DejaCode
========
DejaCode is a complete enterprise-level application to automate open source license
compliance and ensure software supply chain integrity, powered by
`ScanCode <https://github.com/nexB/scancode-toolkit>`_,
the industry-leading code scanner.
- Run scans and track all the open source and third-party products and components used
in your software.
- Apply usage policies at the license or component level, and integrate into
ScanCode to ensure compliance.
- Capture software inventories (SBOMs), generate compliance artifacts, and keep
historical data.
- Ensure FOSS compliance with enterprise-grade features and integrations for DevOps and
software systems.
- Scan a software package, simply by providing its Download URL, to get comprehensive
details of its composition and create an SBOM.
- Load software package data into DejaCode with the integration for the open source
ScanCode.io and ScanCode Toolkit projects to create a product’s SBOM.
- Track and report vulnerability tracking and reporting by integrating with the open
source VulnerableCode project.
- Create, publish and share SBOM documents in DejaCode, including detailed attribution
documentation and custom reports in multiple file formats and standards, such as
CycloneDX and SPDX.
Getting started
---------------
The DejaCode documentation is available here: https://dejacode.readthedocs.io/
If you have questions please ask them in
`Discussions <https://github.com/nexB/dejacode/discussions>`_.
If you want to contribute to DejaCode, start with our
`Contributing <https://dejacode.readthedocs.io/en/latest/contributing.html>`_ page.
Build and tests status
----------------------
+------------+-------------------+
| **Tests** | **Documentation** |
+============+===================+
| |ci-tests| | |docs-rtd| |
+------------+-------------------+
DejaCode License Notice
-----------------------
DejaCode is an enterprise-level application to automate open source license
compliance and ensure software supply chain integrity, powered by ScanCode,
the industry-leading code scanner.
SPDX-License-Identifier: AGPL-3.0-only
Copyright (c) nexB Inc.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, version 3 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Commercial License option
-------------------------
DejaCode is offered under a nexB commercial license as an alternative.
You can learn more about this option by contacting us at
https://www.nexb.com/contact-us/
.. |ci-tests| image:: https://github.com/nexB/dejacode/actions/workflows/ci.yml/badge.svg?branch=main
:target: https://github.com/nexB/dejacode/actions/workflows/ci.yml
:alt: CI Tests Status
.. |docs-rtd| image:: https://readthedocs.org/projects/dejacode/badge/?version=latest
:target: https://dejacode.readthedocs.io/en/latest/?badge=latest
:alt: Documentation Build Status
Raw data
{
"_id": null,
"home_page": "https://github.com/nexB/dejacode",
"name": "dejacode",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": "",
"keywords": "open source,scan,license,package,dependency,copyright,filetype,author,extract,licensing,scancode,scanpipe,docker,rootfs,vm,virtual machine,pipeline,code analysis,container",
"author": "nexB Inc.",
"author_email": "info@aboutcode.org",
"download_url": "https://files.pythonhosted.org/packages/e8/8d/b550d92a81b3d9b0b405edd011442cf88cfd50d2c859ff2b279cd485a63a/dejacode-5.0.0.tar.gz",
"platform": null,
"description": "DejaCode\n========\n\nDejaCode is a complete enterprise-level application to automate open source license\ncompliance and ensure software supply chain integrity, powered by\n`ScanCode <https://github.com/nexB/scancode-toolkit>`_,\nthe industry-leading code scanner.\n\n- Run scans and track all the open source and third-party products and components used\n in your software.\n- Apply usage policies at the license or component level, and integrate into\n ScanCode to ensure compliance.\n- Capture software inventories (SBOMs), generate compliance artifacts, and keep\n historical data.\n- Ensure FOSS compliance with enterprise-grade features and integrations for DevOps and\n software systems.\n- Scan a software package, simply by providing its Download URL, to get comprehensive\n details of its composition and create an SBOM.\n- Load software package data into DejaCode with the integration for the open source\n ScanCode.io and ScanCode Toolkit projects to create a product\u2019s SBOM.\n- Track and report vulnerability tracking and reporting by integrating with the open\n source VulnerableCode project.\n- Create, publish and share SBOM documents in DejaCode, including detailed attribution\n documentation and custom reports in multiple file formats and standards, such as\n CycloneDX and SPDX.\n\nGetting started\n---------------\n\nThe DejaCode documentation is available here: https://dejacode.readthedocs.io/\n\nIf you have questions please ask them in\n`Discussions <https://github.com/nexB/dejacode/discussions>`_.\n\nIf you want to contribute to DejaCode, start with our\n`Contributing <https://dejacode.readthedocs.io/en/latest/contributing.html>`_ page.\n\nBuild and tests status\n----------------------\n\n+------------+-------------------+\n| **Tests** | **Documentation** |\n+============+===================+\n| |ci-tests| | |docs-rtd| |\n+------------+-------------------+\n\nDejaCode License Notice\n-----------------------\n\nDejaCode is an enterprise-level application to automate open source license\ncompliance and ensure software supply chain integrity, powered by ScanCode,\nthe industry-leading code scanner.\n\nSPDX-License-Identifier: AGPL-3.0-only\n\nCopyright (c) nexB Inc.\n\nThis program is free software: you can redistribute it and/or modify\nit under the terms of the GNU Affero General Public License as\npublished by the Free Software Foundation, version 3 of the License.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\nGNU Affero General Public License for more details.\n\nYou should have received a copy of the GNU Affero General Public License\nalong with this program. If not, see <https://www.gnu.org/licenses/>.\n\nCommercial License option\n-------------------------\n\nDejaCode is offered under a nexB commercial license as an alternative.\nYou can learn more about this option by contacting us at\nhttps://www.nexb.com/contact-us/\n\n\n.. |ci-tests| image:: https://github.com/nexB/dejacode/actions/workflows/ci.yml/badge.svg?branch=main\n :target: https://github.com/nexB/dejacode/actions/workflows/ci.yml\n :alt: CI Tests Status\n\n.. |docs-rtd| image:: https://readthedocs.org/projects/dejacode/badge/?version=latest\n :target: https://dejacode.readthedocs.io/en/latest/?badge=latest\n :alt: Documentation Build Status\n",
"bugtrack_url": null,
"license": "AGPL-3.0-only",
"summary": "Automate open source license compliance and ensure supply chain integrity",
"version": "5.0.0",
"project_urls": {
"Homepage": "https://github.com/nexB/dejacode"
},
"split_keywords": [
"open source",
"scan",
"license",
"package",
"dependency",
"copyright",
"filetype",
"author",
"extract",
"licensing",
"scancode",
"scanpipe",
"docker",
"rootfs",
"vm",
"virtual machine",
"pipeline",
"code analysis",
"container"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "e88db550d92a81b3d9b0b405edd011442cf88cfd50d2c859ff2b279cd485a63a",
"md5": "7a468735c807551c79a3aabe84413fe9",
"sha256": "f01cc2215e048ae55ae8464d511402eb3d0d3a5c03b773c853bb56c64101eaa8"
},
"downloads": -1,
"filename": "dejacode-5.0.0.tar.gz",
"has_sig": false,
"md5_digest": "7a468735c807551c79a3aabe84413fe9",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 15293,
"upload_time": "2023-12-08T12:00:37",
"upload_time_iso_8601": "2023-12-08T12:00:37.263367Z",
"url": "https://files.pythonhosted.org/packages/e8/8d/b550d92a81b3d9b0b405edd011442cf88cfd50d2c859ff2b279cd485a63a/dejacode-5.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-12-08 12:00:37",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "nexB",
"github_project": "dejacode",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "dejacode"
}
JSON
