AboutCode's repositories
scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
vulnerablecode
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
scancode.io
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
aboutcode-toolkit
:white_check_mark: AboutCode Toolkit provides a simple way to document provenance metadata (origin and license) about third-party code that you use in your project: it includes utilities to generate inventory/BOM or Attribution documentation.
license-expression
Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX or any other license id scheme.
scancode-licensedb
A free and open database of all the licenses, in particular all the open source software licenses
univers
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
python-inspector
Inspect Python code and PyPI package manifests. Resolve Python dependencies.
scancode-action
Run ScanCode.io pipelines from your Workflows
nuget-inspector
Inspect and resolve .NET and NuGet package dependencies like dotnet and nuget do. Fetch manifests data. Runs on Linux, Windows and macOS as a standalone application.
commoncode
A library of common functions shared in many other AboutCode projects
gemfileparser2
A library to parse Rubygem gemspec and Gemfile files and Cocoapods podspec and Podfile files using Python. Friendly fork of https://gitlab.com/balasankarc/gemfileparser
scancode-plugins
A set of plugins either delivered as builtin scancode-toolkit or extra plugins
ai-gen-code-search
A set of utilities and tools to detect and search AI-generated code
federatedcode
Decentralized and federated metadata for software applications
matchcode-toolkit
A collection of plugins that makes matchcode-related functions available for scancode-toolkit and scancode.io.
android-inspector
android-inspector is a library of utilities to introspect source and binary Android apps and Android device firmware. It can be used as a plugin to ScanCode.
elf-inspector
A library to inspect ELF binary files
go-inspector
An inspector for Go language-based source, binaries, packages, dependencies and metadata
purl-spec
A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby
source-inspector
Tools to inspect source code and code symbols
thirdparty-packages
A collection of various pre-built thirdparty packages with their corresponding source code