{"id":20325838,"url":"https://github.com/aboutcode-org/dejacode","last_synced_at":"2026-03-12T01:08:47.622Z","repository":{"id":211307005,"uuid":"728772862","full_name":"aboutcode-org/dejacode","owner":"aboutcode-org","description":"Automate open source license compliance and ensure software supply chain integrity","archived":false,"fork":false,"pushed_at":"2026-03-05T03:50:24.000Z","size":505593,"stargazers_count":40,"open_issues_count":87,"forks_count":21,"subscribers_count":6,"default_branch":"main","last_synced_at":"2026-03-05T04:26:15.702Z","etag":null,"topics":["cyclonedx","foss-compliance","license","open-source","package-url","purl","sca","scancode","spdx","vulnerabilities"],"latest_commit_sha":null,"homepage":"https://dejacode.readthedocs.io/en/stable/index.html","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/aboutcode-org.png","metadata":{"files":{"readme":"README.rst","changelog":"CHANGELOG.rst","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":"NOTICE","maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":"aboutcode-org","open_collective":"aboutcode","custom":"https://causes.benevity.org/causes/056-5528680976845_a486"}},"created_at":"2023-12-07T16:57:42.000Z","updated_at":"2026-03-05T03:50:26.000Z","dependencies_parsed_at":"2025-10-29T05:49:16.123Z","dependency_job_id":"53514fe9-7d93-4cb4-b7a4-d794ccc12838","html_url":"https://github.com/aboutcode-org/dejacode","commit_stats":null,"previous_names":["nexb/dejacode","aboutcode-org/dejacode"],"tags_count":9,"template":false,"template_full_name":null,"purl":"pkg:github/aboutcode-org/dejacode","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aboutcode-org%2Fdejacode","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aboutcode-org%2Fdejacode/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aboutcode-org%2Fdejacode/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aboutcode-org%2Fdejacode/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/aboutcode-org","download_url":"https://codeload.github.com/aboutcode-org/dejacode/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/aboutcode-org%2Fdejacode/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30410367,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-12T00:40:14.898Z","status":"ssl_error","status_checked_at":"2026-03-12T00:40:08.439Z","response_time":84,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyclonedx","foss-compliance","license","open-source","package-url","purl","sca","scancode","spdx","vulnerabilities"],"created_at":"2024-11-14T19:41:54.045Z","updated_at":"2026-03-12T01:08:47.591Z","avatar_url":"https://github.com/aboutcode-org.png","language":"Python","readme":"DejaCode\n========\n\nDejaCode is a complete enterprise-level application to automate open source license\ncompliance and ensure software supply chain integrity, powered by\n`ScanCode \u003chttps://github.com/nexB/scancode-toolkit\u003e`_,\nthe industry-leading code scanner.\n\n- Run scans and track all the open source and third-party products and components used\n  in your software.\n- Apply usage policies at the license or component level, and integrate into\n  ScanCode to ensure compliance.\n- Capture software inventories (SBOMs), generate compliance artifacts, and keep\n  historical data.\n- Ensure FOSS compliance with enterprise-grade features and integrations for DevOps and\n  software systems.\n- Scan a software package, simply by providing its Download URL, to get comprehensive\n  details of its composition and create an SBOM.\n- Load software package data into DejaCode with the integration for the open source\n  ScanCode.io and ScanCode Toolkit projects to create a product’s SBOM.\n- Track and report vulnerability tracking and reporting by integrating with the open\n  source VulnerableCode project.\n- Create, publish and share SBOM documents in DejaCode, including detailed attribution\n  documentation and custom reports in multiple file formats and standards, such as\n  CycloneDX and SPDX.\n\nGetting started\n---------------\n\nThe DejaCode documentation is available here: https://dejacode.readthedocs.io/\n\nIf you have questions please ask them in\n`Discussions \u003chttps://github.com/aboutcode-org/dejacode/discussions\u003e`_.\n\nIf you want to contribute to DejaCode, start with our\n`Contributing \u003chttps://dejacode.readthedocs.io/en/latest/contributing.html\u003e`_ page.\n\nBuild and tests status\n----------------------\n\n+------------+-------------------+\n| **Tests**  | **Documentation** |\n+============+===================+\n| |ci-tests| |    |docs-rtd|     |\n+------------+-------------------+\n\nDejaCode License Notice\n-----------------------\n\nDejaCode is an enterprise-level application to automate open source license\ncompliance and ensure software supply chain integrity, powered by ScanCode,\nthe industry-leading code scanner.