spdx-tool scans the source files to identify licenses used and it allows to update them in order to use the SPDX license format.
Cost / License
- Free
- Open Source (Apache-2.0)
Platforms
- Linux
- Windows
- Mac
- BSD
FOSSology Alternatives
FOSSology is described as 'Open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow' and is an app. There are more than 10 alternatives to FOSSology for a variety of platforms, including Linux, Windows, Mac, Web-based and SaaS apps. The best FOSSology alternative is spdx-tool, which is both free and Open Source. Other great apps like FOSSology are Vulert, ScanCode, Mend Bolt and Ninka.
Alternatives list
Vulert notifies you if a SECURITY ISSUE is found in any of the open-source software you use. No installation needed.
Cost / License
- Freemium
- Proprietary
Application type
Platforms
- Software as a Service (SaaS)
+2
ScanCode is a suite of utilities used to scan a codebase for license, copyright and other interesting information that can be discovered in files.
Cost / License
- Free
- Open Source
Platforms
- Mac
- Windows
- Linux
Mend Bolt is designed to provide real-time security alerts and compliance issues related to your open source dependencies. It operates within Azure DevOps or GitHub, enabling you to identify and address open source vulnerabilities promptly.
Cost / License
- Free
- Proprietary
Application type
Platforms
- Online
- Software as a Service (SaaS)
- GitHub
- Azure DevOps
- Microsoft Visual Studio
Ninka is a lightweight license identification tool for source code. It is sentence-based, and provides a simple way to identify open source licenses in a source code file. It is capable of identifying several dozen different licenses (and their variations).
Cost / License
- Free
- Open Source
Platforms
- Linux
Slic scans a codebase and identifies the license of each file. It can be extended to identify new licenses or change its detection of existing ones.
Cost / License
- Free
- Open Source
Platforms
- Mac
- Windows
- Linux
Licensee is a Ruby gem that automates the process of reading LICENSE files and compares their contents to known licenses using several strategies.
Cost / License
- Free
- Open Source
Platforms
- Mac
- Windows
- Linux
FOSSA offers automated license scanning, dependency analysis and reports at each commit. Get a process up an running in 60 seconds, without slowing down development.
Simplified license management of open source software for small organizations or departments.
Cost / License
- Paid
- Proprietary
Platforms
- Windows
- Linux
Mend.io offers the first AI native application security platform, purpose-built to secure AI-generated code and embedded AI components. Our unified platform enables companies to manage application risk effectively in modern software development.
Cost / License
- Paid
- Proprietary
Application type
Platforms
- Online
- Self-Hosted
- Software as a Service (SaaS)
vet is a tool for protecting against open source software supply chain attacks. To adapt to organizational needs, it uses an opinionated policy expressed as Common Expressions Language and extensive package security metadata including:
Cost / License
- Free
- Open Source (Apache-2.0)
Platforms
- Mac
- Linux
- Homebrew
OSS Deep Discovery scans source code as well as binaries to identify open source software and licenses, even when the open source code has been copied or modified.
Cost / License
- Paid
- Proprietary
Platforms
- Mac
- Windows
- Linux
United States
Israel
Canada
India