Archive

Read about and watch videos on AboutCode projects, open source, SBOMs, vulnerabilities, licensing, SCA, compliance, and more.

atom and chen join AboutCode

python-inspector: Easily resolve Python dependencies

Manage your organization’s Usage Policies in DejaCode

Open Source Software Supply Chain: FOSS for FOSS

Practical License Detection for Organizations

FOSS Daily for licensing “hygiene” and vulnerability compliance

PURLs of Wisdom: Universal software package identification

Non-Vulnerable Dependency Resolution

Tooling in software supply chain management

Standardizing FOSS package identifiers using PURL

Track your software, and ensure compliance with DejaCode

ScanCode LicenseDB: 2,000+ licenses curated in a public database

Software Composition Analysis for Software Supply Chain Security

What is a Dual License Anyway?

FOSDEM Recap: FOSDEM 2023 partial event report

Technical deep dive into VulnerableCode v31 and VulnTotal

VulnTotal: Validate vulnerability coverage of VulnerableCode

SCA the FOSS Way – Part 1: Software Composition Analysis

Do you really need to update the copyright statement each new year?

VulnerableCode v31 expands vulnerability coverage

There and back again: A software versioning story

Providing Clarity on License Clarity Scoring in ScanCode

VulnerableCode: Find FOSS vulnerabilities, improve FOSS security

VulnerableCode v30 publicly available with new UI and API access

Finding FOSS software vulnerabilities with FOSS tools

Scanning Docker images with ScanCode.io

A vulnerability database should not be about vulnerabilities!

Identifying packages and vulnerabilities across ecosystems

Google Summer of Code: Open source SCA tools with AboutCode

Software Bill of Materials and Software Composition Analysis

Updates on open source scanning with ScanCode

nexB on GPL 3.0 and Related License Compliance Issues

Using Copyleft-licensed software components in a Java application

FOSS and Third Party Software Compliance for Small Businesses

Building the FOSS security commons to identify vulnerabilities

Exploring the state of open source licensing clarity

Introducing FetchCode: A smart code downloader

Why is there no free software vulnerability database?

Importance of snippet matching for software provenance analysis

Making Sense of So Many License Compliance Tools

License Compliance is Like Saying Thank You for a Gift

How much documentation for a software project?

ScanCode: Open source scanning solution to identify licenses

The future of package management

Meet PURL: a “mostly” universal software package URL

What are the membership levels in the Linux Foundation?

Open Source Stack Exchange: Can a team be a copyright holder?

Is a page that contains Javascript considered redistribution?

Wix vs. WordPress and what we can learn about the GPL

Software Dependencies: A not-too-technical guide

What are the Benefits of Using Open Source Software?

What is Open Source Software (OSS)? And Is It Free to Use?

Best Practices for Open Source Software (OSS) Attribution

OSS Attribution Case Study: DataTables and Healthcare.gov

Ready to automate open compliance?

Archive

atom and chen join AboutCode

python-inspector: Easily resolve Python dependencies

Manage your organization’s Usage Policies in DejaCode

Open Source Software Supply Chain: FOSS for FOSS

Practical License Detection for Organizations

FOSS Daily for licensing “hygiene” and vulnerability compliance

PURLs of Wisdom: Universal software package identification

Non-Vulnerable Dependency Resolution

Tooling in software supply chain management

Standardizing FOSS package identifiers using PURL

Track your software, and ensure compliance with DejaCode

ScanCode LicenseDB: 2,000+ licenses curated in a public database

Software Composition Analysis for Software Supply Chain Security

What is a Dual License Anyway?

FOSDEM Recap: FOSDEM 2023 partial event report

Technical deep dive into VulnerableCode v31 and VulnTotal

VulnTotal: Validate vulnerability coverage of VulnerableCode

SCA the FOSS Way – Part 1: Software Composition Analysis

Do you really need to update the copyright statement each new year?

VulnerableCode v31 expands vulnerability coverage

There and back again: A software versioning story

Providing Clarity on License Clarity Scoring in ScanCode

VulnerableCode: Find FOSS vulnerabilities, improve FOSS security

VulnerableCode v30 publicly available with new UI and API access

Finding FOSS software vulnerabilities with FOSS tools

Scanning Docker images with ScanCode.io

A vulnerability database should not be about vulnerabilities!

Identifying packages and vulnerabilities across ecosystems

Google Summer of Code: Open source SCA tools with AboutCode

Software Bill of Materials and Software Composition Analysis

Updates on open source scanning with ScanCode

nexB on GPL 3.0 and Related License Compliance Issues

Using Copyleft-licensed software components in a Java application

FOSS and Third Party Software Compliance for Small Businesses

Building the FOSS security commons to identify vulnerabilities

Exploring the state of open source licensing clarity

Introducing FetchCode: A smart code downloader

Why is there no free software vulnerability database?

Importance of snippet matching for software provenance analysis

Making Sense of So Many License Compliance Tools

License Compliance is Like Saying Thank You for a Gift

How much documentation for a software project?

ScanCode: Open source scanning solution to identify licenses

The future of package management

Meet PURL: a “mostly” universal software package URL

What are the membership levels in the Linux Foundation?

Open Source Stack Exchange: Can a team be a copyright holder?

Is a page that contains Javascript considered redistribution?

Wix vs. WordPress and what we can learn about the GPL

Software Dependencies: A not-too-technical guide

What are the Benefits of Using Open Source Software?

What is Open Source Software (OSS)? And Is It Free to Use?

Best Practices for Open Source Software (OSS) Attribution

OSS Attribution Case Study: DataTables and Healthcare.gov

Ready to automate open compliance?

Request a demo of the AboutCode stack.

Open source for open source.