FOSSA feature Icon

Compliance at every commit

Add deep license scanning, dependency analysis & intelligent compliance
into your realtime development workflow.

Deep code scanning Premium

FOSSA open source management platform code match

Surface raw licenses hidden inside deep dependencies; correctly-identified even if edited and placed within code.

  • Detects embedded GPL, even when not reported by developers
  • Additional parsing for metadata, notice files and webpages
    referenced in code
  • Differentiates between declared, nested & included licenses
    (from i.e. copy-pasted modules/files)
  • Fully configurable detail & depth
  • Intelligently handles dual/multi-licensed code
Why do I need full license scanning?

Realtime compliance Premium

FOSSA open source management issue summary

FOSSA runs your code through a battery of license tests on each commit and can block violations through CI and code review.

  • Ensures all dependencies are properly licensed
  • Flags libraries with problematic licensing terms based off your app type, or conflict with company policies
  • Default, customizable policy templates drafted by top lawyers are shipped with FOSSA for all common types of apps.
  • Provides license request templates & standard propritary license grants

Smart review workflow Premium

FOSSA open source management platform review workflow

Intelligent tools to review and fix issues, integrated into your favorite tools like JIRA and Slack.

  • Module relationship, issue metadata and code browsing embedded inline for easy review
  • Smart remediation suggestions and update strategies to fix multiple issues
  • Automatically export & sync with JIRA/issue trackers
  • Full audit logs as issues progress and are resolved
  • Track notes, add licenses and persist/rollback fixes within issue UI

Integrations & realtime alerts Premium

FOSSA open source management platform github review indicator

Proactively address license issues with alerts routed to the stakeholders or embedded in your workflow.

  • Route realtime alerts through Email, Slack, JIRA and more…
  • Code review & pull request integrations to prevent bad code from landing into master
  • Native support for multiple branches, tags and release channels
  • Fully customizable notification policies

Automated attribution & reports Premium

open source dependencies attribution file

Attribution notices, component reports and compliance documentation are handled automatically at release – no manual work.

  • Includes raw license files/headers pulled directly from code, even if edited by developer
  • Customizable detail and depth of reports
  • Exports to PDF, Markdown, HTML, JSON and more…
  • Downloadable or hosted option to link to

Release management/flexibility Premium

open source dependency management

Effortlessly manage your licenses and dependencies across releases

  • Fully searchable and filterable list of all dependencies/licenses
  • Plain-english checklists of license obligations across hundreds of license files included in your app
  • Explore relationships between modules and if/how dependencies are included in your build
  • Compare changes in your dependency tree across releases

Notifications & Workflow Integrations

Deeply integrate compliance into your team, becoming as proactive and quickly reactive as possible.

Guthub Green
circleci logo
Atlassian Tools
Slack Notifications
NPM logo green
In Code
email icon
Email Reports/Alerts
View full integration directory

Feature Icon

Effortless reports and releases

With continuous compliance, you can release anytime with a clean bill of health. It takes only one click to generate attributions, BOMs, reports and audit results.

FOSSA hotspot

FOSSA automatically generates disclosures and reports for you at every commit, collected from raw license data across your deep dependencies.

Let FOSSA update and host these for you, or export and distribute them yourself to your users, customers, investors, etc…

FOSSA hotspot

FOSSA natively supports complicated workflows including multiple branches, tags and release channels.
This allows you to compare releases, see what changed and integrate with code review to preview patches before they bring in issues.

FOSSA open source management platform feature reports

Raw License Data

Raw license headers and texts are used, so even the small modifications are preserved

Instant, Multi-Format Export

Export to HTML, Markdown or PDF with one click. Host your attributions and disclosures online, on GitHub, or inside your application.

Always Updated Attribution

Attribution is versioned and you will be alerted when files are out-of-date

All-inclusive Customizations

These files contain all direct and deeper dependencies, with full license texts included at the bottom

FOSSA open source management platform bom compare

Comparing versions

Compare branches, tags, versions, etc…

Generating diff reports

Generate reports on what changed inbetween versions

Integrated with code review

Preview patches and changes before they enter your codebase