FOSSA and SCANOSS join forces to expose silent open source licence violations introduced by AI coding tools, bringing snippet-level visibility to AI-driven software development risks.
FOSSA has formed a technology partnership with SCANOSS to help organisations manage legal, copyright, and open source licence compliance risks arising from the use of AI coding tools. The partnership directly addresses intellectual property risks introduced by AI-generated code, an increasingly common component of modern software development workflows.
The collaboration combines SCANOSS’s snippet-level code detection and open source risk intelligence with FOSSA’s licence knowledgebase and established licence compliance management workflows. Together, the integration delivers deeper visibility into code components, enabling detection of open source similarity at the snippet level rather than only at the file or package level. This allows engineering, legal, and compliance teams to identify potential licence violations, missing attribution, and copyright exposure introduced silently through AI-generated code, without slowing development velocity.
The partnership comes as AI-generated code becomes deeply embedded in everyday development. GitHub reports that in files where GitHub Copilot is enabled, nearly 40% of the code is written by the tool, particularly in languages such as Python. At the same time, the Software Transparency Foundation has found that 1–5% of LLM-generated code is highly similar to existing open source, with up to approximately 30% showing some degree of overlap under permissive similarity measures.
“As a growing number of engineering teams adopt AI coding tools, we’ve heard concerns from many of our customers about the license compliance implications,” said Kevin Wang, CEO of FOSSA. “Combining SCANOSS’ snippet detection techniques with our deep license knowledgebase and proven license compliance management workflows gives FOSSA users a powerful solution to manage IP risks without slowing development.”
Alan Facey, CEO of SCANOSS, added, “Partnering with FOSSA amplifies our role as a trusted data provider at the heart of the open source ecosystem… Together, we can deliver richer, more accessible insights that help developers, maintainers, and toolmakers thrive.”
The partnership positions open source intelligence as critical infrastructure for responsible AI adoption, signalling a shift towards proactive, data-driven open source governance in the age of AI coding assistants.
