Add-on Packs
Note
The Advanced Development Pack (ADP) capabilities have been integrated into the general Lifecycle product. These changes are accessible with IQ Server version 100 and above. For customers with IQ server versions between 100 and 134, your admin may need to re-upload your organization’s existing Lifecycle license or restart the IQ Server to see these additional capabilities.
Advanced Legal Pack
Sonatype’s Advanced Legal Pack (ALP) is an add-on to Sonatype Lifecycle (release 108 and higher) that helps your organization streamline open-source software (OSS) license compliance, mitigate license risk, and expedite feedback between legal and development teams.
Features of Sonatype Advanced Legal Pack (ALP)
Attribution Reports
Automated generation of attribution reports that comply with more than 90% of OSS license obligations
Customizable and editable attribution reports
Provides the ability to save attribution and obligation resolutions on a per component (or per license) basis, for future reference
Accurate and dependable attribution data to comply with legal requirements for cloud computing or third-party governance
ML-enabled Source Code License Detection
A new machine learning model incorporated into the ALP extends the functionality of detecting source code or observed licenses beyond the Maven ecosystem to Sonatype's premium ecosystems. The ML-enabled license detection offers:
Unparalleled accuracy
Disambiguation between a library's attributions and attestations and its own licenses
Full legal risk profile of a third party dependency
Extended Legal Data
Extended legal data for components to make legal decisions or fulfill legal obligations
Includes data that is required to be preserved or attributed to in liberal licenses, for e.g. notice texts, license texts and copyright statements
Automated collection of all copyrights, required notices, and license texts identified in a given OSS component for Sonatype's premium ecosystems*.
* Note: Go/Golang ecosystem is currently not supported by ALP.
Legal Compliance Workflow
ALP’s legal compliance workflow makes it easy for legal reviewers to examine the extended legal data and fulfill legal obligations.
When a reviewer decides that an obligation has been fulfilled, that work can be saved at the global, organization, or application level to ensure that future uses of the same component benefit from the same review.
ALP’s workflow provides obligation management in compliance with industry standards.
For more information on the ALP, please see:
Advanced Legal Pack overview page