OSS News Articles
OSS News Articles
License Compliance, SBOM, and Vulnerability Management for Smaller Teams: FOSSA Business Tier
FOSSA introduces a new business tier tailored for smaller teams, offering flexible pricing and comprehensive features for SBOM, vulnerability management, and license compliance.
Fall 2024 Software Licensing Roundup
Explore the significant licensing stories of fall 2024, including Elastics return to open source, the new fair source licensing model, and the PearAI controversy.
Snippet Scanning, Explained
An in-depth look at snippet scanning tools, their methodologies, and their impact on open source license compliance.
Beyond Vulnerabilities: Understanding Package Health with FOSSA Quality
Explore FOSSA Quality's tools for assessing and improving the health of your software's open source components.
4 Takeaways from the ESF's OSS and SBOM Management Recommendations
A summary of the key insights from the ESF's latest recommendations on OSS and SBOM management.
Reduce Alert Fatigue with FOSSA’s Auto-Ignore Rules
Learn how FOSSA’s auto-ignore rules streamline license compliance and vulnerability remediation by minimizing redundant alerts.
A Comprehensive Guide to Source-Available Software Licenses, Featuring Heather Meeker
Explore the intricacies of source-available software licenses, contrasting them with open-source and proprietary licenses.
Heather Meeker on Open Source License Compliance Policies
Discussion on tailoring open source license compliance policies for different deployment models, including strategies for SaaS, mobile apps, and embedded systems.
The FOSSA Podcast: SCA Purchasing and Implementation Trends
A discussion on open source usage and software composition analysis tools to manage OSS license compliance and security risks.
Containers and Open Source License Compliance
An exploration of open source license compliance in the container ecosystem, discussing key components and compliance strategies.
2023 Open Source Management Trends, Predictions, and Observations
Explore trends, predictions, and observations on mission-critical open source management, including SBOM data usage, license compliance automation, and more.
How Applause Makes Open Source Management Work for Developers
Discover how Applause, led by CTO Rob Mason, leverages FOSSA to optimize open source management, reducing burdens on developers.
Complying with GPL v3’s User Product Clause
Explore the GPL v3's 'User Product' clause and strategies for compliance, addressing challenges faced by manufacturers while protecting user freedom.
Analyzing the Securing Open Source Software Act
An overview of the Securing Open Source Software Act, its implications for federal agencies, and potential effects on the private sector.
Heather Meeker on Open Source License Compliance Tools
A detailed exploration into the evolution and current trends of compliance tools for open source software licenses, with insights from Heather Meeker.
Customer Q&A: Collibra's Journey to Scaling OSS License Compliance
An insightful interview with Amanda Weare, Collibra's VP and Deputy General Counsel, discussing their approach to open source license compliance.
Why Open Source is ESG
Exploring how open source software can align with ESG principles, serving both as a risk and an investment opportunity.
Announcing the Private Beta of FOSSA Risk Intelligence
Introducing FOSSA Risk Intelligence, a private beta add-on to enhance software supply chain security by addressing risks like stale packages, abandonware, and more.
Open Source Licenses 101: SIL Open Font License (OFL)
An overview of the SIL Open Font License (OFL), its versions, and provisions for font software use, modification, and redistribution.
How to Build an Open Source License Compliance Program, Featuring Jim Markwith
Explore the importance and elements of building a successful open source license compliance program, as discussed by Jim Markwith, a technology and transactions attorney.
The Massive Implications of Software Freedom Conservancy vs. Vizio
Exploration of Software Freedom Conservancy's lawsuit against Vizio and its potential impact on open source license enforcement.
Open Source Licenses 101: Boost Software License
A thorough examination of the Boost Software License, showcasing its similarities to and differences from other permissive licenses.
Open Source Licenses 101: The CDDL (Common Development and Distribution License)
The CDDL — short for Common Development and Distribution License — is a weak copyleft open source software license initially published by Sun Microsystems.
4 Reasons Rancher Labs Chose FOSSA
Explore why Rancher Labs selected FOSSA for open source management, enhancing their development efficiency and security posture.
An Overview of Spring RCE Vulnerabilities
A review of critical remote code execution vulnerabilities in Spring, highlighting CVE-2022-22965 and CVE-2022-22963, their impact, and mitigation strategies.
OSS License Compliance Expert Heather Meeker on the AGPL
An exploration of the AGPL's implications, how it compares to the GPL family, and its inception.
Open Source Developer Sabotages npm Libraries 'Colors,' 'Faker'
The developer behind 'colors.js' and 'faker.js' sabotages his own npm libraries, causing widespread disruption.
