The FOSSA Developer Hub

Welcome to the FOSSA developer hub. You'll find comprehensive guides and documentation to help you start working with FOSSA as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Binaries, Archives or Custom (C, C++, etc...)

FOSSA supports archives, vendorized dependencies and binaries through a variety of methods.

Tool

Repository Scanning

CI/CD Scanning

Tar

Y

Y

Gzip

Y

Y

Zip

N/A

N/A

Egg/Wheel

Through Python support.

N/A

👍

About Archive Formats

Archive formats are a special kind of dependency in FOSSA. They are not included through a standard build tool or process, but instead represent instances where developers have packaged up pieces of (potentially-modified) 3rd-party code and checked them into your source tree.

When archives are encountered, FOSSA makes a "best-effort" attempt at resolving it to known 3rd-party code.

Resolution Strategies

Below is a table of available resolution strategies in Provided / Automated integration methods:

Type

Resolution Keys

Supported

Provided

CommonJS Package

Resolved from package.json

Y

Y

Python Package

Resolved from setup.py

Y

Maven

Resolved from pom.xml

Y

Generic

Hash of archive / source tree

Contact Us

Scanning Custom Directories

You can also scan custom directories that contain 3rd-party code by annotating them in your .fossa.yml file.

See the fossa-cli docs fore more details.

Updated about a year ago

Binaries, Archives or Custom (C, C++, etc...)


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.