Dependency Heaven

Automating Open Source Reports with FOSSA at Applause

Our customer Applause's SVP Rob Mason shares his experience with automating open source reports with Fossa for their customers & partners' software development.

Licensing

Cost/Benefit Analysis: Manual Audits vs Automated License Compliance

As a software company, you need to protect the integrity of your most important asset — your product and code. This article covers the cost benefit analysis of manual audits vs automated license compliance.

Engineering

Fast Integration Tests for 3rd Party Services - The Easy Way

In this article, we will learn how mocha-tape-deck is a practical way applied in most cases for integration testing.

Engineering

Reflecting on 1 year of early-stage engineering

Leo shares his experience as a software developer at Fossa. Previously, he worked at Google as a new grad where he learned organizational structure and best practices of engineering management.

Licensing

Which open source license is best for commercialization?

Choosing an open source license is an important decisions for engineering teams. This articles compares the best open sources licenses for commercialization.

Licensing

Discussing Commons Clause on Software Engineering Daily

Fossa Inc's CEO Kevin discusses Commons Clause with Software Engineering Daily Podcast.

Engineering

Pathologies of Go Package Management

TL;DR: Go package idioms make reproducible builds really easy. (Jump to section) Go package idioms also make dependency analysis really hard. (Jump to section) Go builds have a unique failure mode: they

Inside FOSSA

FOSSA 0.8.0: Overhauling our onboarding system + other usability improvements

In this update, we brought big changes for your teams. We have been working hard to build best open source management tool.

Inside FOSSA

300+ New Licenses Supported in FOSSA

We’d like to announce some major license data quality updates that we’ve introduced this weekend. We added support for over 300 new license to our library.

Customers

JS Foundation chooses FOSSA as its Open Source License Certification Provider

We’re excited to share that the JS Foundation (home of ESLint, jQuery, Lodash, Mocha, Webpack and more), has chosen FOSSA as their Open…

Inside FOSSA

Combating Alert Fatigue with a Global Issue Dashboard

This announcement post from Fossa is about the launch of new dashboard that provides tools for managing issue alerts and component data.

Inside FOSSA

Open sourcing FOSSA’s build analysis in fossa-cli

This announcement is about FOSSA's decision to open sourcing their dependency analysis infrastructure on GitHub. Check us out to participate and have access to the tools to get dependency data out of any codebase.

Inside FOSSA

Delivering a better on-premises experience

In this update, we are happy to announce the addition of GitLab Enterprise Support to our existing support for GitHub Enterprise and BitBucket Server.

On-Premises

Legal Concerns for SaaS Companies Going On-Prem

The article explains how as a SaaS company, we held the line against on-prem by creating template for on premises Software License Agreement which includes a "License Grant"and by adding an "On-Prem " option rather than sticking to a hosted services model for Open Source License Compliance.

Inside FOSSA

Organization-wide issues & conditional policies

In September, we introduced Component Search to give organization decision makers a bird’s eye view of compliance across all of their projects. Since then, we’ve been doubling down on building organization-level

Licensing

Don’t Over-REACT to the Facebook Patents License

This post was written by Heather Meeker and originally posted on the FOSSA Medium Publication in August of 2017.Recently, Apache re-classified code under Facebook’s “BSD+ Patents” license to “Category X,” effectively

The Ultimate GPL Survival Guide

If you work in consumer electronics, drones, IoT, or automotive devices based on generic Linux or Android codebases, chances are you have…

Inside FOSSA

Announcing FOSSA Public Beta & Funding

Today, I’m pleased to announce the launch of FOSSA (v0.4.0) — our public beta release to help you track your open source libraries and…

Licensing

You can’t get around code scanning if you care about open source licenses

Today, every developer uses open source software (OSS) in their apps. If you’re developing modern software, you should probably be using a…

Customers

How SmartThings runs IoT open source compliance across dozens of releases per day

Featuring: Dean Hemstreet, Vice President Q/A & Release Engineering. SmartThings, Inc.SmartThings Inc. is a technology company building an open platform for smart homes and the consumer Internet of Things. SmartThings makes

Inside FOSSA

FOSSA partners with npm to deliver open source license compliance

Read npm’s companion announcement here.Introducing FOSSA’s npm Enterprise add-onToday we’re introducing the FOSSA Licenses add-on, a plugin for npm Enterprise (npmE) that adds automated open source license compliance to

Subscribe to Dependency Heaven