FOSSA Inc., an open-source compliance and security platform, today announced it has acquired the developer tool community platform StackShare for an undisclosed amount, bringing on board 1.5 million registered users.

As a software company, Fossa specializes in open-source risk management by offering solutions for license scanning, compliance automation and vulnerability management. It allows businesses to ensure secure and compliant development while orchestrating safer software supply chains.

FOSSA has developed one of the most popular dependency command-line interface analysis tools on GitHub, with more than 1.75 million downloads. It has raised more than $38 million in total funding to date.

StackShare is a developer community committed to bringing together like-minded experts for practical discussions around developer and security tools. FOSSA Chief Executive Kevin Wang said he believes that’s of utmost priority in the industry where open-source development is dominated by ever-changing code and a mishmash of participants.

“Developer tools is a constantly changing landscape — and over the years, many segments (especially security-oriented developer tools) have become incredibly confusing to navigate,” Wang said in the announcement. “For free and OSS tools, there are constantly new paradigms, trends, and patterns to keep up with.”

According to StackShare, since the platform’s launch in 2014, it has brought on more than 1.5 million registered users, who have shared more than 1 million “stack profiles.” The site has also been used by more than 40 million developers looking for answers to questions about open-source tooling.

“FOSSA believes continuing to invest in this community is critical — for healthy discussions between developers, practitioners and customers,” added Wang.

Wang explained that it’s important that developers gain the expertise of other developers when it comes to toolchains because they tend to adopt tools democratically, but often in a fragmented way. At the same time, developer toolchains are a natural target of attackers and other cyber threats such as supply chain attacks, making vulnerabilities and exploits a critical issue for any business.

One particular focus of FOSSA is SBOM formats, or software bills of materials, which are used for keeping inventory of where software came from and how it’s integrated into systems. These formats are being constantly updated with new technologies including artificial intelligence training data, infrastructure and more. According to the company, broad access to developer expertise is necessary to stay ahead of shifting industry standards.

“With FOSSA’s decade of open-source analysis and research at scale combined with StackShare’s community, we see an opportunity to contribute the largest public knowledge base and community of software supply chain metadata across a variety of dimensions,” said Wang.

Image: FOSSA