A relevant part of our mission is providing high-quality software for the analysis of software compliance and provenance. In a nutshell, you can use our tools for listing the external code libraries and automate the auditing tasks whenever possible. The gathered knowledge is stored using SPDX documents.

With this tool, you are able to:

  • Identify which source code files have a license declared on the header or not
  • List the third party components such as libraries, icons that are used by your software, along with a detailed description of applicable license terms
  • Edit SPDX documents using a graphical user interface



A mixture of simple design and efficiency. Initially built for our own internal usage while conducting analysis that we decided to share with other engineers/developers. You’ll find no fuss or bloated features around here, we keep it simple.

  • Recognize license terms inside source code files. You can easily teach the software to recognize new license signatures or correct them if needed
  • Code metrics. LOC (Lines Of Code) counter is included
  • SHA1, MD5, SHA256 and SSDEEP checksums are generated for each file



The EUPL (European Public License) version 1.1 without the Appendix section.


Automated download and install

From Linux, type:

wget -O - http://triplecheck.de/linux.txt | bash

For Windows, you can grab the download package available on the link below.




Windows, Linux and Mac OSX are supported.



First steps

Linux or Mac OSX, type

java -jar triplecheck.exe

Under Windows, double click on “triplecheck.exe”


 Join the team!

You find the source code at https://github.com/triplecheck/

To compile you can use NetBeans with Java. No configurations are needed but do get in contact if you need help. We made it very easy for anyone to make changes on the code, just visit the repository on GitHub and submit your changes. The more people join, the better this open source tool gets.


Comments are closed.