• License Compliance
  • Vulnerability Management
  • About FOSSA
  • Contact Us
  • License Compliance
  • Vulnerability Management
  • About FOSSA
  • Contact Us
  • Request Demo
    Request Demo

Dependency Heaven

Open source, dependencies, and licensing by the people at FOSSA.

  • Vulnerability Management
  • License Compliance
  • Open Source in the News
  • Software Composition Analysis
  • Developers

Featured Articles

Open Source License Compliance

Heather Meeker on Open Source License Compliance Tools

Leading OSS licensing expert Heather Meeker shares guidance to help organizations evaluate new compliance tools and get more value from existing ones.

  • Heather Meeker
    Heather Meeker
9 min read
Open Source License Compliance

Customer Q&A: Collibra's Journey to Scaling OSS License Compliance

Amanda Weare, Collibra’s VP and Deputy General Counsel, discusses her experience managing Collibra's open source license compliance program.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Inside FOSSA

The FOSSA Podcast: Structuring and Growing a Customer Success Team

This episode of The FOSSA Podcast offers guidance on structuring customer success teams and building a company-wide customer-success mindset.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Open Source License Compliance

Containers and Open Source License Compliance

There are many open source components in the container ecosystem, which means container users must be mindful of license compliance obligations.

  • FOSSA Editorial Team
    FOSSA Editorial Team
9 min read
Inside FOSSA

The FOSSA Podcast: Early-Stage Technology Decisions and Regrets

The second episode of The FOSSA Podcast covers early-stage start-up technology choices, including picking programming languages and databases.

  • FOSSA Editorial Team
    FOSSA Editorial Team
7 min read
Open Source in the News

2023 Open Source Management Trends, Predictions, and Observations

In 2023, we expect organizations to prioritize using SBOM data, automating open source license compliance, and maintaining visibility into software composition.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read

The FOSSA Podcast: Adopting Haskell into an Existing Codebase

Episode One of the FOSSA Podcast covers our team adopted Haskell, characteristics of the language, and pros and cons for teams considering it.

  • FOSSA Editorial Team
    FOSSA Editorial Team
9 min read
Open Source Vulnerability Management

How to Operationalize SBOMs Throughout the SDLC

Explore best practices for getting value from software bill of materials (SBOM) data throughout the software development lifecycle.

  • Kenaz Kwa
    Kenaz Kwa
4 min read

Thank you for submitting details. Your email address is added to our subscription list.

Inside FOSSA

Announcing Support for CycloneDX and SBOM Import

FOSSA is excited to announce new support for importing SBOMs along with the CycloneDX SBOM standard.

  • Gauthami Polasani
    Gauthami Polasani
2 min read
Inside FOSSA

How to Use 1Password to Authenticate the FOSSA CLI

1Password has released a shell plugin that will enable FOSSA users to authenticate with a simple fingerprint scan. Here's how to use it.

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Software Composition Analysis

How Applause Makes Open Source Management Work for Developers

See how Applause has built developer-friendly open source license compliance and security programs with a significant assist from FOSSA.

  • FOSSA Editorial Team
    FOSSA Editorial Team
5 min read
Open Source License Compliance

Complying with GPL v3’s User Product Clause

Explore strategies for complying with the GPL v3 software license's User Product clause.

  • Chris Stevenson
    Chris Stevenson
5 min read
Open Source License Compliance

Managing OSS License Compliance Risks in Commercial Software Licensing Agreements, Featuring Jim Markwith

Organizations that ship products are ultimately responsible for OSS license compliance — even if the issue stems from a vendor-supplied component.

  • Jim Markwith
    Jim Markwith
6 min read
Inside FOSSA

Announcing the GA of C and C++ Security and License Scanning

We're thrilled to announce the GA of our security and license scanning for C and C++ projects, which will help users secure their critical applications

  • Gauthami Polasani
    Gauthami Polasani
3 min read
Inside FOSSA

November 2022 FOSSA Product Updates

We’re excited to announce new support for C/C++ and updates to our issue resolution workflow, container scanning offering, and integration with Azure repos.

  • Gauthami Polasani
    Gauthami Polasani
2 min read
Open Source Vulnerability Management

OpenSSL Vulnerability 2022: Details and Fixes

Two new high-severity vulnerabilities impacting OpenSSL have been disclosed. Here's what we know about the issues and how to address them.

  • FOSSA Editorial Team
    FOSSA Editorial Team
2 min read
Open Source in the News

CVE-2022-42889 Text4Shell Vulnerability: Impact and Fixes

See important details on the Text4Shell vulnerability, including affected versions, how it compares to Log4Shell, and how to identify and remediate it.

  • FOSSA Editorial Team
    FOSSA Editorial Team
3 min read
Open Source License Compliance

Open Source Licenses 101: Microsoft Public License (Ms-PL)

Get an overview of the Microsoft Public License (Ms-PL), including key provisions and how it compares to the Microsoft Reciprocal License (Ms-RL).

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Open Source in the News

Analyzing the Securing Open Source Software Act

A new piece of proposed legislation would direct the U.S. federal government to create a framework for assessing security risks in open source software.

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Open Source Vulnerability Management

U.S. Government Memo Requires Self-Attestation to Secure Development Practices

U.S. government agencies must now require software suppliers to self-attest that they have adhered to NIST Guidance for secure software development.

  • FOSSA Editorial Team
    FOSSA Editorial Team
4 min read
Open Source License Compliance

Heather Meeker on Open Source License Compliance Tools

Leading OSS licensing expert Heather Meeker shares guidance to help organizations evaluate new compliance tools and get more value from existing ones.

  • Heather Meeker
    Heather Meeker
9 min read
Open Source License Compliance

Q and A: Heather Meeker on Hot Topics in OSS License Compliance

IP attorney Heather Meeker tackles several hot topics in OSS license compliance, including SBOMs, the AGPL, triggers for distribution, and more.

  • FOSSA Editorial Team
    FOSSA Editorial Team
10 min read
Inside FOSSA

FOSSA Earns Great Place To Work Certification

FOSSA has earned the Great Place to Work Certification, which reflects our strong company culture and workplace environment.

  • FOSSA Editorial Team
    FOSSA Editorial Team
2 min read
Open Source License Compliance

Customer Q&A: Collibra's Journey to Scaling OSS License Compliance

Amanda Weare, Collibra’s VP and Deputy General Counsel, discusses her experience managing Collibra's open source license compliance program.

  • FOSSA Editorial Team
    FOSSA Editorial Team
6 min read
Open Source Vulnerability Management

A Practical Guide to the SLSA Framework

SLSA is a Google-created framework designed to help organizations improve the integrity of their software supply chains.

  • John Speed Meyers (Chainguard) and Andy Drukarev (FOSSA)
    John Speed Meyers (Chainguard) and Andy Drukarev (FOSSA)
7 min read
Open Source Vulnerability Management

How to Implement the CSRB’s Log4j Security Recommendations

See guidance for implementing the security recommendations in the CSRB's recent report on the Log4j vulnerability.

  • FOSSA Editorial Team
    FOSSA Editorial Team
7 min read
Developer Perspectives

Rust: How to Transform a Byte Stream for Fun and Profit

Here's one way to think about Rust readers that plays nicely with the way Rust programmers naturally think about streaming values.

  • Jessica Black
    Jessica Black
4 min read
  • For the Love of Open Source © 2023 FOSSA, Inc.
  • Privacy Policy
  • Terms & Conditions