Q and A: Heather Meeker on AGPL, Truth Social, OSS License Compliance
Highlights from a webinar with open source licensing expert Heather Meeker discussing AGPL, Truth Social's compliance issues, and Google's AGPL policy.
FOSSA Partners with OpenChain to Promote Open Source Management
FOSSA has partnered with OpenChain to support organizations in achieving OpenChain Conformance, promoting compliance with OSS licensing requirements.
bouk/monkey and the Importance of Knowing Your Dependencies
Exploring the significance of understanding software dependencies, licenses, and the unusual case of bouk/monkey's license.
3 Best Practices for OSS Management in the Automotive Industry
Explore best practices for OSS management in the automotive industry to reduce license compliance, security, and quality risks.
Open Source Software Licenses 101: The LGPL License
An overview of the GNU Lesser General Public License (LGPL), its requirements, permissions, and its current usage in the open source software development community.
Open Source Software Licenses 101: The AGPL License
Explore the intricacies of the GNU Affero General Public License (AGPL), its history, requirements, and its impact on the open-source software community.
Stockfish vs. ChessBase and What it Means for GPL v3
An exploration of the Stockfish lawsuit against ChessBase, testing the GPL v3 license regarding derivative works and license termination.
Copyleft Licenses and the Venture Capital Connection
Explore the impact of copyleft licenses on venture capital investments, including insights from IP lawyer Kate Downing and the NVCA Stock Purchase Agreement Model Form.
All About Permissive Licenses
An exploration of permissive open source licenses, their history, and their role in the software community.
All About Copyleft Licenses
An exploration of copyleft licenses, their history, differences from permissive licenses, and their role in the open source community.
Open Source Software Licenses 101: The ISC License
Explore the history, requirements, and key differences of the ISC License in open source software.
Open Source Software Licenses 101: Mozilla Public License 2.0
An in-depth look at the Mozilla Public License 2.0, its requirements, comparisons with other licenses, and its use cases.
Open Source Software Licenses 101: The BSD 3-Clause License
An overview of the BSD 3-Clause License, its history, requirements, and how it compares to other permissive licenses.
How OSS Conquered the World: Insight from Veteran Developers
FOSSA staff engineer Konstantin Gredeskoul and Oxide Computer Company's co-founder Bryan Cantrill discuss the development and impact of open source software in an informative and entertaining podcast.
Building an Open Source Program Office (OSPO)
Explore the components and staffing necessary for establishing a successful Open Source Program Office to manage and strategize open source software use.
Open Source Software Licenses 101: GPL v2
An informative guide on the GNU General Public License Version 2.0, highlighting its terms, conditions, and how it contrasts with other open source licenses.
How to Choose an Open Source Software License Compliance Tool
Guidance on choosing the right open source software license compliance tool, covering aspects such as scanning, automation, integration, issue management, and reporting.
4 Takeaways from the 2021 State of Open Source Vulnerabilities Report
An analysis of the 2021 State of Open Source Vulnerabilities report, highlighting frequent targets like Java and JavaScript, common issues such as poor input validation, and vulnerable libraries.
Open Source Licenses 101: Apache License 2.0
An exploration of the Apache License 2.0, outlining its terms, use cases, and how it compares to other permissive licenses.
How to Apply a License to Your Open Source Software Project
Explore how to effectively apply a license to your open source software project, addressing common challenges and scenarios.
Open Source Software Licenses 101: The MIT License
Exploring the MIT License, a popular open source software license, its permissions, restrictions, and comparisons to other licenses.
Takeaways from OpenChain ISO/IEC 5230:2020
Key insights from the OpenChain ISO/IEC 5230:2020 standard, focusing on requirements for license compliance programs and how to achieve OpenChain Conformance.
Top Security Takeaways from the 2020 FOSS Contributor Survey
Discover key security insights from the 2020 FOSS Contributor Survey and explore actionable recommendations for open source project owners.
The Future of Software Composition Analysis, Featuring Forrester
Exploring the future of Software Composition Analysis (SCA) with key insights into automation, governance, and developer integration.
5 Ways Companies Can Get More Value From Open Source Software
Explore strategies for maximizing open source software benefits while ensuring compliance and security.
How UiPath Reduced Open Source Risk Through Team Collaboration
Explore how UiPath reduces open source risk through collaboration between engineering, compliance, and security teams.
