At FOSSA, we’re always looking for ways to improve your experience with our product. To that end, here’s an overview of several exciting new features that are now available.

Analysis Target Configuration

Analysis target configuration allows you to select a very specific subset of your directory for scanning. The target and path sections allow users to configure which targets and directories should be scanned. This is useful if you have a custom test directory or development projects within the root project.

See our documentation for more details.

Announcements Banner (For On-Prem Users Only)

Users in admin roles (on-prem customers only) can go to your Organization Settings panel to configure up to 3 banners that will be shown to all users in the sign-in and projects table screens. Admins can easily post general announcements, links to onboarding docs, or any other administrative information to your FOSSA organizations without having to send out emails.

New Language Support

We’ve expanded our language and package manager support to include the following:

  • Poetry available in CLI 2.12.0
  • Elixir and Mix support in CLI v2.13.0
  • Dart supported natively in CLI v2.15.0

Please refer to our documentation to get started.

Container Scanning

We are excited to announce the release of FOSSA Container Scanning. Customers will now be able to scan containers for Linux system packages to identify licenses and vulnerabilities.

More details are in the blog here.

Read the documentation here.

Audit Logging

We have expanded our audit logging to help you track more events. The expanded events are classified as follows:

  • Project management events
  • Release group management events
  • License policy management events
  • RBAC events

This will help boost accountability and observability for critical/high-stakes actions like policy changes across the organization. It will also help you manage your teams and projects better.

Read the documentation here.

Enterprise users can contact your customer support representative to enable audit logging.

Adding Manual Dependencies

Occasionally, it may be necessary to manually add dependencies to your projects. We have created a new workflow that you can use to manually add dependencies by uploading an archive, providing FOSSA URLs or locators, or outright defining your own dependencies. Scenarios where you might use this feature include:

  • Private dependencies that FOSSA has no access to
  • Dependencies that FOSSA supports, but failed to find via analysis
  • Dependencies for languages that FOSSA does not support
  • Dependencies that were analyzed within another system

This new workflow is available to all users and can be found in the Dependencies tab for projects. Users can reach out to customer support for more information.