A repository of Software BOMs for your products and products that you have licensed. For each Software BOM, DejaCode Enterprise has a complete list of the software components and other files including links to the Component Catalog where relevant.
TraceCode helps companies determine which subset of their source code is Deployed in their Product. This is essential since key license obligations comes from interactions and deployment.
TraceCode addresses the current problem with D2D analysis today:
- Current techniques are static, incomplete and require an expert interpretation to get only partial results,
- It is very difficult to obtain what is needed from
- Complete Debug builds are not the norm,
- Builds are complex and hard to modify.
- With current techniques, you can determine that something is built, but cannot conclude 100% that something is not Deployed.
AboutCode provides a simple way to document the provenance (origin and license) and other important or interesting information about third-party software components that you use in your project.
The tool is a command line based utility written in Python, released under Apache 2.0, and is available on GitHub at https://github.com/dejacode/about-code-tool. AboutCode helps automate open source software compliance that is needed throughout the software lifecycle. You can read the spec at http://www.dejacode.org/about_spec_v0.8.1.html. nexB works with its clients to implement this easy way to document open source and third party software license obligations.