These docs are for v1.0. Click to read the latest docs for v3.2.

August 2023

  • New issue inbox header to allow easier discovery of actions menu!
  • Grouping issues by package is now the default for all issue inboxes!
  • Bulk policy assignment within projects table
  • Bulk label assignment within projects table
  • New security filters:
    • Fix available by upgrade distance.
      • Whether a given remediation is a Patch, Minor, Major, or Unknown semantic version increment.
    • Exploit Maturity
  • New general (Licensing, Security, Quality) issue filters:
    • First Found
      • Whether a given Issue has been detected within a selected time frame
        • Anytime
        • Last 7 days
        • Last 14 days
        • Last 30 days

July 2023

  • Auto Ignore Rules
    • The ability to persist ignore decisions across projects, policy, and package versions!
  • HTML reports visual refresh
  • PDF reports visual refresh

June 2023

  • Added tutorial on adding custom licenses
  • Added tutorial on editing a dependency
  • Progressive dependency UI
    • Upon completion of the Applying build data phase of any project analysis dependencies will now be available as we analyze them
    • Includes filter for dependency status:
      • In-progress: Analyzing these dependencies
      • Analyzed: Analysis complete for these dependencies
      • Failed: An error occurred while analyzing these dependencies
  • Added Unique JIRA tickets per FOSSA issue to JIRA integration
  • Added Organization Setting within Integration > JIRA to enable unique JIRA tickets per FOSSA issue as the default action

May 2023

  • An ability to add names when correcting to custom-license . These names will appear as the licenseID in reports

April 2023

  • SPDX report enhancements to meet updated NTIA minimum elements:
    • supplier & organizer by default per package
    • checksum per package by default per package
    • Updated creationInfo
  • Contributor report changes to capture weekly snapshots including:
    • Contributor summary
    • Contributors last 90 days
    • Contributors last 364 days
  • Type DELETE for all project & release group deletion
  • Ability to select a JIRA project per issue type (Security, Licensing) in integration settings
  • Org project label limit increased from 100 to 500
  • FOSSA Project Broker v0.2.0

March 2023

  • Project and version grouping for "First party licenses" in Release group CSV reports
  • Declared vs Discovered license filters
  • Fix available filter
    • Partial Fix - Nearest update to fix the selected CVE.
    • Complete Fix- Nearest update to fix all vulnerabilities found on this dependency
  • Audit Due Diligence report fixes
  • Saved Issue filters for new Issues UI
    • Saved issue filters for fossa test and status checks
  • Widespread go analysis improvements
  • Fossa Project Broker MVP

February 2023

January 2023

  • Set a custom organization-wide header for attribution reports
  • Export Ignored issues as CSV
  • --detect-dynamic Supports recursively inspecting binaries for dynamic dependencies (#1143)
  • Improved the output of fossa test (#1135)
  • Added support for Unity companion license and Unity package distribution license (#1136)
  • 1Password integration to FOSSA CLI
  • Added yocto support
  • Full FOSSA CLI Changelog can be found here

December 2022

  • Expanded support for SPDX reports to output JSON
  • Add support for vulnerabilities to CycloneDX reports
  • Ability to filter files being scanned based on file path and extension (#1128)
  • Added support for R via renv package manager
  • Improve detection of dual licenses