ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet, the Google Summer of Code, Azure credits, nexB and other generous sponsors!
☆2,496Mar 12, 2026Updated last week
Alternatives and similar repositories for scancode-toolkit
Users that are interested in scancode-toolkit are comparing it to the libraries listed below
Sorting:
- ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.☆169Jan 17, 2025Updated last year
- A suite of tools to automate software compliance checks.☆1,964Updated this week
- FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export contr…☆973Updated this week
- ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Co…☆184Updated this week
- Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dock…☆1,014Mar 12, 2024Updated 2 years ago
- A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sp…☆649Updated this week
- Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX …☆73Updated this week
- AboutCode Toolkit provides a simple way to document provenance metadata (origin and license) about third-party code that you use in your…☆99Mar 2, 2026Updated 2 weeks ago
- A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby☆992Mar 11, 2026Updated last week
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,666Updated this week
- A Python library to parse, validate and create SPDX documents.☆240Mar 13, 2026Updated last week
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆8,510Updated this week
- A free and open database of all the licenses, in particular all the open source software licenses☆61Feb 24, 2026Updated 3 weeks ago
- Automate open source license compliance and ensure software supply chain integrity☆41Mar 11, 2026Updated last week
- Service to scan licenses from source code☆12Aug 14, 2023Updated 2 years ago
- Tools to create and deploy a database of software packages metadata, origin, dependencies, and license keyed by PURLs (Package URLs). Sup…☆61Updated this week
- Find licenses for your project's dependencies.☆1,785Jul 22, 2024Updated last year
- This project is no longer maintained. Visit https://github.com/nexB/scancode.io/ instead for similar and current project☆19Feb 11, 2021Updated 5 years ago
- The System Package Data Exchange (SPDX) specification in Markdown and HTML formats.☆361Mar 11, 2026Updated last week
- a license identification tool for Source Code☆111Jun 19, 2022Updated 3 years ago
- A desktop workbench for OSS Review Toolkit result files.☆29Mar 12, 2026Updated last week
- Parse and compare package versions and ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions…☆43Feb 25, 2026Updated 3 weeks ago
- OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reductio…☆487Updated this week
- ☆11Feb 16, 2023Updated 3 years ago
- A tool & library to detect open source licenses from texts☆271Oct 22, 2024Updated last year
- This repo contains license and copyright analysis results of open source packages. It further contains other license compliance relevant …☆53Updated this week
- The SCANOSS SBOM Workbench graphical user interface to scan and audit your source code.☆60Mar 13, 2026Updated last week
- container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relat…☆37Jan 21, 2026Updated last month
- SPDX Tools☆144Oct 7, 2025Updated 5 months ago
- This repo realizes the idea that OSS compliance activities will be less expensive by applying OSS principles☆95Updated this week
- A Ruby Gem to detect under what license a project is distributed.☆872Updated this week
- A light-weight app to audit and inventory large codebases for open source license compliance.☆72Updated this week
- Binary Analysis Next Generation (BANG)☆519Updated this week
- A vulnerability scanner for container images and filesystems☆11,733Updated this week
- Various data formats for the SPDX License List including RDFa, HTML, Text, and JSON☆642Mar 5, 2026Updated 2 weeks ago
- A collection of scripts for license compliance scanning, mostly experimental☆21Jun 16, 2025Updated 9 months ago
- free and open source software license compatibility tool.☆50Apr 9, 2025Updated 11 months ago
- DeltaCode: compare two codebase scans (from ScanCode) to detect significant changes.☆22Sep 3, 2024Updated last year
- ☆35Dec 16, 2024Updated last year