Libraries

Other AboutCode libraries and tools

  • commoncode – Set of common functions and utilities for handling various things like paths, dates, files and hashes. Used in ScanCode Toolkit.
  • container-inspector – Suite of analysis utilities and command line tools for Docker images, containers, root filesystems and virtual machine images. For Docker images, it can process layers and how these relate to each other as well as Dockerfiles. Used in ScanCode.io.
  • debian-inspector – Collection of utilities to parse various Debian package manifests, machine readable copyright and control files collectively known as the Debian 822 format (based on the RFC822 email format).
  • extractcode – A mostly universal archive extractor for Linux, macOS and Windows (64-bit only). Used in ScanCode Toolkit and ScanCode.io
  • fetchcode – Library to reliably fetch code via HTTP, FTP and version control systems. Supports Package-URLs.
  • license-expression – Comprehensive utility library to parse, compare, simplify and normalize license expressions (such as SPDX license expressions) using boolean logic.
  • purl-spec – Specification for “package URL” (purl) which is a URL string used to identify and locate a software package in a mostly universal and uniform way across programing languages, package managers, packaging conventions, tools, APIs and databases.
  • pygmars – Simple lexing and parsing library designed to craft lightweight lexers and parsers using regular expressions. Used in ScanCode Toolkit for copyright detection.
  • python-inspector – Collection of utilities to resolve PyPi package dependencies and parse other Python manifest or package files such as requirements, Pipfile, poetry.lock, setup.py/.cfg and metadata for eggs, wheels and sdist.
  • rpm-inspector – Python library to collect data from RPM packages including installed packages.
  • saneyaml - PyYaml wrapper with sane behavior to read and write readable YAML safely, typically used with configuration files.
  • scancode-analyzer – A ScanCode post-scan plugin for identifying license detection inaccuracies and errors.
  • scancode-licensedb – Code to deploy and maintain the public ScanCode LicenseDB.
  • scancode-plugins – ScanCode plugins- some are builtin and some are extras. Several of them contain pre-built binaries. Each plugin is under its own license and in particular plugins that merely bundle pre-built binaries use the license of these binaries. Used in ScanCode Toolkit.
  • scancode-toolkit-reference-scan – Reference Scans from ScanCode Toolkit with diffs of Scan output between different versions of scancode-toolkit.
  • tracecode-toolkit - Command line tool to match data between files in development codebase repositories and deployment/distribution codebases.
  • tracecode-toolkit-strace - Tool to analyze the straced execution of a build to identify which codebase files are built into a binary. Primarily used for C/C++ builds.
  • typecode - Tool for comprehensive filetype and mimetype detections using libmagic and Pygments. Used in ScanCode Toolkit.
  • univers - A mostly universal way to store version ranges and to compare two software package versions. Used in VulnerableCode.