Introducing SCANOSS Pre-commit Hooks Integration
- Giuliana Bruni
- 2 days ago
- 2 min read
Bring Open Source Transparency to Every Commit

At SCANOSS, we believe that open source compliance and transparency should be integrated into the developer workflow – not bolted on at the end. That’s why we’re excited to announce the official SCANOSS integration with pre-commit hooks – a simple way to scan your code before you commit.
This integration adds SCANOSS to your version control layer using the popular pre-commit framework, helping teams identify and manage open source risks at the point of creation – not during audits or release freezes.
Why it matters
In fast-paced DevSecOps environments, developers are expected to move quickly, but compliance and governance requirements are not going away. In fact, they’re becoming more complex.
Waiting until the end of the development cycle to address open source risks introduces uncertainty, technical debt, and often missed licence obligations. Pre-commit hooks give teams an immediate way to embed trust and transparency into their existing workflows.
This aligns with our broader approach to DevSecOps, which we detail in Where SCANOSS Fits in DevSecOps. Pre-commit scanning is the first step to ensuring visibility from the very beginning.
What it does
The SCANOSS pre-commit integration introduces a dedicated hook:
scanoss-check-undeclared-code
This hook checks for potentially undeclared open source software in any staged files before they are committed. It can be run during pre-commit, pre-push, or manually.
That’s it – SCANOSS will now scan your code on each commit, flagging undeclared open source components in real time.
How it helps you
This integration is about helping developers, not slowing them down.
For developers, it’s fast and transparent – no need to switch tools or add steps.
For legal and compliance teams, it brings visibility to open source risks as early as possible.
For organisations, it lays the foundation for building SBOMs from the first commit – not at the last minute.
The SCANOSS pre-commit hook integration is open source, flexible, and easy to adopt. It’s another step in our mission to bring full lifecycle transparency to the software you build.
Ready to give it a try? Check out our GitHub repo to get started.