ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts.
Project description
A typical software project often reuses hundreds of third-party packages. License and origin information is not always easy to find and not normalized: ScanCode discovers and normalizes this data for you.
Read more about ScanCode here: scancode-toolkit.readthedocs.io.
Why use ScanCode?
As a standalone command-line tool, ScanCode is easy to install, run, and embed in your CI/CD processing pipeline. It runs on Windows, macOS, and Linux.
ScanCode is used by several projects and organizations such as the Eclipse Foundation, OpenEmbedded.org, the FSFE, the FSF, OSS Review Toolkit, ClearlyDefined.io, RedHat Fabric8 analytics, and many more.
ScanCode detects licenses, copyrights, package manifests, direct dependencies, and more both in source code and binary files.
ScanCode provides the most accurate license detection engine and does a full comparison (also known as diff or red line comparison) between a database of license texts and your code instead of relying only on approximate regex patterns or probabilistic search, edit distance or machine learning.
Written in Python, ScanCode is easy to extend with plugins to contribute new and improved scanners, data summarization, package manifest parsers, and new outputs.
You can save your scan results as JSON, HTML, CSV or SPDX. And you can use the companion ScanCode workbench GUI app to review and display scan results, statistics and graphics.
ScanCode is actively maintained, has a growing users and contributors community.
ScanCode is heavily tested with an automated test suite of over 20,000 tests.
See our roadmap for upcoming features.
Build and tests status
Branch |
Coverage |
Linux/macOS |
Windows |
---|---|---|---|
Master |
|||
Develop |
Documentation Build
Version |
RTD Build |
---|---|
Latest |
Documentation
The ScanCode documentation is hosted at scancode-toolkit.readthedocs.io.
If you are new to Scancode, start here.
Other Important Documentation Pages:
A synopsis of ScanCode command line options.
Tutorials on:
An exhaustive list of all available options
Documentation on Contributing to Code Development
Documentation on Plugin Architecture
See also https://aboutcode.org for related companion projects and tools.
Installation
Before installing ScanCode make sure that you have installed the prerequisites properly. This means installing Python (Python 3.6 is required in most cases). See prerequisites for detailed information on the support platforms and Python versions.
There are a few common ways to install ScanCode.
Quick Start
Note the commands variation across installation methods and platforms.
You can run an example scan printed on screen as JSON:
./scancode -clip --json-pp - samples
Follow the How to Run a Scan tutorial to perform a basic scan on the samples directory distributed by default with Scancode.
See more command examples:
./scancode --examples
See How to select what will be detected in a scan and How to specify the output format for more information.
You can also refer to the command line options synopsis and an exhaustive list of all available options.
Archive extraction
ScanCode does not extract by default files from tarballs, zip files, and other archives as part of the scan. The archives that exist in a codebase must be extracted before running a scan: the bundled utility extractcode is a mostly-universal archive extractor. For example, this command will recursively extract the mytar.tar.bz2 tarball in the mytar.tar.bz2-extract directory:
./extractcode mytar.tar.bz2
See all extractcode options and how to extract archives for details.
Support
If you have a problem, a suggestion or found a bug, please enter a ticket at: https://github.com/nexB/scancode-toolkit/issues
For discussions and chats, we have:
an official Gitter channel for web-based chats. Gitter is also accessible via an IRC bridge. There are other AboutCode project-specific channels available there too.
an official #aboutcode IRC channel on freenode (server chat.freenode.net). This channel receives build and commit notifications and can be noisy. You can use your favorite IRC client or use the web chat.
Source code and downloads
License
Apache-2.0 as the overall license
CC-BY-4.0 for reference datasets (initially was in the Public Domain.
Multiple other secondary permissive or copyleft licenses (LGPL, MIT, BSD, GPL 2/3, etc.) for third-party components.
See the NOTICE file and the .ABOUT files that document the origin and license of the third-party code used in ScanCode for more details.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file scancode-toolkit-21.2.9.tar.gz
.
File metadata
- Download URL: scancode-toolkit-21.2.9.tar.gz
- Upload date:
- Size: 46.1 MB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.5.0.1 requests/2.25.1 setuptools/52.0.0 requests-toolbelt/0.9.1 tqdm/4.56.0 CPython/3.6.10
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3d7ee37b0f4a32fec93c56209cb7a8b891b11fad29c93968f47553fead63269c |
|
MD5 | 06b2566f4eeff51198ec6363acd3c27f |
|
BLAKE2b-256 | 617261ca2ffe65ecf62c5abb74b8fb4f1edb2a7a8ce82ea10bc48949da10deda |
Provenance
File details
Details for the file scancode_toolkit-21.2.9-py3-none-any.whl
.
File metadata
- Download URL: scancode_toolkit-21.2.9-py3-none-any.whl
- Upload date:
- Size: 50.1 MB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.3.0 pkginfo/1.5.0.1 requests/2.25.1 setuptools/52.0.0 requests-toolbelt/0.9.1 tqdm/4.56.0 CPython/3.6.10
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 31d5dbe70c4261e5878898229d6c60f2d65c060c4445ad093f60beac3b0aa514 |
|
MD5 | d68aadacdde6499c568f482b5f18507a |
|
BLAKE2b-256 | a4894a12e315aee731ef2bf45bb50b1c1b9067979feab171eeb14ac77247311f |