scancode.io
scancode.io copied to clipboard
aboutcode-org
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...
Following #444 and #485 and a discussion with @pombredanne: we do track package instances correctly in case of scan-codebase pipeline and create separate instances for the same package correctly. But...
I have about 100,000 packages in a scan: ``` 2023-11-26 14:51:19.56 Step [populate_purldb_with_detected_purls] starting 2023-11-26 14:51:27.33 Populating PurlDB with 93,086 detected PURLs 2023-11-26 15:03:36.83 Progress: 10% (94/931) ETA: 6565 seconds...
It would be nice to have a config (with path patterns) to ignore and silence some recurring Resources flagged as "requires-review". This would be different from the regular ignores. This...
We should consider to create the project workspace directory using a slug-like name (at least without spaces). This helps when iterating over the directories
I got this exception while scanning my project: Any idea what's wrong here ?  Version: 
JSP deployment analysis is not straight forward because of the multiple indirection and transpilation to Java and compilation to bytecode. We may be able to use source-classes-mapping.txt for JSP mapping....
Assuming that there are multiple sources of curated, corrected or reviewed, I would like to have a pipeline that works with the PurlDB and these other sources of curated data....
I create a project and I add a few inputs with a click to open a file picker. Then again I click to open a file picker again and select...
Metadata
Owner
Metadata
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...