scancode-toolkit
fossology
scancode-toolkit | fossology | |
---|---|---|
4 | 2 | |
1,973 | 751 | |
1.3% | 1.5% | |
9.6 | 8.9 | |
4 days ago | 3 days ago | |
Python | PHP | |
- | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
scancode-toolkit
- ScanCode: Scan license and packages, dependencies and origin information
-
User beware: Modified AGPLv3 removes freedoms, adds legal headaches
Hey, pabs3! Actually this is not using a rolling checksum for detection but rather a combo of language model, checksums, automatons, bitvectors, inverted indexes and multiple sequences alignment (e.g. a specialized diff). I put some docs there to explain the approach at ahttps://github.com/nexB/scancode-toolkit/blob/develop/src/li...
-
I've just started using python at work, is there anything I need to be careful about?
If you're concerned about licensing in your dependencies, use a license scanner like scancode toolkit. Similar scanners are available in products like JFrog Artifactory or GitLab (paid versions)
fossology
-
What is FOSSology and how to set it up?
First you need to clone the repository in the machine using this command.
- What is the best open source Licenses manager ?
What are some alternatives?
dependency-track - Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
Snipe IT - A free open source IT asset/license management system
ort - A suite of tools to automate software compliance checks.
cyclonedx-gradle-plugin - Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
barista - project barista - open source license and vulnerability management
Neo4j - Graphs for Everyone
react-admin-crm - A CRM build with react-admin, used as a demo for the capabilities of the framework
spdx-license-matcher - A tool to match license text with SPDX license list using a an algorithm with finds close matches. It follows SPDX Matching guidelines to keep the substantial text as well as ignore the replaceable text for matching purposes.
copyright-header - © Copyright Header is a utility to manipulate software licenses on source code.
gpl-history
awesome-open-source-licensing - Cool links, tools & papers related to Open Source Licensing