What is RunSafe’s license compliance feature?

RunSafe’s license compliance tool automatically detects open source licenses in your embedded software and enforces your organization’s licensing policy. RunSafe integrates with your CI/CD pipeline to block noncompliant or high-risk licenses—such as GPL or AGPL—before code ships, helping teams protect their IP and maintain compliance without slowing development.

How does RunSafe detect open source licenses in embedded code?

RunSafe generates file-level Software Bill of Materials (SBOMs) at build-time. This means it identifies license information directly from file headers, repository metadata, and vendor drop-ins, even when no package manifests exist—as is common in C and C++ projects. This approach provides far more accuracy than traditional post-build scanners.

How does RunSafe help prevent copyleft license violations?

Copyleft licenses can require companies to open source their proprietary code if used inadvertently. RunSafe prevents this by detecting licenses in your software and enforcing your license policy in real time. If a disallowed license as set in your policy is detected, the pipeline will fail, and developers receive detailed logs pinpointing the offending file.

Can I define my own license compliance policy?

Yes. RunSafe allows you to customize license rules for your organization or individual projects. You can approve, deny, or flag licenses for review, and choose your enforcement posture—either “allow-by-default” for flexibility or “deny-by-default” for maximum control.

Does RunSafe integrate with existing CI/CD workflows?

Absolutely. RunSafe plugs directly into CI/CD pipelines such as GitHub Actions, GitLab CI, Jenkins, or Azure DevOps . Once configured, every build automatically generates an SBOM, checks it against your policy, and fails pipelines containing noncompliant licenses without manual review.

What makes RunSafe different from other license compliance tools?

License compliance is only as good as your ability to detect licenses in your software. RunSafe detects licenses with our build-time SBOM generator, which provides file-level visibility into licenses, making it uniquely effective for embedded, C/C++, and real-time OS environments where traditional tools that rely on package managers or binary analysis fail. RunSafe also integrates license compliance directly with RunSafe’s broader software supply chain security capabilities, including vulnerability identification and runtime code protection.

Open Source License Compliance
for Embedded Software

Set license policy and enforce compliance within your development pipeline to protect IP, prevent copyleft violations, and reduce risk in proprietary software.

REQUEST A CONSULTATION

Control the Open Source Licenses that Ship in Your Code

Set policies based on your organization’s risk profile with RunSafe’s open source license compliance tool.

With RunSafe, you can easily decide which licenses are safe, which licenses are off-limits, and how your build pipelines should react if an undesirable license is discovered.

REQUEST A CONSULTATION

RunSafe Automates License Compliance for Every Build



Detect Open Source Licenses

See a list of all the licenses in your software as detected by RunSafe’s build-time SBOM generator.

You can also view a list of common open source licenses and choose which to allow or deny.



Define Custom License Policy Rules

Configure organization-wide rules to stop the delivery of code licensed under restrictive licensing terms.

Choose to “allow by default” or “deny by default” as new licenses are found.



Enable Automatic Pipeline Enforcement
& Alerts

Enforcement happens automatically in your CI/CD pipeline. Pipelines containing denied licenses will fail with clear output in your logs, identifying exactly which licenses triggered the block.



Adapt as Your Dependencies Grow

As your team adds new libraries or updates existing ones, newly detected licenses automatically appear in your unset list for review. Move individual licenses between allowed and denied at any time as your policy matures.

Protect IP & Improve Software Supply Chain Security

Prevent Copyleft Violations

Protect Proprietary Source Code

Reduce Software
Risk

Avoid Legal
Action

Speed Up Remediation for Developers

RunSafe License Compliance FAQs

What is RunSafe’s license compliance feature?

RunSafe’s license compliance tool automatically detects open source licenses in your embedded software and enforces your organization’s licensing policy. RunSafe integrates with your CI/CD pipeline to block noncompliant or high-risk licenses—such as GPL or AGPL—before code ships, helping teams protect their IP and maintain compliance without slowing development.
How does RunSafe detect open source licenses in embedded code?

RunSafe generates file-level Software Bill of Materials (SBOMs) at build-time. This means it identifies license information directly from file headers, repository metadata, and vendor drop-ins, even when no package manifests exist—as is common in C and C++ projects. This approach provides far more accuracy than traditional post-build scanners.
How does RunSafe help prevent copyleft license violations?

Copyleft licenses can require companies to open source their proprietary code if used inadvertently. RunSafe prevents this by detecting licenses in your software and enforcing your license policy in real time. If a disallowed license as set in your policy is detected, the pipeline will fail, and developers receive detailed logs pinpointing the offending file.
Can I define my own license compliance policy?

Yes. RunSafe allows you to customize license rules for your organization or individual projects. You can approve, deny, or flag licenses for review, and choose your enforcement posture—either “allow-by-default” for flexibility or “deny-by-default” for maximum control.
Does RunSafe integrate with existing CI/CD workflows?

Absolutely. RunSafe plugs directly into CI/CD pipelines such as GitHub Actions, GitLab CI, Jenkins, or Azure DevOps. Once configured, every build automatically generates an SBOM, checks it against your policy, and fails pipelines containing noncompliant licenses without manual review.
What makes RunSafe different from other license compliance tools?

License compliance is only as good as your ability to detect licenses in your software. RunSafe detects licenses with our build-time SBOM generator, which provides file-level visibility into licenses, making it uniquely effective for embedded, C/C++, and real-time OS environments where traditional tools that rely on package managers or binary analysis fail. RunSafe also integrates license compliance directly with RunSafe’s broader software supply chain security capabilities, including vulnerability identification and runtime code protection.

Gain Confidence in Your Open Source License Compliance

Protect your IP, prevent copyleft violations, and ship every release knowing your code meets your organization’s policies.

Request a Consultation

Open Source License Compliance for Embedded Software