Thank you to all who participated in AboutCode’s organization during GSoC 2020. Enthusiasm from prospective students has never been higher and we enjoy being able to grow our open source community each year via Google Summer of Code.
Congratulations to our five students who have all successfully completed their projects for GSoC 2020!
Below is a short summary of each of the successful projects. Feel free to follow the various links for more details.
Rohit Potter - Additional package and lockfile parsers
Rohit’s project focused on adding additional package parsers and lockfile parsers to scancode-toolkit. Specifically, Rohit added package parsing code to handle Go (go.mod, go.sum) and OCaml (.opam) packages, along with code to handle Python (requirements.txt, pipfile.lock) and Rust (cargo.lock) lockfiles. Package parsing is a key component of scancode-toolkit and adding new parsers is always a priority.
Tushar Goel - FetchCode
Tushar worked on creating a new library: Fetchcode. Fetchcode is a small utility library designed to “fetch” some sort of information no matter what type of url that is passed to it. Fetchcode knows how to handle standard ftp or sftp urls in addition to VCS urls and even Package URLs. While a PackageURL will not download content (like an ftp url would), it will return some package information from supported package repositories.
Ayan Mahapatra - ScanCode Results Analyzer
Scancode-Results-Analyzer is a set of utilities and functions that help automate the review of scancode scan results files. These utilities point out erroneous license detections using machine learning, and even have the ability to create new detection rules based on the results of the scanfile analysis. This project is fairly complex and work continues to be done by Ayan after the GSoC period.
Shivam Sandbhor - VulnerableCode Enhancements
Shivam worked on improving and enhancing VulnerableCode, our upcoming vulnerability database. Shivam worked on adding support for multiple new vulnerability data sources (Ubuntu, Debian, SUSE, Redhat). Additionally, he created a new web UI to aid in the creation, searching and navigation of this vulnerability information. Shivam will continue to work with our organization to help move VulnerableCode to its first release and deployment.
Abhishek Kumar - Improve ScanCode packaging
Abhishek’s work was primarily focused on improving the handling of 3rd party dependencies in scancode-toolkit. Prior to his work, scancode would bundle a copy of all 3rd party python wheels for ALL operating systems and architectures. This would allow scancode to run anywhere, but it made the distributed package larger in file size than we would like. Abhishek’s work allows us to package scancode individually by operating system, so we cut down on the number of duplicate 3rd party python wheels.