\n\nSPDX-License-Identifier: AGPL-3.0-only\n\nCopyright (c) nexB Inc., AboutCode and others\n\nThis program is free software: you can redistribute it and/or modify\nit under the terms of the GNU Affero General Public License as\npublished by the Free Software Foundation, version 3 of the License.\n\nThis program is distributed in the hope that it will be useful,\nbut WITHOUT ANY WARRANTY; without even the implied warranty of\nMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\nGNU Affero General Public License for more details.\n\nYou should have received a copy of the GNU Affero General Public License\nalong with this program.  If not, see \u003chttps://www.gnu.org/licenses/\u003e.\n\nCommercial Services option\n---------------------------\n\nnexB offers a commercial services option for DejaCode.\nYou can learn more about these options by contacting nexB at\nhttps://www.nexb.com/contact-us/\n\n\n.. |ci-tests| image:: https://github.com/aboutcode-org/dejacode/actions/workflows/ci.yml/badge.svg?branch=main\n    :target: https://github.com/aboutcode-org/dejacode/actions/workflows/ci.yml\n    :alt: CI Tests Status\n\n.. |docs-rtd| image:: https://readthedocs.org/projects/dejacode/badge/?version=latest\n    :target: https://dejacode.readthedocs.io/en/latest/?badge=latest\n    :alt: Documentation Build Status\n\nAcknowledgements, Funding, Support and Sponsoring\n--------------------------------------------------------\n\nThis project is funded, supported and sponsored by:\n\n- Generous support and contributions from users like you!\n- the European Commission NGI programme\n- the NLnet Foundation \n- the Swiss State Secretariat for Education, Research and Innovation (SERI)\n- Google, including the Google Summer of Code and the Google Seasons of Doc programmes\n- Mercedes-Benz Group\n- Microsoft and Microsoft Azure\n- AboutCode ASBL\n- nexB Inc. \n\n\n\n|europa|   |dgconnect| \n\n|ngi|   |nlnet|   \n\n|aboutcode|  |nexb|\n\n\nThis project was funded through the NGI0 Entrust Fund, a fund established by NLnet with financial\nsupport from the European Commission's Next Generation Internet programme, under the aegis of DG\nCommunications Networks, Content and Technology under grant agreement No 101069594. \n\n|ngizeroentrust| https://nlnet.nl/project/CRAVEX/\n\n\n\n.. |nlnet| image:: https://nlnet.nl/logo/banner.png\n    :target: https://nlnet.nl\n    :height: 50\n    :alt: NLnet foundation logo\n\n.. |ngi| image:: https://ngi.eu/wp-content/uploads/thegem-logos/logo_8269bc6efcf731d34b6385775d76511d_1x.png\n    :target: https://ngi.eu35\n    :height: 50\n    :alt: NGI logo\n\n.. |nexb| image:: https://nexb.com/wp-content/uploads/2022/04/nexB.svg\n    :target: https://nexb.com\n    :height: 30\n    :alt: nexB logo\n\n.. |europa| image:: https://ngi.eu/wp-content/uploads/sites/77/2017/10/bandiera_stelle.png\n    :target: http://ec.europa.eu/index_en.htm\n    :height: 40\n    :alt: Europa logo\n\n.. |aboutcode| image:: https://aboutcode.org/wp-content/uploads/2023/10/AboutCode.svg\n    :target: https://aboutcode.org/\n    :height: 30\n    :alt: AboutCode logo\n\n.. |swiss| image:: https://www.sbfi.admin.ch/sbfi/en/_jcr_content/logo/image.imagespooler.png/1493119032540/logo.png\n    :target: https://www.sbfi.admin.ch/sbfi/en/home/seri/seri.html\n    :height: 40\n    :alt: Swiss logo\n\n.. |dgconnect| image:: https://commission.europa.eu/themes/contrib/oe_theme/dist/ec/images/logo/positive/logo-ec--en.svg\n    :target: https://commission.europa.eu/about-european-commission/departments-and-executive-agencies/communications-networks-content-and-technology_en\n    :height: 40\n    :alt: EC DG Connect logo\n\n.. |ngizerocore| image:: https://nlnet.nl/image/logos/NGI0_tag.svg\n    :target: https://nlnet.nl/core\n    :height: 40\n    :alt: NGI Zero Core Logo\n\n.. |ngizerocommons| image:: https://nlnet.nl/image/logos/NGI0_tag.svg\n    :target: https://nlnet.nl/commonsfund/\n    :height: 40\n    :alt: NGI Zero Commons Logo\n\n.. |ngizeropet| image:: https://nlnet.nl/image/logos/NGI0PET_tag.svg\n    :target: https://nlnet.nl/PET\n    :height: 40\n    :alt: NGI Zero PET logo\n\n.. |ngizeroentrust| image:: https://nlnet.nl/image/logos/NGI0Entrust_tag.svg\n    :target: https://nlnet.nl/entrust\n    :height: 38\n    :alt: NGI Zero Entrust logo\n\n.. |ngiassure| image:: https://nlnet.nl/image/logos/NGIAssure_tag.svg\n    :target: https://nlnet.nl/image/logos/NGIAssure_tag.svg\n    :height: 32\n    :alt: NGI Assure logo\n\n.. |ngidiscovery| image:: https://nlnet.nl/image/logos/NGI0Discovery_tag.svg\n    :target: https://nlnet.nl/discovery/\n    :height: 40\n    :alt: NGI Discovery logo\n\n\n\n\n\n\n\n","funding_links":["https://github.com/sponsors/aboutcode-org","https://opencollective.com/aboutcode","https://causes.benevity.org/causes/056-5528680976845_a486"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faboutcode-org%2Fdejacode","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Faboutcode-org%2Fdejacode","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Faboutcode-org%2Fdejacode/lists"}