About Codepliant

Every application that collects user data needs legal documents — privacy policies, terms of service, cookie disclosures, AI transparency notices. Traditionally, developers face three options: copy generic templates that don't reflect what their software actually does, pay thousands for legal counsel, or skip compliance entirely and hope for the best.

We built Codepliant because none of those options are acceptable. Compliance documents should be accurate, accessible, and derived from reality — not from a questionnaire someone filled out six months ago.

Codepliant takes a fundamentally different approach to compliance. Instead of asking you to fill out forms about what your application does, it reads your code and figures it out.

The CLI scans your project's dependencies, imports, environment variables, and configuration files. It detects which services your application actually uses — which payment processors, analytics tools, authentication providers, AI models, databases, and monitoring services are in your stack. Then it generates jurisdiction-aware compliance documents that reference your actual services by name.

Not “third-party analytics.” It says PostHog because it found PostHog in your code.

Codepliant is open source under the MIT license. The scanning engine, every service signature, and all document generators are publicly available. We believe that compliance tooling must be transparent — you should be able to audit exactly how your documents are generated.

Contributions are welcome and encouraged. Whether it's new scanner signatures, additional document types, ecosystem support, documentation improvements, or bug reports — the project grows through community involvement.

Codepliant is maintained by a growing community of developers who believe compliance should be automated, not outsourced. The project welcomes contributions of all kinds — from new scanner signatures and document generators to documentation and bug fixes.