Add-on Packs

Lifecycle Developer Features

The Advanced Development Pack (ADP) capabilities have been integrated into the general Lifecycle product. These changes are accessible with IQ Server version 100 and above. For customers with IQ server versions between 100 and 134, your admin may need to re-upload your organization’s existing Lifecycle license or restart the IQ Server to see these additional capabilities.

Advanced Legal Pack

 

Sonatype’s Advanced Legal Pack (ALP) is an add-on to Sonatype Lifecycle (release 108 and higher) that helps your organization streamline open-source software (OSS) license compliance, mitigate license risk, and expedite feedback between legal and development teams.

Salient Features of Sonatype Advanced Legal Pack (ALP)

Attribution Reports

  • Automated generation of attribution reports that comply with more than 90% of OSS license obligations
  • Customizable and editable attribution reports
  • Provides the ability to save attribution and obligation resolutions on a per component (or per license) basis, for future reference
  • Accurate and dependable attribution data to comply with legal requirements for cloud computing or third-party governance

ML-enabled  Source Code License Detection

A new machine learning model incorporated into the ALP extends the functionality of detecting source code or observed licenses beyond the Maven ecosystem to Sonatype's premium ecosystems. The ML-enabled  license detection offers:

  • Unparalleled accuracy
  • Disambiguation between a library's attributions and attestations and its own licenses
  • Full legal risk profile of a third party dependency

Extended Legal Data 

  • Extended legal data for components to make legal decisions or fulfill legal obligations
  • Includes data that is required to be preserved or attributed to in liberal licenses, for e.g. notice texts, license texts and copyright statements
  • Automated collection of all copyrights, required notices, and license texts identified in a given OSS component for Sonatype's premium ecosystems*.

* Note: Go/Golang ecosystem is currently not supported by ALP.

Legal Compliance Workflow

  • ALP’s legal compliance workflow makes it easy for legal reviewers to examine the extended legal data and fulfill legal obligations.
  • When a reviewer decides that an obligation has been fulfilled, that work can be saved at the global, organization, or application level to ensure that future uses of the same component benefit from the same review.
  • ALP’s workflow provides obligation management in compliance with industry standards.


For more information on the ALP, please see: