scancode.io
scancode.io copied to clipboard
nexB
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...
From @pombredanne We already have SBOM export (and import) options in scancode.io supporting SPDX and CycloneDX SBOMs, and we can enrich this data using the public https://github.com/ossf/scorecard#public-data or the RestAPI...
Based on actual usage there are issues that need to be resolved: - it is not clear which symbols or strings pipeline was used to collect symbols. - multiple queries...
I was not able to find in the generated scan results the version of scancode-toolkit that was used in a recent scan from SCIO 32.1.0. That information would be very...
I am confused with the data (This is the data from SCIO scan downloaded with xlsx output). Following is a sample: There are 22 line items for dist-datatables-select-1.3.3.jar in the...
As a follow up to https://github.com/nexB/scancode.io/issues/1148#issuecomment-2128602103 we shoudl include in the reporting the data from: - https://github.com/nexB/scancode.io/issues/1150 Basically I would like to have the list of unmapped to file paths,...
I run an ELF d2d with - http://deb.debian.org/debian/pool/main/b/binutils/binutils_2.31.1.orig.tar.xz#from - http://ftp.us.debian.org/debian/pool/main/b/binutils/libbinutils-dbg_2.31.1-16_amd64.deb#to There are a few issues: - [ ] https://github.com/nexB/scancode.io/issues/1215 - [ ] https://github.com/nexB/purldb/issues/422 which leads to an incorrect purldb match...