The FOSSA Developer Hub

Welcome to the FOSSA developer hub. You'll find comprehensive guides and documentation to help you start working with FOSSA as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Binaries, Archives or Custom (C, C++, etc...)

FOSSA supports archives, vendorized dependencies and binaries through a variety of methods.

ToolRepository ScanningCI/CD Scanning
Egg/WheelThrough Python support.N/A


About Archive Formats

Archive formats are a special kind of dependency in FOSSA. They are not included through a standard build tool or process, but instead represent instances where developers have packaged up pieces of (potentially-modified) 3rd-party code and checked them into your source tree.

When archives are encountered, FOSSA makes a "best-effort" attempt at resolving it to known 3rd-party code.

Resolution Strategies

Below is a table of available resolution strategies in Provided / Automated integration methods:

TypeResolution KeysSupportedProvided
CommonJS PackageResolved from package.jsonYY
Python PackageResolved from setup.pyY
MavenResolved from pom.xmlY
GenericHash of archive / source treeContact Us

Scanning Custom Directories

You can also scan custom directories that contain 3rd-party code by annotating them in your .fossa.yml file.

See the fossa-cli docs fore more details.

Updated 8 months ago

Binaries, Archives or Custom (C, C++, etc...)

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.