50 projects
vulnerablecode
VulnerableCode is a free and open database of open source software package vulnerabilities because open source software vulnerabilities data and tools should be free and open source themselves.
scancodeio
Automate software composition analysis pipelines
go-inspector
go-inspector is a scancode plugin to extract symbols and dependencies found in Go binaries.
extractcode-7z-system-provided
A ScanCode path provider plugin to provide system package provided sevenzip binary.
extractcode-libarchive-system-provided
A ScanCode path provider plugin to provide a system package provided libarchive shared library.
typecode-libmagic-system-provided
A ScanCode path provider plugin to provide a system package provided libmagic binary and database.
license-expression
license-expression is a comprehensive utility library to parse, compare, simplify and normalize license expressions (such as SPDX license expressions) using boolean logic.
intbitset
C-based extension implementing fast integer bit sets.
packageurl-python
A purl aka. Package URL parser and builder
scancode-toolkit-mini
ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts. scancode-toolkit-mini is a special build that does not come with pre-built binary dependencies by default. These are instead installed separately or with the extra_requires scancode-toolkit-mini[full]
scancode-toolkit
ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts.
fetchcode
fetchcode is a library to reliably fetch code via HTTP, FTP and version control systems.
commoncode
Set of common utilities, originally split from ScanCode
pygmars
Craft simple regex-based small language lexers and parsers. Build parsers from grammars and accept Pygments lexers as an input. Derived from NLTK.
scorecode
A package to fetch data from OpenSSF Scorecard API
gemfileparser2
Parse Ruby Gemfile, .gemspec and Cocoapod .podspec files using Python.
univers
A mostly universal library to parse and compare software package versions and version ranges. A companion to Package URLs.
purl2vcs
purl2vcs is an add-on library working with the PurlDB to find the version control system (VCS) URL of a package and detect the commit, tags and path for a given version.
saneyaml
Read and write readable YAML safely preserving order and avoiding bad surprises with unwanted infered type conversions. This library is a PyYaml wrapper with sane behaviour to read and write readable YAML safely, typically when used for configuration.
source-inspector
source-inspector
python-inspector
python-inspector is is a collection of utilities to collect PyPI package metadata and resolve packages dependencies.
typecode
Comprehensive filetype and mimetype detection using libmagic and Pygments.
aboutcode-toolkit
AboutCode-toolkit is a tool to document the provenance (origin and license) of third-party software using small text files. Collect inventories and generate attribution documentation.
container-inspector
Docker, containers, rootfs and virtual machine related software composition analysis (SCA) utilities.
licensedcode-index
A packaging of the ScanCode licensedb license and license rules pre-built index. Can only be used with ScanCode-Toolkit.
licensedcode-data
A packaging of the ScanCode licensedb license and license rules database.
purldb-toolkit
A toolkit and library to use the PurlDB and its API
debian-inspector
Utilities to parse Debian package, copyright and control files.
flot
Flot is a simple tool to easily build multiple packages (wheel and sdist) from a single repo without having to create a subdir or another repo for each package, and by simply listing which files to include.
elf-inspector
A utility to inspect ELF binary files. Designed as a ScanCode plugin.
plugincode
plugincode is a library that provides plugin functionality for ScanCode toolkit.
tracecode-toolkit-strace
TraceCode toolkit "strace" is dynamic build tracer and grapher
dparse2
A parser for Python dependency files
pip-requirements-parser
pip requirements parser - a mostly correct pip requirements parsing library because it uses pip's own code.
extractcode
A mostly universal archive extractor using 7zip, libarchive and the Python standard library for reliable archive extraction.
boolean.py
Define boolean algebras, create and parse boolean expressions and create custom boolean DSL.
parameter-expansion-patched
Shell parameter expansion in Python. Patched by co-maintainer for a PyPI release.
pkginfo2
Query metadatdata from sdists / bdists / installed packages. Safer fork of pkginfo to avoid doing arbitrary imports and eval()
reppy2
Replacement robots.txt Parser in pure Python
compiledcode
A ScanCode scan plugin to get lkmclue, dwarf, gwt, cpp includes, code/comments lines generated code and elf info.
typecode-libmagic
A ScanCode path provider plugin to provide a prebuilt native libmagic binary and database.
extractcode-libarchive
A ScanCode path provider plugin to provide a prebuilt native libarchive binary.
extractcode-7z
A ScanCode path provider plugin to provide a prebuilt native sevenzip binary.
fetchcode-container
A ScanCode path provider plugin to provide a prebuilt native skopeobinary built from sources that are bundled in the repo and sdist.
scancode-analyzer
A scancode-toolkit plugin to analyze scan results for License Detection Issues
rpm-inspector-rpm
A ScanCode path provider plugin to provide a prebuilt native rpm binary built with many rpm backend database formats supported. The rpm binary is built from sources that are bundled in the repo and sdist.
textcode-pdf2text
A ScanCode path provider plugin to provide a prebuilt native libmagic binary and database.
typecode-libmagic-from-sources
A ScanCode path provider plugin to provide a prebuilt native libmagic binary and database. libmagic is built from sources that are bundled in the repo and sdist
urlpy
Simple URL parsing, canonicalization and equivalence.
publicsuffix2
Get a public suffix for a domain name using the Public Suffix List. Forked from and using the same API as the publicsuffix package.
