Open Source Software Provenance Compliance | AboutCode


nexB is a company that solves the problem of discovering, identifying, tracking and managing open source and third-party components used in your products, applications and systems. We build modular tools for software development teams so that each team can implement a workflow tailored for its set of languages, technologies and tools. We call this set of tools AboutCode.

Open Source Projects

AboutCode Manager

AboutCode Manager provides an advanced visual UI to help you quickly evaluate license and other notices identified by ScanCode and record your conclusion about the effective license(s) for a component. AboutCode Manager is based on Electron and is the primary desktop/GUI tool for using nexB’s AboutCode tools.

ScanCode Toolkit

Discovering the license for a free and open source code is important, but it should not be as hard as it seems today. ScanCode is a new open source scanning solution to accurately identify the license(s) of the code you want to consume.

With ScanCode, a development team can start scanning code on their own! You can now focus on whether the license is OK for your organization and if the code works for your projected use. These are the important questions. To learn more or to contribute, visit our scancode-toolkit project on GitHub.


DeltaCode allows you to easily compare ScanCode scans for two versions of a package, component, codebase or product in order to quickly identify possible changes with a focus on identifying license changes. DeltaCode reports matching files with a score and a list of factors that contribute to that score.

You can use DeltaCode with ScanCode to identify and track license and related changes in open source or third party software packages or components from release to release.

AboutCode Toolkit

AboutCode Toolkit provides a simple way to (1) document the provenance (origin and license) of open source and third-party software components that you use and (2) automate creation of attribution notices and redistribution packages.

An ABOUT file is a small text file stored in the codebase side-by-side with the software component file or archive that it documents. To learn more or to contribute, visit our project on GitHub.

TraceCode Toolkit

TraceCode Toolkit helps you determine which components are actually distributed or deployed for your product. This is essential information for determining your open source license obligations because many are only triggered by distribution or deployment.

TraceCode Toolkit is a tool to analyze the traced execution of a build, so you can learn which files are built into binaries and ultimately deployed in your distributed software.

License Expression

License Expression is small utility library to parse, compare, simplify and normalize license expressions (e.g. SPDX license expressions) using boolean logic such as: GPL-2.0 or later WITH Classpath Exception AND MIT.

nexBOpen Source

At nexB, we have been creating, contributing to and using free and open source software from the start. We contribute back to projects that we use, and we sponsor our own open source projects to provide good open source tools that enable you to comply with open source license conditions.

We release our open source code under the Apache 2.0 license because we think that it provides the best balance of permissive terms with a complete and clear set of license conditions. We also reuse many open source components in our projects - we document the licenses for these using our own tools.