FOSSA CLI

FOSSA CLI is a command-line tool that scans your codebase to identify open-source dependencies and their associated licenses and vulnerabilities. It integrates into CI/CD pipelines to provide automated compliance checks, license audits, and security analysis. Designed for enterprise software teams, FOSSA CLI helps enforce open-source policies at scale and provides accurate, automated insights into third-party software usage through deep analysis of transitive dependencies and ecosystem-specific configurations.

Features

Scans code for open-source dependencies and licenses
Detects license conflicts and policy violations
Identifies known vulnerabilities in dependencies
Integrates with CI/CD for automated compliance
Supports multiple languages and build tools
Exports detailed reports in multiple formats

Project Samples

Project Activity

See All Activity >

License

MIT License

Follow FOSSA CLI

FOSSA CLI Web Site

Other Useful Business Software

Stop Storing Third-Party Tokens in Your Database

Auth0 Token Vault handles secure token storage, exchange, and refresh for external providers so you don't have to build it yourself.

Rolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.

Try Auth0 for Free

Rate This Project

User Reviews

Be the first to post a review of FOSSA CLI!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Haskell

Related Categories

Haskell Dependency Managers

Registered

2025-07-17

Similar Business Software

Parasoft

"Parasoft delivers an AI‑powered software testing platform that helps organizations continuously release high‑quality software. Our solutions support embedded and enterprise teams by integrating code analysis, testing, virtualization, and coverage into the delivery pipeline to improve security,...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Bitrise

Bitrise is a CI/CD platform built for mobile development, helping teams speed up builds, automate testing, and deliver high-quality apps faster. It supports native languages like Swift, Objective-C, Java, and Kotlin, as well as cross-platform frameworks including React Native, Flutter, Xamarin,...

See Software
Gearset

Gearset is the complete, enterprise-ready Salesforce DevOps platform, enabling teams to implement best practices across the entire DevOps lifecycle. With powerful solutions for metadata and CPQ deployments, CI/CD, testing, code scanning, sandbox seeding, backups, archiving, observability, and...

See Software
Odoo

Odoo is a fully integrated, customizable, open-source software packed with hundreds of expertly designed business applications. Odoo’s intuitive database is able to meet a majority of business needs, such as: CRM, Sales, Project, Manufacturing, Inventory, and Accounting, just to name a few. Odoo...

See Software
Process Street

Process Street is an AI-powered compliance operations platform that automates complex workflows, enforces standards, and tracks audit data in real time. Teams use it to create structured SOPs, assign tasks, collect data, and monitor execution with intelligent oversight. From onboarding and...

See Software