Effortless open source management

Automated license compliance, dependency analysis and reports at each commit



Sign up with Github


Sign up with Email   ·   Request On-Prem

FOSSA continuously scans your dependencies to make realtime compliance effortless.





Instead of struggling through walls of people & process...



...let FOSSA run compliance in the background!



See how releases dozens of times a day with automated compliance »

Discover your toolkit




Deep code scanning Premium

Full code scans run across all your deep dependencies, picking up raw license headers or files inline.

  • Detects embedded GPL, even when not reported by developers
  • Additional parsing for metadata, notice files and webpages
    referenced in code
  • Differentiates between declared, nested & included licenses
    (from i.e. copy-pasted modules/files)
  • Fully configurable detail & depth
  • Intelligently handles dual/multi-licensed code
Why do I need full license scanning?

Detecting license/policy violations

On each commit, FOSSA runs your code through a battery of licensing tests.

  • Ensures all dependencies are properly licensed
  • Flags libraries with problematic licensing terms based off your app type, or conflict with company policies
  • Default policy templates drafted by top lawyers are shipped with FOSSA for all common types of apps.
  • Provides license request templates & standard propritary license grants

Smart review workflow

Intelligent and dead-simple issue review that plugs into your favorite tools.

  • Module relationship, issue metadata and code browsing embedded inline for easy review
  • Smart remediation suggestions and update strategies to fix multiple issues
  • Automatically export & sync with JIRA/issue trackers
  • Full audit logs as issues progress and are resolved
  • Track notes, add licenses and persist/rollback fixes within issue UI

Integrations & realtime alerts

Proactively address license issues with alerts routed to the stakeholders or embedded in your workflow.

  • Route realtime alerts through Email, Slack, JIRA and more...
  • Code review & pull request integrations to prevent bad code from landing into master
  • Native support for multiple branches, tags and release channels
  • Fully customizable notification policies

Automated attribution & reports

Fully satisfy attribution requirements in one click -- no more manual audits.

  • Includes raw license headers directly from code, even if edited by developer
  • Customizable detail and depth of reports
  • Exports to PDF, Markdown, HTML, JSON and more...
  • Downloadable or hosted option to link to

Dependency & license management Premium

Effortlessly manage your licenses and dependencies across releases

  • Fully searchable and filterable list of all dependencies/licenses
  • Plain-english checklists of license obligations across hundreds of license files included in your app
  • Explore relationships between modules and if/how dependencies are included in your build
  • Compare changes in your dependency tree across releases

Keep work humming with benefits for the whole team





Legal

Disclosures, attribution & compliance status always available within one click.



DevOps

Ship anytime with a clean bill of health. Easily track changes across releases.



Developer

Freely use libraries, letting your tools catch issues before integration.




Directly integrate with your code & tools


Dozens of language and tooling integrations ready out of the box.


View Integration Docs

Ready to get started?

Company compliance in 60 seconds.


Sign up with Github Schedule a demo