Skip to main content

ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts. scancode-toolkit-mini is a special build that does not come with pre-built binary dependencies by default. These are instead installed separately or with the extra_requires scancode-toolkit-mini[full]

Project description

A typical software project often reuses hundreds of third-party packages. License and packages, dependencies and origin information is not always easy to find and not normalized: ScanCode discovers and normalizes this data for you.

Read more about ScanCode here: https://scancode-toolkit.readthedocs.io/.

Check out the code at https://github.com/nexB/scancode-toolkit

Discover also:

Build and tests status

We run 30,000+ tests on each commit on multiple CIs to ensure a good platform compabitility with multiple versions of Windows, Linux and macOS.

Azure

RTD Build

GitHub actions Docs

GitHub actions Release

Azure tests status (Linux, macOS, Windows)

Documentation Status

Documentation Tests

Release tests

Why use ScanCode?

  • As a standalone command-line tool, ScanCode is easy to install, run, and embed in your CI/CD processing pipeline. It runs on Windows, macOS, and Linux.

  • ScanCode is used by several projects and organizations such as the Eclipse Foundation, OpenEmbedded.org, the FSFE, the FSF, OSS Review Toolkit, ClearlyDefined.io, RedHat Fabric8 analytics, and many more.

  • ScanCode detects licenses, copyrights, package manifests, direct dependencies, and more both in source code and binary files and is considered as the best-in-class and reference tool in this domain, re-used as the core tools for software composition data collection by several open source tools.

  • ScanCode provides the most accurate license detection engine and does a full comparison (also known as diff or red line comparison) between a database of license texts and your code instead of relying only on approximate regex patterns or probabilistic search, edit distance or machine learning.

  • Written in Python, ScanCode is easy to extend with plugins to contribute new and improved scanners, data summarization, package manifest parsers, and new outputs.

  • You can save your scan results as JSON, YAML, HTML, CycloneDX or SPDX or even create your own format with Jinja templates.

  • You can also organize and run ScanCode server-side with the companion ScanCode.io web app to organize and store multiple scan projects including scripted scanning pipelines.

  • ScanCode output data can be easily visualized and analysed using the ScanCode Workbench desktop app.

  • ScanCode is actively maintained, has a growing users and contributors community.

  • ScanCode is heavily tested with an automated test suite of over 20,000 tests.

  • ScanCode has an extensive and growing documentation.

  • ScanCode can process packages, build manifest and lockfile formats to collect Package URLs and extract metadata: Alpine packages, BUCK files, ABOUT files, Android apps, Autotools, Bazel, JavaScript Bower, Java Axis, MS Cab, Rust Cargo, Cocoapods, Chef Chrome apps, PHP Composer and composer.lock, Conda, CPAN, Debian, Apple dmg, Java EAR, WAR, JAR, FreeBSD packages, Rubygems gemspec, Gemfile and Gemfile.lock, Go modules, Haxe packages, InstallShield installers, iOS apps, ISO images, Apache IVY, JBoss Sar, R CRAN, Apache Maven, Meteor, Mozilla extensions, MSI installers, JavaScript npm packages, package-lock.json, yarn.lock, NSIS Installers, NugGet, OPam, Cocoapods, Python PyPI setup.py, setup.cfg, and several related lockfile formats, semi structured README files such as README.android, README.chromium, README.facebook, README.google, README.thirdparty, RPMs, Shell Archives, Squashfs images, Java WAR, Windows executables and the Windows registry and a few more. See all available package parsers for the exhaustive list.

See our roadmap for upcoming features.

Documentation

The ScanCode documentation is hosted at scancode-toolkit.readthedocs.io.

If you are new to visualization of scancode results data, start with our newcomer page.

If you want to compare output changes between different versions of ScanCode, or want to look at scans generated by ScanCode, review our reference scans.

Other Important Documentation Pages:

See also https://aboutcode.org for related companion projects and tools.

Installation

Before installing ScanCode make sure that you have installed the prerequisites properly. This means installing Python 3.8 for x86/64 architectures. We support Python 3.8, 3.9, 3.10, 3.11 and 3.12.

See prerequisites for detailed information on the support platforms and Python versions.

There are a few common ways to install ScanCode.

Quick Start

After ScanCode is installed successfully you can run an example scan printed on screen as JSON:

scancode -clip --json-pp - samples

Follow the How to Run a Scan tutorial to perform a basic scan on the samples directory distributed by default with ScanCode.

See more command examples:

scancode --examples

See How to select what will be detected in a scan and How to specify the output format for more information.

You can also refer to the command line options synopsis and an exhaustive list of all available command line options.

Archive extraction

By default ScanCode does not extract files from tarballs, zip files, and other archives as part of the scan. The archives that exist in a codebase must be extracted before running a scan: extractcode is a bundled utility behaving as a mostly-universal archive extractor. For example, this command will recursively extract the mytar.tar.bz2 tarball in the mytar.tar.bz2-extract directory:

./extractcode mytar.tar.bz2

See all extractcode options and how to extract archives for details.

