Packed with features to get you started in seconds, not years.
Compliance at every commit
Add deep license scanning, dependency analysis & intelligent compliance
into your realtime development workflow.
Deep module & license analysis
FOSSA runs on top of your code to continuously analyze not just the libraries included by your developers, but also indirect ones from an unlimited depth.
Deep code scanning Premium
Surface raw licenses hidden inside deep dependencies; correctly-identified even if edited and placed within code.
- Detects embedded GPL, even when not reported by developers
- Additional parsing for metadata, notice files and webpages
referenced in code
- Differentiates between declared, nested & included licenses
(from i.e. copy-pasted modules/files)
- Fully configurable detail & depth
- Intelligently handles dual/multi-licensed code
Realtime compliance Premium
FOSSA runs your code through a battery of license tests on each commit and can block violations through CI and code review.
- Ensures all dependencies are properly licensed
- Flags libraries with problematic licensing terms based off your app type, or conflict with company policies
- Default, customizable policy templates drafted by top lawyers are shipped with FOSSA for all common types of apps.
- Provides license request templates & standard propritary license grants
Smart review workflow Premium
Intelligent tools to review and fix issues, integrated into your favorite tools like JIRA and Slack.
- Module relationship, issue metadata and code browsing embedded inline for easy review
- Smart remediation suggestions and update strategies to fix multiple issues
- Automatically export & sync with JIRA/issue trackers
- Full audit logs as issues progress and are resolved
- Track notes, add licenses and persist/rollback fixes within issue UI
Integrations & realtime alerts Premium
Proactively address license issues with alerts routed to the stakeholders or embedded in your workflow.
- Route realtime alerts through Email, Slack, JIRA and more…
- Code review & pull request integrations to prevent bad code from landing into master
- Native support for multiple branches, tags and release channels
- Fully customizable notification policies
Automated attribution & reports Premium
Attribution notices, component reports and compliance documentation are handled automatically at release – no manual work.
- Includes raw license files/headers pulled directly from code, even if edited by developer
- Customizable detail and depth of reports
- Exports to PDF, Markdown, HTML, JSON and more…
- Downloadable or hosted option to link to
Release management/flexibility Premium
Effortlessly manage your licenses and dependencies across releases
- Fully searchable and filterable list of all dependencies/licenses
- Plain-english checklists of license obligations across hundreds of license files included in your app
- Explore relationships between modules and if/how dependencies are included in your build
- Compare changes in your dependency tree across releases
Notifications & Workflow Integrations
Deeply integrate compliance into your team,
becoming as proactive and quickly reactive as possible.
Effortless reports and releases
With continuous compliance, you can release
anytime with a clean bill of health.
It takes only one click to generate attributions, BOMs, reports and audit results.
FOSSA automatically generates disclosures and reports for you at every commit, collected from raw license data across your deep dependencies.
Let FOSSA update and host these for you, or export and distribute them yourself to your users, customers, investors, etc…
FOSSA natively supports complicated workflows including multiple branches, tags and release channels.
This allows you to compare releases, see what changed and integrate with code review to preview patches before they bring in issues.
Raw License Data
Raw license headers and texts are used, so even the small modifications are preserved
Instant, Multi-Format Export
Export to HTML, Markdown or PDF with one click. Host your attributions and disclosures online, on GitHub, or inside your application.
Always Updated Attribution
Attribution is versioned and you will be alerted when files are out-of-date
These files contain all direct and deeper dependencies, with full license texts included at the bottom
Compare branches, tags, versions, etc…
Generating diff reports
Generate reports on what changed inbetween versions
Integrated with code review
Preview patches and changes before they enter your codebase
A central compliance hub
No more redundant work, FOSSA remembers everything you do and makes each release easier.
License Checklists & Dependency Management
Explore, manage and understand how everything gets included in your builds
Full audit logs, export
& reversible work history
Keep an exportable history of everything that happens in FOSSA
Manage & remember compliance work
FOSSA remembers everything you do to make each release easier
Expert panelists discuss Open Source Trends for 2020 and Beyond
5 reasons why using spreadsheets for open source management is a recipe for disaster
In good company
Join some of the worlds most incredible startups.