fossa ☆

« Back to VersTracker

Description:
Zero-configuration polyglot dependency analysis tool

Type: Cask | Latest Version: 3.16.7@0 | Tracked Since: Dec 17, 2025

Links: Homepage | @fossa | formulae.brew.sh

Category: Developer tools

Tags: dependency-management security license-compliance devops sbom sca

Install: brew install --cask fossa

About:
Fossa is a command-line interface tool that automates software composition analysis for modern development workflows. It scans codebases to identify all dependencies across multiple package managers and languages, then checks them against vulnerability databases and license compliance databases. The tool integrates with CI/CD pipelines to provide automated reporting and policy enforcement, helping teams manage security risks and legal compliance without complex configuration.

Key Features:

Multi-language dependency scanning (supports 20+ package managers)
Automated license compliance detection and reporting
Vulnerability scanning with continuous monitoring
CI/CD integration for policy enforcement
No-configuration setup with automatic project detection

Use Cases:

Continuous security monitoring in CI/CD pipelines
Open source license compliance auditing for legal teams
Dependency inventory and risk assessment for engineering managers
SBOM (Software Bill of Materials) generation for regulatory requirements

Alternatives:

Snyk – Snyk focuses more on security vulnerabilities, while FOSSA provides stronger license compliance and broader dependency management
Dependabot – Dependabot is GitHub-native and focuses on dependency updates, while FOSSA offers enterprise-grade compliance and multi-language support
Sonatype – Sonatype is enterprise-focused with higher complexity, while FOSSA offers easier setup and developer-friendly workflows

Version History

Detected	Version	Change	Commit
Apr 2, 2026 10:02pm	3.16.7	VERSION_BUMP	58b47f63
Mar 31, 2026 10:16am	3.16.6	VERSION_BUMP	70242953
Mar 23, 2026 7:08pm	3.16.5	VERSION_BUMP	e88d0ddd
Mar 20, 2026 7:04pm	3.16.4	VERSION_BUMP	e3a2f84e
Mar 19, 2026 7:06pm	3.16.3	VERSION_BUMP	30d87cc4
Mar 10, 2026 7:08pm	3.16.2	VERSION_BUMP	f51993c2
Mar 9, 2026 7:07pm	3.16.1	VERSION_BUMP	a2a718f3
Feb 23, 2026 4:06pm	3.16.0	VERSION_BUMP	971912b6
Feb 20, 2026 9:55pm	3.15.9	VERSION_BUMP	3b2fe1e1
Feb 19, 2026 4:08pm	3.15.8	VERSION_BUMP	f30cc16f
Feb 12, 2026 10:06pm	3.15.7	VERSION_BUMP	8af043a3
Feb 12, 2026 1:15am	3.15.6	VERSION_BUMP	3407bf25
Jan 29, 2026 7:02am	3.15.5	VERSION_BUMP	2c11eb95
Jan 16, 2026 7:20pm	3.15.4	VERSION_BUMP	fb4fac6d
Jan 12, 2026 9:56pm	3.15.3	VERSION_BUMP	1332cfd0
Jan 7, 2026 7:04pm	3.15.2	VERSION_BUMP	4500eb45
Sep 17, 2025 1:18am	3.11.10	VERSION_BUMP	6e7b8d55
Sep 11, 2025 9:58pm	3.11.9	VERSION_BUMP	ece1fc41
Sep 10, 2025 2:42am	3.11.8	VERSION_BUMP	f23fcbef
Aug 30, 2025 1:05am	3.11.7	VERSION_BUMP	341c3b93
Aug 27, 2025 9:57pm	3.11.6	VERSION_BUMP	31fb2fec
Aug 23, 2025 1:12am	3.11.5	VERSION_BUMP	728d021a
Aug 19, 2025 9:58pm	3.11.3	VERSION_BUMP	34c82c51
Aug 15, 2025 9:54pm	3.11.2	VERSION_BUMP	aea8c979
Aug 14, 2025 4:16am	3.11.1	VERSION_BUMP	1effa1ea
Aug 11, 2025 7:03pm	3.11.0	VERSION_BUMP	debdd7d3
Aug 7, 2024 6:50pm	3.9.30	VERSION_BUMP	2b8de2b8
Aug 6, 2024 9:36pm	3.9.29	VERSION_BUMP	ddf63578
Jul 11, 2024 9:38pm	3.9.25	VERSION_BUMP	e96c8f9c
Jun 25, 2024 12:46am	3.9.23	VERSION_BUMP	326e1831
Mar 28, 2024 6:36pm	3.9.9	VERSION_BUMP	94447e04
Feb 16, 2024 12:02am	3.9.5	VERSION_BUMP	988727ae
Feb 15, 2024 3:31am	3.9.4	VERSION_BUMP	3ef0e18c
Feb 12, 2024 6:34pm	3.9.2	VERSION_BUMP	6b461bba
Jan 25, 2024 12:47am	3.8.33	VERSION_BUMP	ac349d2d
Jan 24, 2024 12:44am	3.8.32	VERSION_BUMP	3b4c30ac
Jan 22, 2024 9:31pm	3.8.31	VERSION_BUMP	b5431934
Jan 12, 2024 3:32am	3.8.30	VERSION_BUMP	93dc4be4
Jan 4, 2024 6:35pm	3.8.29	VERSION_BUMP	51f35079
Dec 12, 2023 9:32pm	3.8.26	VERSION_BUMP	2f2db399
Nov 27, 2023 3:00pm	3.8.23	VERSION_BUMP	db7b481f
Nov 15, 2023 9:33pm	3.8.21	VERSION_BUMP	e36f79db
Nov 2, 2023 11:58am	3.8.20	VERSION_BUMP	c309cd99
Oct 28, 2023 5:05am	3.8.19	VERSION_BUMP	f489650c