diff --git a/.github/workflows/fossa-license-scanning.yml b/.github/workflows/fossa-license-scanning.yml
new file mode 100644
index 00000000..e291514c
--- /dev/null
+++ b/.github/workflows/fossa-license-scanning.yml
@@ -0,0 +1,25 @@
+name: FOSSA License Scanning
+
+on:
+    push:
+      branches:
+        - main
+    pull_request:
+
+jobs:
+  fossa-scan:
+    if: github.repository_owner == 'kubeflow' # FOSSA is not intended to run on forks.
+    runs-on: ubuntu-latest
+    env:
+      # push-only token, intentional; see https://github.com/fossa-contrib/fossa-action?tab=readme-ov-file#push-only-api-token
+      # this also how other CNCF projects are doing e.g. https://github.com/cncf/foundation/issues/109
+      FOSSA_API_KEY: 80871bdd477c2c97f65e9822cae99d20 # This is a push-only token that is safe to be exposed.
+    steps:
+      - name: Checkout tree
+        uses: actions/checkout@v4
+
+      - name: Run FOSSA scan and upload build data
+        uses: fossas/fossa-action@v1.4.0
+        with:
+          api-key: ${{ env.FOSSA_API_KEY }}
+          project: "github.com/kubeflow/model-registry"
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 4f4ac85e..02ef869c 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -28,11 +28,6 @@ The make command shipped with Mac OSX (at the time of writing) is a bit old:
 ```
 % make --version
 GNU Make 3.81
-Copyright (C) 2006  Free Software Foundation, Inc.
-This is free software; see the source for copying conditions.
-There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
-PARTICULAR PURPOSE.
-
 This program built for i386-apple-darwin11.3.0
 ```