fossa-cli

Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Language-agnostic; integrates with 20+ build systems. (by fossas)
Add to my DEV experience open-source-licensing open-source-vulnerabilities
Source Code
fossa.com
fossa-cli Reviews
Suggest alternative
Edit details
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

Fossa-cli Alternatives

Similar projects and alternatives to fossa-cli

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better fossa-cli alternative or higher similarity.
Suggest an alternative to fossa-cli

fossa-cli reviews and mentions

Posts with mentions or reviews of fossa-cli. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-06-08.
  • Launch HN: Infield (YC W20) – Safer, faster dependency upgrades
    4 projects | news.ycombinator.com | 8 Jun 2023
    > where we provide lockfiles that are individually valid

    Providing lockfiles is a really interesting idea! That certainly solves the "we need your non-deterministic build tool to reproduce an exact build that we found" problem.

    We haven't explored this route yet because a lot of our customers use tools that don't support lockfiles (e.g. Maven - Java in general has a lot of legacy stuff).

    If you want to build off of our work, our dependency analysis bit is open source: https://github.com/fossas/fossa-cli

  • Ask HN: Who is hiring? (May 2022)
    23 projects | news.ycombinator.com | 2 May 2022
    FOSSA | Software Engineers (Mid, Sr., Staff), PMs (Mid, Sr.) | USA, Canada, Remote (able to work ~US time zone hours)| Full-Time

    FOSSA builds developer tools to help engineering teams manage their open source. We help enterprise customers discover legal (licensing and copyright) and security (vulnerabilities) risks in their dependencies, provide tooling for them to catch these issues in CI, and automate the tedium around policy enforcement and report generation. As companies adopt more open source, their engineering teams get bogged down by more distractions around compliance and security. We help automate away those distractions.

    We build an open-source CLI tool (https://github.com/fossas/fossa-cli) that integrates with compilers and build systems to extract dependency and build information; a backend distributed system for analyzing dependency metadata; and a web application with a policy, reporting, and enforcement engine.

    Tech we use includes:

  • M1Pro Woes
    3 projects | /r/haskell | 8 Feb 2022
    The project I'm trying to build is open source (https://github.com/fossas/fossa-cli). When I got this new system set up, I ran the instructions on our HACKING.md page and immediately tried to build. This failed because I didn't have `llvm` installed, so I `brew install llvm`'d, symlinked into `$PATH`, and tried again. This failed due to: ``` install_name_tool: error: unsupported load command (cmd=0x80000034) `install_name_tool' failed in phase `Install Name Tool'. (Exit code: 1)
  • A note from our sponsor - SaaSHub
    www.saashub.com | 9 May 2024
    SaaSHub helps you find the best software and product alternatives Learn more →

Stats

Basic fossa-cli repo stats
3
1,220
9.1
2 days ago

fossas/fossa-cli is an open source project licensed under Mozilla Public License 2.0 which is an OSI approved license.

The primary programming language of fossa-cli is Haskell.

Popular Comparisons

  1. fossa-cli VS logseq
  2. fossa-cli VS memfault-firmware-sdk
  3. fossa-cli VS firefly
  4. fossa-cli VS bonito
  5. fossa-cli VS binaryen
  6. fossa-cli VS action-doctl
  7. fossa-cli VS zotero
  8. fossa-cli VS Mattermost
  9. fossa-cli VS Prisma
  10. fossa-cli VS ImgixSwift

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com