This looks great, alas I am unable to test it.<p>When I try to sign up, they want write access to my repos, to the org repos I am a member off, etc.
Let's make this clear: I am not giving to anyone write access to my repos and certainly not to other people repos. Read permissions should be enough. You want to add something to my repo? Do a PR.<p>So what remains, is to test the command line app without using the online service. But the documentation is bad, so I am not able to do that either. No docs for scala, when trying with go, I get cryptic errors, like 'no supported Go build tools detected' until I install a third party go binary (godep or govendor) and 'could not find Go project folder (maybe your Go build tool is not supported?)'.<p>The idea is great, the execution needs some work.
I like that FOSSA scans FOSSA. Here's the link from the "license scan" badge on github: <a href="https://app.fossa.io/projects/git%2Bgithub.com%2Ffossas%2Ffossa-cli/refs/branch/master/abc139975f7d6e9d8b43648782065bec02a9ffd3" rel="nofollow">https://app.fossa.io/projects/git%2Bgithub.com%2Ffossas%2Ffo...</a>
Impressive work. It takes courage to tackle the over-complicated compliance area - a headache to a lot of startup owners including myself. Thanks for simplifying the annoying compliance verification & maintenance processes and make it accessible to everyone.
Nice looking website! I believe i've encountered some broken links:<p>- the <i>"Upload Build Scan"</i> button links to Readme on Github, is it intentional?<p>- GitLab logo (under "<i>WORKFLOW TOOLS</i>") links to Bitbucket/Stash docs instead of <a href="https://fossa.io/docs/integrating-tools/gitlab/" rel="nofollow">https://fossa.io/docs/integrating-tools/gitlab/</a><p>And the constantly changing window title ("<i>Kevin says…</i>") makes me want to close the tab. Also:<p><i>> Install the latest Github Release using curl</i><p>Nope.
I don't get it - looking at the example at <a href="https://github.com/fossas/fossa-cli?top#quick-start" rel="nofollow">https://github.com/fossas/fossa-cli?top#quick-start</a> - that's hardly more telling than looking at the original dependency file?<p>Maybe there should be a (more prominent?) link to that rich, hosted example report :)
> for any codebase<p>> Supports over 15+ languages & environments (JavaScript, Java, Ruby, Golang, PHP, etc...)<p>The title here is overly broad, bordering on click bait. I suggest it be edited to "for several popular languages".
Step One: Get low level developers to upload evidence of major corporate license violations to your server.<p>Step Two: Sell evidence to legal firms.<p>Step Three: Profit.<p>This seems very risky from a company perspective.