Skip to content
scanoss.app logo

scanoss.app

App
SCANOSS detects undeclared OSS components in your commits
By scanoss
78 installs
Add

Tags

 (2)
open-source-managementcontinuous-integration

Pricing

Open Source plan available.

The SCANOSS App reports presence of known Open Source software in your code that is not declared in your SBOM.json file.

When you install the application, an initial scan will be launched on the entire code of each repository where you have enabled the application. Once the scan is completed, declare your Open Source components in the SBOM.json file in the root folder. From that point, every commit including OSS code not declared will be raised as an issue.

Sample SBOM.json.

[
  {
    "component": "mycomponent",
    "type": "implementation",
    "comment": "This is your component"
  }
  {
    "component": "webhook",
    "type": "dependency",
    "comment": "This is an OSS component that you are using inside your component"
  }
]

IMPORTANT: Make sure that the repositories where you want to install this app have issues enabled. Otherwise the initial scan will not be reported.

Sample output

Supported languages

 (10)
JavaScript, Ruby, C++, Python, Perl, C, PHP, Java, Go, and C#

Resources

Plans and pricing

Open Source Projects
$0
  • Unlimited Public Repositories
  • Unlimited Collaborators
  • Scan limit: 5 files/day
  • (Limited Availability)

Next: Confirm your installation location

scanoss.app is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation

About

SCANOSS detects undeclared OSS components in your commits
By scanoss
78 installs

Tags

 (2)
open-source-managementcontinuous-integration

Pricing

Open Source plan available.

Supported languages

 (10)
JavaScript, Ruby, C++, Python, Perl, C, PHP, Java, Go, and C#

Resources