Skip to content

🔎 ScanCode scans code and detects licenses, copyrights, package manifests & dependencies and more ... to discover and inventory open source and third-party packages used in your code.

Notifications You must be signed in to change notification settings

LeChasseur/scancode-toolkit

 
 

Repository files navigation

ScanCode toolkit

Build and tests status

Branch Coverage Linux (Travis) MacOSX (Travis) Windows (AppVeyor)
Master Linux Master branch test coverage Linux Master branch tests status MacOSX Master branch tests status Windows Master branch tests status
Develop Linux Develop branch test coverage Linux Develop branch tests status MacOSX Develop branch tests status Windows Develop branch tests status

ScanCode is a suite of utilities used to scan a codebase for license, copyright, package manifests and dependencies and other interesting information that can be discovered in source and binary code files.

A typical software project often reuses hundreds of third-party packages. License and origin information is often scattered, not easy to find and not normalized: ScanCode discovers and normalizes this data for you.

ScanCode provides accurate scan results and the line position where each result is found. The results can be formatted as JSON or HTML. ScanCode provides a simple HTML app for quick visualization of scan results (see screenshot below), but you will have more robust analysis options if you use AboutCode Manager to view a scan. AboutCode Manager is a desktop application available on Linux, OSX or Windows - go to https://github.com/nexB/aboutcode-manager to learn more or to download AboutCode Manager.

We are continuously working on new features, such as detecting more package manifests or improving scanning accuracy and performance. This is made easier by the recent addition of a plugin architecture.

See the roadmap for upcoming features: https://github.com/nexB/scancode-toolkit/wiki/Roadmap

samples/screenshot.png

Quick Start

For Windows, please go to the Comprehensive Installation section instead.

Make sure you have Python 2.7 installed:

On Linux install Python 2.7 "devel" and a few extra packages:

  • sudo apt-get install python-dev bzip2 xz-utils zlib1g libxml2-dev libxslt1-dev for Ubuntu 12.04, 14.04 and 16.04
  • sudo apt-get install python-dev libbz2-1.0 xz-utils zlib1g libxml2-dev libxslt1-dev for Debian and Debian-based distros
  • sudo yum install python-devel zlib bzip2-libs xz-libs libxml2-devel libxslt-devel for RPM distros
  • sudo dnf install python-devel zlib bzip2-libs xz-libs libxml2-devel libxslt-devel for Fedora 22 and later
  • See the Comprehensive Installation for additional details and other Linux installations: https://github.com/nexB/scancode-toolkit/wiki/Comprehensive-Installation

Next, download and extract the latest ScanCode release from:

https://github.com/nexB/scancode-toolkit/releases/

Open a terminal, extract the downloaded release archive, then cd to the extracted directory and run this command to display the command help. ScanCode will self-configure if needed:

./scancode --help

Run a sample scan saved to the samples.html file:

./scancode --output-html-app samples.html samples

Then open samples.html in your web browser to view the scan results.

See more command examples:

./scancode --examples

Support

If you have a problem, a suggestion or found a bug, please enter a ticket at: https://github.com/nexB/scancode-toolkit/issues

For other questions, discussions, and chats, we have:

About archives

All code must be extracted before running ScanCode since ScanCode will not extract files from tarballs, zip files, etc. However, the ScanCode Toolkit comes with a utility called extractcode that does recursive archive extraction. For example, this command will recursively extract the mytar.tar.bz2 tarball in the mytar.tar.bz2-extract directory:

./extractcode mytar.tar.bz2

Source code

License

  • Apache-2.0 with an acknowledgement required to accompany the scan output.
  • Public domain CC-0 for reference datasets.
  • Multiple licenses (GPL2/3, LGPL, MIT, BSD, etc.) for third-party components.

See the NOTICE file for more details.

Documentation & FAQ

https://github.com/nexB/scancode-toolkit/wiki

Basic Usage

Run this command for a list of options (On Windows use scancode instead of ./scancode):

./scancode --help

Run this command for a list of command line examples:

./scancode --examples

To run a license scan on sample data, first run this:

./scancode -l --output-html-app samples.html samples

Then open samples.html in your web browser to see the results.

About

🔎 ScanCode scans code and detects licenses, copyrights, package manifests & dependencies and more ... to discover and inventory open source and third-party packages used in your code.

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • HTML 23.6%
  • Python 23.0%
  • C 17.6%
  • Shell 13.4%
  • C++ 8.0%
  • PHP 3.5%
  • Other 10.9%