Support

If you have a problem, a suggestion or found a bug, please enter a ticket at: https://github.com/nexB/scancode-toolkit/issues

For discussions and chats, we have:

  • an official Gitter channel for web-based chats. Gitter is now accessible through Element or an IRC bridge. There are other AboutCode project-specific channels available there too.

  • The discussion channel for scancode specifically aimed at users and developers using scancode-toolkit.

Source code and downloads

License

  • Apache-2.0 as the overall license

  • CC-BY-4.0 for reference datasets (initially was in the Public Domain).

  • Multiple other secondary permissive or copyleft licenses (LGPL, MIT, BSD, GPL 2/3, etc.) for third-party components and test suite code and data.

See the NOTICE file and the .ABOUT files that document the origin and license of the third-party code used in ScanCode for more details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

scancode-toolkit-mini-32.2.1.tar.gz (15.2 MB view details)

Uploaded Source

Built Distributions

scancode_toolkit_mini-32.2.1-cp312-none-any.whl (113.3 MB view details)

Uploaded CPython 3.12

scancode_toolkit_mini-32.2.1-cp311-none-any.whl (113.3 MB view details)

Uploaded CPython 3.11

scancode_toolkit_mini-32.2.1-cp310-none-any.whl (113.3 MB view details)

Uploaded CPython 3.10

scancode_toolkit_mini-32.2.1-cp39-none-any.whl (113.3 MB view details)

Uploaded CPython 3.9

scancode_toolkit_mini-32.2.1-cp38-none-any.whl (113.3 MB view details)

Uploaded CPython 3.8

File details

Details for the file scancode-toolkit-mini-32.2.1.tar.gz.

File metadata

File hashes

Hashes for scancode-toolkit-mini-32.2.1.tar.gz
Algorithm Hash digest
SHA256 2a93e90b0797696bb2247fe8230e155d3fb0124408426b885b35bbf52854a00e
MD5 2d834145ac4167496973fff9c70627dc
BLAKE2b-256 52212e8e21c0413212d4c5457b1d1811691dc344b38b62429e995cf5f8e3218d

See more details on using hashes here.

Provenance

File details

Details for the file scancode_toolkit_mini-32.2.1-cp312-none-any.whl.

File metadata

File hashes

Hashes for scancode_toolkit_mini-32.2.1-cp312-none-any.whl
Algorithm Hash digest
SHA256 2d1832b2458cf3e43a21721e09cd228834d4d05d5abde7bd430f447efd180feb
MD5 4d05a4767b3183d616c5a643f4970f31
BLAKE2b-256 ddea685b3a7e1427a34433e24e3b494534fe8595f4c3678cac275bab1204ca71

See more details on using hashes here.

Provenance

File details

Details for the file scancode_toolkit_mini-32.2.1-cp311-none-any.whl.

File metadata

File hashes

Hashes for scancode_toolkit_mini-32.2.1-cp311-none-any.whl
Algorithm Hash digest
SHA256 d6d791d75f797107fd19b97e48754376b5d7ab8d847a4b2e5a8538f9c578b7ad
MD5 5a6b1340e886f0f57145e9dd38eb0f95
BLAKE2b-256 29725f6cce8d3a9a503a658535b22dbcd41c8cd2f59a625da1ffd0e2b2a6f98f

See more details on using hashes here.

Provenance

File details

Details for the file scancode_toolkit_mini-32.2.1-cp310-none-any.whl.

File metadata

File hashes

Hashes for scancode_toolkit_mini-32.2.1-cp310-none-any.whl
Algorithm Hash digest
SHA256 fe7c76f8fdb4ba91c0c0b159f86b423cab680b8e7bf5dd443163bcc8cb43ace3
MD5 cf7a81f58d824a095acb3e100ffb6dba
BLAKE2b-256 189d5a7fb8142b159739e0aef0a857317bfd87f3f381d27c6d33017525dc8a73

See more details on using hashes here.

Provenance

File details

Details for the file scancode_toolkit_mini-32.2.1-cp39-none-any.whl.

File metadata

File hashes

Hashes for scancode_toolkit_mini-32.2.1-cp39-none-any.whl
Algorithm Hash digest
SHA256 6b2b3f6900b2edc59fe6ebcae50916e910dfe18857f9375cfd6a436ace1c4993
MD5 6d59b9c71a4f5c4fdf28c82f9ae50188
BLAKE2b-256 3e3b6bfc6238736102e7e66f426fd7256ed72f811d4236e237af691a9fc25522

See more details on using hashes here.

Provenance

File details

Details for the file scancode_toolkit_mini-32.2.1-cp38-none-any.whl.

File metadata

File hashes

Hashes for scancode_toolkit_mini-32.2.1-cp38-none-any.whl
Algorithm Hash digest
SHA256 e038deecad2e88523f8e3f76de4f0b1f3e9faa5014ab46ba0eaca01bf1cf8bd6
MD5 df605995aa48ec7903e1a9d8c8420907
BLAKE2b-256 e98a619a66773015f7c06d0c42efb5f6b77dce0a82357586bb8ebbb579f5e43d

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page