Skip to main content

Automate open source license compliance and ensure supply chain integrity

Project description

DejaCode is a complete enterprise-level application to automate open source license compliance and ensure software supply chain integrity, powered by ScanCode, the industry-leading code scanner.

  • Run scans and track all the open source and third-party products and components used in your software.

  • Apply usage policies at the license or component level, and integrate into ScanCode to ensure compliance.

  • Capture software inventories (SBOMs), generate compliance artifacts, and keep historical data.

  • Ensure FOSS compliance with enterprise-grade features and integrations for DevOps and software systems.

  • Scan a software package, simply by providing its Download URL, to get comprehensive details of its composition and create an SBOM.

  • Load software package data into DejaCode with the integration for the open source ScanCode.io and ScanCode Toolkit projects to create a product’s SBOM.

  • Track and report vulnerability tracking and reporting by integrating with the open source VulnerableCode project.

  • Create, publish and share SBOM documents in DejaCode, including detailed attribution documentation and custom reports in multiple file formats and standards, such as CycloneDX and SPDX.

Getting started

The DejaCode documentation is available here: https://dejacode.readthedocs.io/

If you have questions please ask them in Discussions.

If you want to contribute to DejaCode, start with our Contributing page.

Build and tests status

Tests

Documentation

CI Tests Status

Documentation Build Status

DejaCode License Notice

DejaCode is an enterprise-level application to automate open source license compliance and ensure software supply chain integrity, powered by ScanCode, the industry-leading code scanner.

SPDX-License-Identifier: AGPL-3.0-only

Copyright (c) nexB Inc.

This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, version 3 of the License.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program. If not, see <https://www.gnu.org/licenses/>.

Commercial License option

DejaCode is offered under a nexB commercial license as an alternative. You can learn more about this option by contacting us at https://www.nexb.com/contact-us/

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dejacode-5.0.0.tar.gz (15.3 kB view details)

Uploaded Source

File details

Details for the file dejacode-5.0.0.tar.gz.

File metadata

  • Download URL: dejacode-5.0.0.tar.gz
  • Upload date:
  • Size: 15.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.10.13

File hashes

Hashes for dejacode-5.0.0.tar.gz
Algorithm Hash digest
SHA256 f01cc2215e048ae55ae8464d511402eb3d0d3a5c03b773c853bb56c64101eaa8
MD5 7a468735c807551c79a3aabe84413fe9
BLAKE2b-256 e88db550d92a81b3d9b0b405edd011442cf88cfd50d2c859ff2b279cd485a63a

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page