FOSSA

fossa · v3.17.4

5

7.0

Zero-configuration polyglot dependency analysis tool

Developer Tools Homepage →

brew install --cask fossa

Compare with: vs. Claude DevTools vs. Consul vs. CodeQL vs. MongoDB Compass

62

30-day installs

167

90-day installs

635

365-day installs

Install trend

Trust Score 5/10

✗ Open source (NOASSERTION) +0

✓ Active development +2

✓ Licensed +1

✗ No auto-updates +0

✓ Not deprecated +1

✓ Established (>1yr) +1

✗ Low installs +0

Version History

v3.17.4

today3.17.3→3.17.4

6d ago3.17.2→3.17.3

9d ago3.16.6→3.17.2

1mo ago3.16.5→3.16.6

1mo ago3.16.4→3.16.5

1mo ago3.16.3→3.16.4

1mo ago3.16.2→3.16.3

Review

Mar 10, 2026

FOSSA is a powerful dependency analysis tool that supports multiple languages and build systems. It helps developers track licenses, identify vulnerabilities, and manage dependencies efficiently.

FOSSA analyzes project dependencies, identifies vulnerabilities, and tracks open-source licenses.

Maturity: The project is mature with active development and regular updates.

Community: Hacker News mentions indicate interest in FOSSA's capabilities for dependency management and code review, though some discussions are older.

Pros

+ Zero-configuration setup simplifies integration into development workflows.
+ Supports over 20 build systems, making it versatile for various projects.
+ Integrates seamlessly with CI/CD pipelines for automated dependency checks.

Cons

- Lacks auto-update functionality, requiring manual checks for updates.
- Written in Haskell, which might be less familiar to some developers.

GitHub

1.5k

Stars

194

Forks

83

Issues

NOASSERTION

License

HaskellLast commit: Mar 10, 2026

Community Mentions

hackernews

Oct 2025 Fossabot: AI code review for Dependabot/Renovate on breaking changes and impacts

hackernews

Apr 2020 Lubuntu Linux 20.04 LTS (Focal Fossa)

hackernews

Apr 2020 Ubuntu 20.04 LTS (Focal Fossa)

hackernews

Mar 2018 Show HN: Fossa-cli – Fast and reliable dependency analysis for any codebase

hackernews

Feb 2017 Show HN: FOSSA – Effortlessly track and comply with open source licenses

Positive sentiment Negative sentiment Neutral / unknown

Similar apps

View all alternatives →

Claude DevTools

claude-devtools

Visualise and analyse Claude Code session executions

Developer Tools 678 installs/mo

Consul

consul

Tool for service discovery, monitoring and configuration

Developer Tools 218 installs/mo

CodeQL

codeql

Semantic code analysis engine

Developer Tools 572 installs/mo

MongoDB Compass

mongodb-compass

Interactive tool for analyzing MongoDB data

Developer Tools 2.8K installs/mo

flox

flox

Manages environments across the software lifecycle

Developer Tools 170 installs/mo

Dash

dash

API documentation browser and code snippet manager

Developer Tools 175 installs/mo