scancode.io
scancode.io copied to clipboard
nexB
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabas...
We need to document the internal rules from SCTK and SCIO that determine what files are reported as "uninteresting" or not reported at all. Two examples are: - ignore.py in...
This is a feature that would be very useful for orgs that have a lot of dockers and are trying to switch to some common base images (like we do...
See https://github.com/nexB/scancode.io/blob/3f36a0d4ae95c28814df3c21f3a02e7efb6c04f6/scanpipe/pipes/rootfs.py#L330 There are case where ignoring /var/ is not correct
Hi there, I have a installed and running scancode server from docker-compose on a Ubuntu LTS 20.04 Server. I successfully scaned a open repository in github, but I still have...
This is something we use at scancode.onap.eu mozilla-django-oidc is a minimal lib and does not implement stuff like: - verify e-mail - connect multiple accounts to single django account this...
So I have Docker Windows Setup with WSL 2 also loaded in (Ubuntu 20.04 LTS) On Running the command `make envfile`, it returns `The term make is not recognized...` As...
This would be handy and could come pre-populated with some data from the current project such as the project name, pipeline(s) and download URL(s)
Configuring a ScanCode TK `--license-score` on a project by project basis would be useful addition.
ScanCode Toolkit currently offers SPDX output files. You can currently create an SBOM output by downloading the standard SCIO JSON output and running it through SCTK on your local machine....