We just launched a new product version of the FossID Software Composition Analysis tool for the enterprise. Apart from a few bug fixes it includes some notable feature additions to the dependency analysis, the report creation interface, and to how integration can be made even easier.

Report creation interface

The interface for creating reports has gone through a face lift. After you have completed your scans the report creation interface now offers a cleaner experience as some options and combinations have been streamlined.

Reference CI/CD implementation

The product now includes a brand-new reference implementation for GitLab for how to use FossID in a CI/CD pipeline. The example detects newly introduced and unknown open source committed to development branches allowing identification before changes are merged to e.g. master.

Dependency analysis improvements

The dependency analysis functionality now presents a fuller granularity of results. Previous product versions omitted results below a certain threshold due to limitations in the open source tool returning the results to the FossID Web Application. This practice has been adjusted to present all results in all situations.

Extended package manager support

The 21.1-release has been extended to also support Yarn (Javascript) to its long list of package managers. FossID already supports Gradle (Java), Maven (Java), Bundler (Ruby), DotNet (DotNet), pip (Python), and npm (Javascript).

Let us help you with your open source compliance and security!

Consent

7 + 3 =