Happy Memorial Day! We’d like to announce some major license data quality updates that we’ve introduced this weekend.
Over 300 New Licenses
We’ve made a massive increase to our library supported licenses. Not only can FOSSA recognize a broader variety, but it can also now differentiate between over 20+ variations of the BSD License, 15+ variations of the GPL and a wide variety of non-standard proprietary licenses.
To follow this, we’ve updated our default policy templates to include new common exceptions and licenses. Contact firstname.lastname@example.org for help migrating to new policies.
Major Improvements to Data & Report Quality
We’ve reworked how we resolve unknown license matches which has led to a significant increase in report quality. In addition, we’ve improved and standardized our copyright scanning and license reporting format to make rendering attribution notices extremely reliable.
Overall, reports generated by FOSSA should look both significantly cleaner and full of raw attribution notices.
Native Support for SPDX License IDs & Standards
The SPDX License List is a standard list of commonly found licenses maintained by the Linux Foundation. It defines standard identifiers, license texts and attribution guidelines for hundreds of common licenses and exceptions used in free and open source software.
FOSSA has supported SPDX identifiers for years—but now, FOSSA natively speaks SPDX under the hood.
For FOSSA Enterprise customers, this ensures 2 things:
- All reports are fully compliant with industry-standard attribution practices
- API data should be significantly easier to integrate into toolchains, especially those that follow specifications like OpenChain
Increased Performance & Issue Hints
Finally, we’ve improved the speed at which license data is resolved and loaded throughout FOSSA. Now, anywhere license data is handled throughout the application should be much faster.
This has also allowed us to introduce richer data into the dependency browsing experience, like highlighting issues directly in the view:
We hope you find these updates useful. As always, we’re eager to hear your feedback.