GITHUB APP is SCANOSS’ Github Marketplace app. It reports the presence of known Open Source Software in your code that is not declared in your oss_assets.json file.

Get in touch
Github app SCANOSS Open SOurce code scanning

How does it work

Using our GitHub app to continuously scan for open source code

  • Once installed in a GitHub whenever a developer pushes code, performs a scan

  • also performs an initial scan of the entire repository with the first commit to the repository (shown in an issue)

  • The results of every commit scan have two outputs.

  • 1. creates a comment in the commit with the result of the scan

  • 2. sets the build status to ‘failed’ if the scan finds OSS that is not declared in oss_assets.json (else: success)

Declaring OSS components

Once the scan is done, you can declare OSS assets in oss_assets.json

Setting up

The setup page allows you to configure your plan & re-scan repositories

  • You can access this page as part of your purchase. Existing customer? Go here.

Whitepaper: Standardizing Open Source Inventorying

It’s time to reinvent Software Composition Analysis (SCA) with an Open Source inventorying platform aimed at modern DevOps environments.

Download eBook
SCANOSS eBook Standardizing Open Source Inventorying

Find our GitHub app in the Marketplace

And be sure to give it a try.

GitHub Marketplace

Ready to facilitate the next wave of Open Source adoption?

Get in touch

Looking for more informations?
Download our OSS whitepaper.