At FOSSA, we are constantly looking to improve your experience with our product and increase the value of our platform. To that end, we’re pleased to announce new support for C/C++ and updates to our issue resolution workflow, container scanning offering, and integration with Azure repos.
New Support for License Compliance and Security in C/C++
We are excited to announce the GA (general availability) of our C/C++ security and license scanning feature. C and C++ are extremely popular programming languages, used across a multitude of mission-critical applications.
With this release, security and legal teams will be able to detect security and licensing risks across their C/C++ open source code. We will begin rolling it out to customers beginning this week. For more information and to get started with this feature, please click here.
Issue Workflow Interface Refresh
FOSSA’s global issue screen displays all the security and licensing issues surfaced by your scans. We’ve made several improvements to this screen to make it easier to triage and prioritize issues. These updates include new filters to help you address issues quickly and a number of improvements to facilitate bulk actions.
We have changed our filter selection from a tab-based horizontal orientation to a check-box-based vertical orientation. As part of this vertical orientation, you will see the filters grouped (by depth, ticket, and issue type) for more intuitive navigation. Additionally, we have introduced new filters for depth selection: Direct and Transitive. These new filters provide the ability to sort through issues in a more meaningful manner.
We have also refreshed how issues are displayed.
In this new UI, issues are sorted into two categories: Active and Ignored (which includes issues that were previously resolved).
- Active issues are issues that are still waiting to be resolved
- Ignored issues include both resolved and ignored issues
The issue inbox now also includes bulk-select options for ignoring and/or creating a ticket.
Finally, clicking on the issue used to render the issue details on the same page. But in the new interface, they will render on a new page.
We will begin rolling this out to customers starting next week and expect to complete the transition by December. Please contact your customer success manager if you are interested in getting early access.
Container Scanning Updates
We now support compliance and vulnerability checks for application dependencies inside of containers. This update also includes performance enhancements that improve the accuracy of our dependency identification and user experience. For example, images scanned will show the origin path for each dependency discovered inside the image, just like analysis of a local project.
With this change, FOSSA's new container scanner brings support for standard FOSSA CLI features into containers:
- Support for configuration via .fossa.yml.
- Support for path filtering (exclusion and inclusion). This feature is available beginning with Version 3.5.0. Please refer here for documentation.
Out-of-Box Integration with Azure Repos
FOSSA now offers an out-of-box integration with Azure repos. You can set up the connection to your Azure repos from your FOSSA dashboard and quick import your projects to start scanning. Please visit our docs for more information on integrating your Azure repos.
Quick Import v2
A quick reminder that we have begun rolling out Quick Import V2 to our customers. Please reach out to firstname.lastname@example.org if you have any further questions.