Open Source CLI
Ship compliant software
without the legal bills.
One command scans your codebase and generates privacy policies, terms of service, AI disclosures, and 123+ compliance documents — tailored to what your app actually does.
$ npx codepliant goClick to select, then copy. No account or API key needed.Works with your stack
The old way vs. Codepliant
Compliance should not be a manual, error-prone process.
How it works
- 01
Install
npm install -g codepliantWorks with Node.js 18+. No account required.
- 02
Scan
npx codepliant goDetects data collection, ORMs, APIs, analytics, auth, and AI usage across your codebase.
- 03
Ship
123+ documents generatedPrivacy policy, terms of service, cookie policy, AI disclosure, and more — ready to publish.
See what Codepliant generates
Real output from scanning a SaaS codebase. Every detail is derived from your actual code — not a questionnaire.
{
"project": "acme-saas",
"services": [
{
"name": "stripe",
"category": "payments",
"data": ["card info", "billing address"]
},
{
"name": "supabase",
"category": "auth",
"data": ["email", "password hash", "sessions"]
},
{
"name": "openai",
"category": "ai",
"data": ["user prompts", "generated content"]
},
{
"name": "posthog",
"category": "analytics",
"data": ["page views", "click patterns", "IP"]
},
{
"name": "sentry",
"category": "monitoring",
"data": ["error data", "stack traces"]
},
{
"name": "resend",
"category": "email",
"data": ["email addresses", "email content"]
}
]
}legal/ ├── PRIVACY_POLICY.md ├── TERMS_OF_SERVICE.md ├── COOKIE_POLICY.md ├── AI_DISCLOSURE.md ├── SECURITY.md ├── DATA_FLOW_MAP.md └── DATA_CLASSIFICATION.md 7 documents generated in 1.2s
3. Information We Collect
Financial Data
Payment card information, billing addresses, and transaction history processed through payment providers.
Collected through: stripe
AI Interaction Data
User prompts, conversation history, and AI-generated content processed through third-party AI services.
Collected through: openai
Usage & Behavioral Data
Page views, click patterns, session recordings, device information, and IP addresses.
Collected through: posthog
Output from running npx codepliant go on a Next.js SaaS project with Stripe, Supabase, OpenAI, PostHog, Sentry, and Resend.
Article 50 transparency obligations take effect August 2, 2026
137 days remaining
If your application uses AI, you must disclose it to users. Codepliant generates EU AI Act compliant disclosures from your codebase automatically.
Learn about AI disclosure requirementsTested on real projects
We ran Codepliant against popular open source codebases.
| Project | Docs generated |
|---|---|
| cal.com | 23 |
| chatwoot | 24 |
| twenty | 19 |
Verifiable, not aspirational
Every claim on this page is backed by open-source code you can audit yourself.
Tested against 1,200+ real open-source projects
Every scanner and generator is validated against real-world codebases across 13 ecosystems, from single-file CLIs to monorepos with 500K+ lines of code.
View on GitHub6,711 automated tests passing
100% scanner coverage and 95.7% generator coverage (132 of 138). The full test suite runs on every commit to prevent regressions.
See the test suiteZero network calls — your code never leaves your machine
Codepliant has no runtime dependencies and makes no outbound requests. All scanning and generation happens locally. Verify it yourself: the source is MIT licensed.
Read the source codeSee real scan results for cal.com, chatwoot, twenty, and 1,200+ other projects in the GitHub repository.
One command. Full compliance.
Start generating compliance documents from your codebase today.
npx codepliant goStar on GitHub