I’m very excited to announce that FOSSA has acquired StackShare — the well-respected community and enterprise platform for tracking and discussing developer tools.

There are three primary reasons why we’re excited about this announcement for developers and security teams: 

  1. Developers still need easier ways to assess and share their experiences with tools

Developer tools is a constantly changing landscape — and over the years, many segments (especially security-oriented developer tools) have become incredibly confusing to navigate. For free and OSS tools, there are constantly new paradigms, trends, and patterns to keep up with. For commercial tools, buyers are struggling more than ever to differentiate truth from marketing noise between vendors. Increasingly, the way people choose their technology stack is through practical discussions between trusted peers and practitioners: developers talking to developers.

StackShare is one of the few places left where authentic discussions around developer and security tools happen, and FOSSA is committed to protecting that experience. Over the last 10 years, StackShare has built an amazing community with research, discussions, and decisions surrounding technical tooling. By the numbers, StackShare has amassed more than 1.5M users, who have shared over 250,000 “stack profiles,” for a brand that has touched more than 40M developers total. We believe continuing to invest in this community is critical — for healthy discussions between developers, practitioners, and customers.

  1. Enterprise security teams need integrated developer tools management

Developers are a very unique population in the enterprise. For teams other than engineering, tooling adoption is tightly controlled for security, cost, and process consolidation. However for developers, it’s often the opposite. Developers adopt tools (and open source packages) democratically, often in naturally fragmented ways.

For most companies this is smart; it’s a business-critical policy that maintains innovation. But it also creates a unique gap for any centralized team accountable for this surface area — especially security, compliance, and architecture. Just like open source packages, developer tools inevitably fall beneath the radar of enterprise controls. And unfortunately, both regulators and attackers aren’t slowing down the pressure on these areas.

Developer toolchains have become a natural target for software supply chain attacks, and we already have some clear examples. During Codecov’s breach in April of 2021, FOSSA customers ran fire drills of immense scale, and turned to us and StackShare to see if we could provide this kind of data about where the tools were used. Providing that visibility is a critical area for FOSSA and StackShare.

  1. Two industry-leading companies are joining forces to invest in data transparency

As an industry, we are still very early in establishing standards of transparency within our software supply chains. SBOM formats are constantly undergoing revisions by the regulators and the community, including entirely new types of data beyond open source packages — AI training data, infrastructure, and more. Ahead of standards, developer tools have already popped up as a burgeoning surface area in SBOMs, and both StackShare and FOSSA have seen third parties begin demanding this data. StackShare proposed an early solution to this with Tech Stack Files, which have already been adopted by thousands of developers.

Beyond inventory, teams everywhere are looking to answer hosts of questions about their supply chain that require comprehensive metadata — for cost and technology consolidation, obsolescence management, architecture planning, and more. Most of this data simply doesn’t exist yet. We believe more of this data should be collected and curated openly. With FOSSA’s decade of open source analysis and research at scale combined with StackShare’s community, we see an opportunity to contribute the largest public knowledge base and community of software supply chain metadata across a variety of dimensions.

Finally, we are excited to bring StackShare back to its roots — its thriving community. As part of that focus, we will be sunsetting the StackShare Enterprise (SSE) product. However, over the next few quarters, we will focus our investment in the stackshare.io community experience and bring accessible and actionable developer tools data to the FOSSA platform.

I am deeply excited to bring the StackShare and FOSSA teams together. Developer tools, even after decades, is still a small space, and it’s always exciting to watch two companies come together under the mission of serving developers. We look forward to continuing the StackShare journey, being great stewards of the community, and I personally want to thank StackShare CEO Yonas Beshawred and every StackShare user for the trust in us to do so.

For more information, please feel free to reach out to our team: hello@fossa.com.