ScanCode is an opensource software and detects licenses, copyrights, package manifests & dependencies and more by scanning code. This allows to automated discovery of third-party packages, licenses being used in a project. Scancode currently handles various package metadata formats, such as for npm (package.json), python (setup.py). The goal of this project is to add additional package metadata and lockfile parsers to scancode-toolkit. Scancode currently implements parsers for Python packages (setup.py, .whl), package-lock.json/npm-shrinkwrap.json , Ruby Gems (Gemfile, Gemfile.lock), Java Jars, PHP Composer Packages, Debian .deb files/Yum .rpm files, Rust crates.

However, there a few formats still missing - such as:

  • Ruby Gems (.gemspec)
  • .podspec
  • Go (go.mod, go.sum)
  • Scala (.sbt)
  • OCaml(.opam)
  • Python packages (requirements.txt, pipfile.lock)
  • Rust (cargo.lock)

Organization

Student

ROHIT POTTER

Mentors

  • Jonathan Yang
  • Steven Esser
close

2020