Understand your open source

Automate license compliance, open source reports and dependency analysis at each commit

Sign up with Github

Sign up with Email   ·   Request On-Prem

Continuously scan and comply with open source licenses
without slowing down your workflow.

Instead of manually auditing dependencies, enforcing licenses & compiling attribution...

...let FOSSA handle compliance in the background!

See how releases dozens of times a day with automated compliance »

Powerful toolkit

Deep code scanning Premium

Surface raw, hidden licenses across your deep dependencies, correctly identified even if after edits.

  • Detects embedded GPL, even when not reported by developers
  • Additional parsing for metadata, notice files and webpages
    referenced in code
  • Differentiates between declared, nested & included licenses
    (from i.e. copy-pasted modules/files)
  • Fully configurable detail & depth
  • Intelligently handles dual/multi-licensed code
Why do I need full license scanning?

Blocking license violations

On each commit, FOSSA runs your code through a battery of licensing tests and can block violations through CI and code review.

  • Ensures all dependencies are properly licensed
  • Flags libraries with problematic licensing terms based off your app type, or conflict with company policies
  • Default, customizable policy templates drafted by top lawyers are shipped with FOSSA for all common types of apps.
  • Provides license request templates & standard propritary license grants

Smart review workflow

Intelligent and dead-simple issue review that plugs into your favorite tools.

  • Module relationship, issue metadata and code browsing embedded inline for easy review
  • Smart remediation suggestions and update strategies to fix multiple issues
  • Automatically export & sync with JIRA/issue trackers
  • Full audit logs as issues progress and are resolved
  • Track notes, add licenses and persist/rollback fixes within issue UI

Integrations & realtime alerts

Proactively address license issues with alerts routed to the stakeholders or embedded in your workflow.

  • Route realtime alerts through Email, Slack, JIRA and more...
  • Code review & pull request integrations to prevent bad code from landing into master
  • Native support for multiple branches, tags and release channels
  • Fully customizable notification policies

Automated attribution & reports

Fully satisfy attribution requirements in one click -- no more manual audits.

  • Includes raw license files/headers pulled directly from code, even if edited by developer
  • Customizable detail and depth of reports
  • Exports to PDF, Markdown, HTML, JSON and more...
  • Downloadable or hosted option to link to

Dependency/license management Premium

Effortlessly manage your licenses and dependencies across releases

  • Fully searchable and filterable list of all dependencies/licenses
  • Plain-english checklists of license obligations across hundreds of license files included in your app
  • Explore relationships between modules and if/how dependencies are included in your build
  • Compare changes in your dependency tree across releases

Integrate compliance with one click

Dozens of language and tooling integrations ready out of the box.

View Integration Docs

Keep work humming with benefits for the whole team


Disclosures, attribution & compliance status always available within one click.


Ship anytime with a clean bill of health. Easily track changes across releases.


Freely use libraries, letting your tools catch issues before integration.

Ready to get started?

Get an integrated and trusted process
running in the next 2 minutes.

Sign up with Github Schedule a demo