/scancode-toolkit

ScanCode is a tool to scan code and detect licenses, copyrights, packages metadata & dependencies and more... to find, discover, inventory open source and third-party components used in your code.

Primary LanguagePython

ScanCode toolkit

Build and tests status

Branch Coverage Linux (Travis) MacOSX (Travis) Windows (AppVeyor)
Master Linux Master branch test coverage Linux Master branch tests status MacOSX Master branch tests status Windows Master branch tests status
Develop Linux Develop branch test coverage Linux Develop branch tests status MacOSX Develop branch tests status Windows Develop branch tests status

ScanCode is a suite of utilities used to scan a codebase for license, copyright, and other interesting information that can be discovered in files.

A typical software project often reuses hundreds of third-party components. License and origin information is often scattered and not easy to find: ScanCode discovers this data for you.

ScanCode provides reasonably accurate scan results and the line position where each result is found. The results can be formatted as JSON or HTML, and ScanCode provides a simple HTML app for quick visualization of scan results.

We are continuously working on new features, such as analysis of dependencies or improving performance for scanning of larger codebases.

See the roadmap for upcoming features: https://github.com/nexB/scancode-toolkit/wiki/Roadmap

samples/screenshot.png

Quick Start

For Windows, please go to the Comprehensive Installation section instead.

Make sure you have Python 2.7 installed:
On Linux install Python 2.7 "devel" and a few extra packages:
  • sudo apt-get install python-dev bzip2 xz-utils zlib1g libxml2-dev libxslt1-dev for Ubuntu 12.04, 14.04 and 16.04
  • sudo apt-get install python-dev libbz2-1.0 xz-utils zlib1g libxml2-dev libxslt1-dev for Debian and Debian-based distros
  • sudo yum install python-devel zlib bzip2-libs xz-libs libxml2-devel libxslt-devel for RPM distros
  • See the Comprehensive Installation for additional details and other Linux installations: https://github.com/nexB/scancode-toolkit/wiki/Comprehensive-Installation

Next, download and extract the latest ScanCode release from:

https://github.com/nexB/scancode-toolkit/releases/latest

Open a terminal, extract the downloaded release archive, then cd to the extracted directory and run this command to display the command help. ScanCode will self-configure if needed:

./scancode --help

Run a sample scan saved to the samples.html file:

./scancode --format html-app samples samples.html

Then open samples.html in your web browser to view the scan results.

See more command examples:

./scancode --examples

Support

If you have a problem, a suggestion or found a bug, please enter a ticket at: https://github.com/nexB/scancode-toolkit/issues

For other questions, discussions, and chats, we have:

About archives

All code must be extracted before running ScanCode since ScanCode will not extract files from tarballs, zip files, etc. However, the ScanCode Toolkit comes with a utility called extractcode that does recursive archive extraction. For example, this command will recursively extract the mytar.tar.bz2 tarball in the mytar.tar.bz2-extract directory:

./extractcode mytar.tar.bz2

Source code

License

  • Apache-2.0 with an acknowledgement required to accompany the scan output.
  • Public domain CC-0 for reference datasets.
  • Multiple licenses (GPL2/3, LGPL, MIT, BSD, etc.) for third-party components.

See the NOTICE file for more details.

Documentation & FAQ

https://github.com/nexB/scancode-toolkit/wiki

Basic Usage

Run this command for a list of options (On Windows use scancode instead of ./scancode):

./scancode --help

Run this command for a list of command line examples:

./scancode --examples

To run a scan on sample data, first run this:

./scancode --format html-app samples samples.html

Then open samples.html in your web browser to see the results.