• License Compliance
  • Security Management
  • About FOSSA
  • Contact Us
  • License Compliance
  • Security Management
  • About FOSSA
  • Contact Us
  • Log in
    Log in

Dependency Heaven

Open source, dependencies, and licensing by the people at FOSSA.

  • All Articles
  • License Compliance
  • Inside FOSSA
  • Software Composition Analysis
  • Developer Perspectives
Open Source License Compliance

Open Source Software Licenses 101: Mozilla Public License 2.0

Get an overview of key provisions in the Mozilla Public License 2.0, and see why OSS users and authors alike may be drawn to it.

  • FOSSA Editorial Team
5 min read
Developer Perspectives

Top Build Systems for Monorepos

See how build systems like Bazel, Buck, and Pants help organizations tackle some of the complexities that come with using monorepos.

  • FOSSA Editorial Team
5 min read
Open Source License Compliance

Open Source Software Licenses 101: The BSD 3-Clause License

Get the lowdown on the BSD 3-Clause open source software license, including key requirements and how it compares to other BSD license variants.

  • FOSSA Editorial Team
6 min read
Software Composition Analysis

Software Supply Chain Security for Automotive Organizations

Technological innovation in the automotive industry has put software supply chain security in the spotlight.

  • FOSSA Editorial Team
5 min read
Open Source in the News

How OSS Conquered the World: Insight from Veteran Developers

Join FOSSA's Konstantin Gredeskoul and veteran engineer Bryan Cantrill for an informative and entertaining podcast on the growth and history of open source software.

  • Konstantin Gredeskoul
    Konstantin Gredeskoul
2 min read
Open Source License Compliance

Building an Open Source Program Office (OSPO)

Explore elements of an Open Source Program Office (OSPO), including staffing strategies, strategic pillars, and more.

  • FOSSA Editorial Team
4 min read
Open Source License Compliance

Open Source Software Licenses 101: GPL v3

Get an overview of the GPL v3 open source software license and what it permits, requires, and prohibits of users. Also, see how it compares to GPL v2.

  • FOSSA Editorial Team
5 min read
Open Source License Compliance

Open Source Software Licenses 101: GPL v2

See what the popular copyleft open source software license GPL v2 requires, allows, and prohibits of users.

  • FOSSA Editorial Team
5 min read
Open Source License Compliance

How to Choose an Open Source Software License Compliance Tool

Here are five features to prioritize when evaluating open source software license compliance tools.

  • FOSSA Editorial Team
4 min read
Open Source Vulnerability Management

JavaScript Security: What Every Developer Should Know

Get the latest on today's top JavaScript security concerns, including common vulnerabilities and vulnerable libraries, as well as strategies to protect your organization.

  • FOSSA Editorial Team
5 min read
Open Source in the News

4 Takeaways from the 2021 State of Open Source Vulnerabilities Report

Dive into the latest data on today's open source security landscape, and see which libraries and languages are most vulnerable to attacks.

  • FOSSA Editorial Team
2 min read
Open Source License Compliance

Open Source Licenses 101: Apache License 2.0

Explore key elements of the popular Apache 2.0 open source software license and how it compares to other permissive OSS licenses.

  • FOSSA Editorial Team
5 min read
Developer Perspectives

How to Apply a License to Your Open Source Software Project

Get step-by-step guidance on how to add a license to your open source software project and how to approach copyright statements.

  • Konstantin Gredeskoul
    Konstantin Gredeskoul
12 min read
Open Source License Compliance

Open Source Software Licenses 101: The MIT License

Get an overview of the extremely popular MIT open source software license, including what it allows, prohibits, and requires of its users.

  • FOSSA Editorial Team
5 min read
Open Source in the News

Takeaways from ISO/IEC DIS 5230: OpenChain Specification

Explore key takeaways from ISO/IEC DIS 5230: OpenChain Specification, including steps to becoming an OpenChain Conformant organization.

  • FOSSA Editorial Team
3 min read
Open Source in the News

Top Security Takeaways from the 2020 FOSS Contributor Survey

See four top security takeaways from the 2020 FOSS Contributor Survey, which was produced by the Linux Foundation and Harvard's Laboratory for Innovation Science.

  • FOSSA Editorial Team
5 min read
Software Composition Analysis

The Future of Software Composition Analysis, Featuring Forrester

Software composition analysis will continue to evolve to help organizations reduce risk in their use of often source software.

  • Gauthami Polasani
4 min read
Developer Perspectives

Improving Page Speed Using Google PageSpeed Insights in Rails Apps

See how to improve web performance when working in a Rails codebase with Google’s PageSpeed Insights.

  • Taylor Wong
5 min read
Software Composition Analysis

5 Ways Companies Can Get More Value From Open Source Software

See what your organization can do in areas like compliance, security, and automation to get more value from open source software.

  • Marko Bocevski and Ryan Sheldrake
6 min read
Open Source in the News

SolarWinds, Supply Chain Attacks, and Software Composition Analysis

Software supply chain security has been in the spotlight following the SolarWinds hack. Here's how you can strengthen your defenses against such an attack.

  • FOSSA Editorial Team
6 min read
Open Source License Compliance

How UiPath Reduced Open Source Risk Through Team Collaboration

Experts from UiPath share best practices to help teams collaborate to reduce risk in their use of open source software.

  • FOSSA Editorial Team
6 min read
Software Composition Analysis

What is Software Composition Analysis?

Get an overview of software composition analysis and why it plays a critical role in helping companies reduce risk in their use of open source.

  • FOSSA Editorial Team
4 min read
Developer Perspectives

Pros and Cons of Using Monorepos

Monorepos have gained popularity in recent years, especially in engineering-led companies. Explore the pros and cons of using them in your organization.

  • Taylor Udell
    Taylor Udell
4 min read
Open Source License Compliance

How Zendesk’s Legal Team Scored an Open Source Compliance Victory

See how Zendesk's legal team improved its open source license compliance program, achieving significant time savings and stronger collaboration with engineering.

  • FOSSA Editorial Team
3 min read
Inside FOSSA

FOSSA Announces SOC 2 Compliance

We're excited to announce that FOSSA has passed our SOC 2 audit and received our SOC 2 Type 2 report.

  • FOSSA Editorial Team
2 min read
  • For the Love of Open Source © 2021 FOSSA, Inc.
  • Privacy Policy
  • Terms & Conditions