FOSSology

FOSSology

FOSSology is an open source license compliance software system and toolkit. It helps organizations comply with free and open source software licenses by providing features like automated scanning, manual verification, copyright detection and license identification.
Development Open Source
FOSSology image
license-compliance scanning copyright-detection
FOSSology alternatives ➤

FOSSology: Open Source License Compliance Software

Automate your compliance with free and open source software licenses using FOSSology, a comprehensive toolkit for automated scanning, manual verification, copyright detection, and license identification.

What is FOSSology?

FOSSology is a free and open source software tool designed to help organizations comply with the licenses of free and open source software they use. It provides a combination of automatic and manual tools for scanning source code, identifying licenses and copyrights, and tracking obligations and compliance issues.

Key features of FOSSology include:

  • Automated scanning of source code archives to detect licenses, copyrights and dependencies
  • Web-based interface for uploading code, configuring scans and browsing results
  • Utilities for manually verifying automated scan results
  • Integration with SPDX for standardizing license expressions
  • Copyright detection using pattern matching and comment analysis
  • Interfaces for exporting scan reports and license findings
  • Role-based access control for users and groups
  • APIs for integrating with other systems

FOSSology helps organizations by simplifying license compliance processes that might otherwise require extensive manual audits. By combining automated scanning with a system for human review, FOSSology provides efficient and accountable license analysis capabilities. The project is under active development by a community of open source contributors.

FOSSology Features

Features

  1. Scans source code to detect licenses and copyrights
  2. Provides both automated scanning and manual verification of licenses
  3. Identifies licenses and highlights any conflicts or compliance issues
  4. Integrates with existing build tools and continuous integration pipelines
  5. Generates detailed reports on license usage and obligations
  6. Web UI and REST API for integration into other systems
  7. Plugin architecture to extend functionality
  8. Built-in copyright detection using pattern matching
  9. Supports SPDX license identifiers

Pricing

  • Open Source

Pros

Automates and simplifies open source license compliance

Free and open source software

Customizable through plugins

Integrates into existing workflows

Large license database with SPDX support

Helps ensure license obligations are met

Reduces legal risks associated with open source usage

Cons

Requires some setup and configuration

Scanning can be slow for large codebases

Limited native integrations with proprietary tools

Additional work needed to track licenses manually added to code

Functionality focused on license compliance, not broader governance

Official Links

Official Website
https://www.fossology.org/projects/fossology

The Best FOSSology Alternatives

Top Development and Open Source and other similar apps like FOSSology

Here are some alternatives to FOSSology:

WhiteSource icon
WhiteSource
FOSSA icon
FOSSA
Palamida Standard Edition icon
Palamida Standard Edition
ScanCode icon
ScanCode
WhiteSource Bolt icon
WhiteSource Bolt
Protex icon
Protex
Suggest an alternative ❐

WhiteSource icon

WhiteSource

WhiteSource is an end-to-end open source security and management platform that provides visibility, security and license compliance for open source components. Some key features of WhiteSource include:Automatic detection of open source components - WhiteSource scans code repositories and build tools to detect all open source libraries and dependencies.Security vulnerability monitoring...
WhiteSource image
FOSSA icon

FOSSA

FOSSA is an open source license compliance management platform designed to help developers and enterprises follow open source licensing requirements. It provides the following key features:Scans code repositories to detect open source dependencies, including direct and transitive dependencies.Identifies licenses for each dependency and checks for license compatibility issues or conflicts.Generates...
FOSSA image
Palamida Standard Edition icon

Palamida Standard Edition

Palamida Standard Edition is a software composition analysis and open source license management tool. It scans application code to identify all open source components used, including copyleft and security vulnerabilities. It then provides detailed composition analysis reports that allow organizations to ensure license compliance, manage security risks, and optimize their...
Palamida Standard Edition image
ScanCode icon

ScanCode

ScanCode is an open source license scanner and compliance tool. It is designed to help organizations and developers comply with open source software license obligations by automatically scanning code and identifying licenses, copyrights, and dependencies.Some key features and capabilities of ScanCode include:Scans codebases to detect licenses, copyrights, packages and dependenciesSupports...
ScanCode image
WhiteSource Bolt icon

WhiteSource Bolt

WhiteSource Bolt is an open source security and management platform designed to help organizations control and secure the open source components in their software projects. It works by automatically detecting all open source dependencies in code repositories and build environments, identifying security vulnerabilities, outdated libraries, and license compliance issues.Key features...
WhiteSource Bolt image
Protex icon

Protex

Protex is a software composition analysis and intellectual property management tool developed by Synopsys. It helps organizations identify and inventory open source code and third-party software components within their proprietary code to assess quality, security, and compliance risks.Key features of Protex include:Scanning code to detect open source licenses, copyrights, vulnerabilities,...
Protex image
OSS Deep Discovery icon

OSS Deep Discovery

OSS Deep Discovery is a network security solution from Trend Micro that provides advanced threat detection, in-depth analysis, and rapid response capabilities against advanced persistent threats (APTs) and targeted attacks. It works by monitoring network traffic across multiple protocols and platforms to detect a wide range of threats.Deep Discovery uses...
OSS Deep Discovery image
Licensee icon

Licensee

Licensee is an open source command-line tool and Ruby gem created by GitHub that detects licenses of dependencies in software projects. It scans package manifests and file contents to identify licenses and license metadata of dependencies. Licensee matches this information against a curated list of known licenses to provide details...
Licensee image
Protecode Compact icon

Protecode Compact

Protecode Compact is a lightweight software composition analysis tool used to scan source code to identify open source components, license obligations, and security vulnerabilities. It is designed for small development teams who need to manage open source usage, comply with open source licenses, and address security risks in their software...
Protecode Compact image