How Zendesk’s Legal Team Scored an Open Source Compliance Victory
Discover how Zendesk's legal team improved open source compliance with the help of FOSSA, optimizing workflows and reducing time spent on compliance processes.
How to Choose the Right Open Source License
This post guides you on how to choose the right open source license for your project, ensuring your software is protected and shared as you wish.
Q&A: Heather Meeker on Open Source License Notices
Heather Meeker shares insights on open source software licensing and the role of automation in managing license notices.
Heather Meeker on Open Source License Notices and Automation
Discussing the importance of open source license notices and how automation can help address compliance challenges.
FOSSA Raises a $23.2M Series B
FOSSA announces a new funding round of $23.2M to accelerate the development of open source inventory solutions.
Press Release: FOSSA Accelerates Growth, Hits Significant Milestones
FOSSA announces $23.2 million in Series B funding and launches new security management capabilities, affirming its leadership in the software composition analysis market.
How Open Source License Audits Became a Strategic Key to M&A Success
Open source non-compliance can impact company transactions like mergers and acquisitions by slowing, devaluing, or breaking deals.
Now's the Perfect Time to Evolve Legal and Engineering Collaboration
In remote work, businesses' confidence in their software supply chain is crucial, highlighting risk mitigation's importance.
TikTok, Trump, and the Future of Open Source Surveillance
Exploring the intersection of TikTok, national security, and the future of open source software surveillance.
Snippet Scanning: Is it Right for Your Team?
Explore the nuances of snippet scanning and its relevance to software development today, while considering risk profiles and modern development practices.
FOSSA Named to CNBC's Upstart 100
FOSSA has been named to CNBC's Upstart 100 List following the closing of $8.5 Million in Series A Funding.
FOSSA Raises $8.5M for Enterprise Open Source Management
FOSSA announces an $8.5M Series A funding to enhance open source management for enterprises, and shares success stories with notable clients.
We’re excited to partner with CircleCI to release our CircleCI orb!
Learn about FOSSA's new CircleCI orb for easier OSS license compliance and CI/CD integration.
WTFPL to Beerware: Top 6 Out-There Open Source Licenses
Explore some of the most unconventional open source licenses, from Beerware to WTFPL.
All About Open Source Licenses
A comprehensive guide to understanding open source licenses, including permissive and copyleft licenses, and how to apply them.
What is a Private Artifact Repository?
Exploration of the benefits and limitations of private artifact repositories, highlighting three common issues developers face along with solutions offered by FOSSA.
Still Asking Engineers to Fill Out Open Source Request Forms?
Exploring the impact of manual open source request processes on engineering culture and innovation speed.
We’re Excited to Announce Our CNCF Membership
FOSSA is excited to announce its CNCF membership, highlighting the importance of open source in software development and our commitment to the community.
Creating a Comprehensive 3rd-Party Package License Policy for OSS
Learn how to create a comprehensive third-party package license policy, a vital element for companies engaging with open source software and ensuring compliance across various licenses.
Why Open Source License Compliance Needs to Be CI-Agnostic
Exploring the importance of adopting platform-agnostic tools for open source license compliance and the benefits of avoiding vendor lock-in.
Automating Open Source Reports with FOSSA at Applause
Discover how Applause leveraged FOSSA to automate their OSS licensing and compliance process, saving time and improving accuracy.
Which Open Source License Is Best for Commercialization?
Exploring the best open source licenses for commercialization, including the balance between permissive and restrictive licenses.
Discussing Commons Clause on Software Engineering Daily
Exploration of open source software, business models, and the impact of the Commons Clause, with insights from Kevin Wang.
JS Foundation chooses FOSSA as the Open Source License Cert. Provider
The JS Foundation, supporting critical JavaScript infrastructure, chooses FOSSA for automated open-source license compliance.
Don’t Over-REACT to the Facebook Patents License
The controversy surrounding Facebook's 'BSD+ Patents' license is more partisan than practical, and the Apache Foundation's decision to reclassify it is unlikely to impact the use of ReactJS.
The Ultimate GPL Survival Guide
A comprehensive guide on GPL compliance for professionals in consumer electronics, IoT, and automotive industries, featuring useful flowcharts and checklists.
Announcing FOSSA Public Beta & Funding
Announce the public beta release of FOSSA and a $2.2MM seed round led by Bain Capital Ventures.
You can’t get around code scanning if you care about open source licenses
Exploring the necessity of code scanning tools for tracking and complying with open source licenses in modern software development.
FOSSA partners with npm to deliver open source license compliance
FOSSA introduces a new add-on for npm Enterprise to enhance open source license compliance.