Projects in Awesome Lists by aboutcode-org
A curated list of projects in awesome lists by aboutcode-org .
https://github.com/aboutcode-org/scancode-toolkit
:mag: ScanCode detects licenses, copyrights, dependencies by "scanning code" ... to discover and inventory open source and third-party packages used in your code. Sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase, the Google Summer of Code, Azure credits, nexB and others generous sponsors!
copyright copyright-scan cyclonedx dependencies dependency-graph license license-checking license-scan licensing open-source-licensing oss-compliance package-url packages provenance purl sbom sca software-composition-analysis spdx spdx-licenses
Last synced: 11 May 2025
https://github.com/aboutcode-org/vulnerablecode
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/
cpe cve cvss nvd ossindex osv package-url purl security security-tools snyk vulndb vulnerability vulnerability-database vulnerability-databases vulnerability-detection vulnerability-identification vulnerability-scanners
Last synced: 14 May 2025
https://github.com/aboutcode-org/aboutcode
AboutCode project: tools and data to uncover things about code: the provenance, origin, license, and more (packages, security, quality, etc.) of FOSS code
Last synced: 04 Mar 2025
https://github.com/aboutcode-org/scancode-workbench
:bar_chart: ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.
oss-compliance scancode scancode-workbench software-licensing
Last synced: 13 Oct 2025
https://github.com/aboutcode-org/scancode.io
ScanCode.io is a server to script and automate software composition analysis pipelines with ScanPipe pipelines. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
cyclonedx docker foss-compliance license open-source package-url purl sca scancode software-composition-analysis spdx virtual-machine vulnerabilities
Last synced: 15 May 2025
https://github.com/aboutcode-org/aboutcode-toolkit
:white_check_mark: AboutCode Toolkit provides a simple way to document provenance metadata (origin and license) about third-party code that you use in your project: it includes utilities to generate inventory/BOM or Attribution documentation.
Last synced: 04 Apr 2025
https://github.com/aboutcode-org/license-expression
Utility library to parse, normalize and compare License expressions for Python using a boolean logic engine. For expressions using SPDX or any other license id scheme.
boolean-expression license-expression licensing python spdx spdx-license
Last synced: 11 Dec 2025
https://github.com/aboutcode-org/scancode-licensedb
A free and open database of all the licenses, in particular all the open source software licenses
foss license scancode-licensedb scancode-toolkit
Last synced: 03 Dec 2025
https://github.com/aboutcode-org/extractcode
A mostly universal file extraction library and CLI tool to extract almost any archive in a reasonably safe way on Linux, macOS and Windows.
7zip archive bzip2 cab cpio decompression extract extractor gzip iso9660 libarchive lzma tar xz zip zstd
Last synced: 27 Oct 2025
https://github.com/aboutcode-org/container-inspector
container-inspector is a suite of analysis utilities and command line tools for Docker container images, their layers and how these relate to each other. It can also handle OCI images and Dockerfiles.
container container-analysis container-image docker docker-image oci-image
Last synced: 07 May 2025
https://github.com/aboutcode-org/univers
Parse and compare all the package versions and all the ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!
dependencies dependency-resolver osv package-manager package-url purl version versioning vulnerabilities vulnerablecode
Last synced: 04 Apr 2025
https://github.com/aboutcode-org/python-publicsuffix2
A small Python library to deal with publicsuffix data (includes a bundled PSL as "package data") in a wheel friendly format. Fork and continuation of Tomaž Šolc's "publicsuffix"
publicsuffix python tld top-level-domain
Last synced: 12 Dec 2025
https://github.com/aboutcode-org/dejacode
Automate open source license compliance and ensure software supply chain integrity
cyclonedx foss-compliance license open-source package-url purl sca scancode spdx vulnerabilities
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/purldb
Tools to create and expose a database of purls (Package URLs). This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ and nexB for https://www.aboutcode.org/ Chat is at https://gitter.im/aboutcode-org/discuss
Last synced: 04 Mar 2025
https://github.com/aboutcode-org/tracecode-toolkit-strace
Trace software components, packages and files between Development/Source and Deployment/Distribution/Binaries codebases - strace build analysis
build build-analysis build-tracing strace tracing
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/python-inspector
Inspect Python code and PyPI package manifests. Resolve Python dependencies.
dependency-resolver pip python
Last synced: 05 Apr 2025
https://github.com/aboutcode-org/deltacode
DeltaCode: compare two codebase scans (from ScanCode) to detect significant changes.
deltacode oss-compliance scancode software-licensing
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/pip-requirements-parser
a mostly correct pip requirements parsing library
Last synced: 12 Dec 2025
https://github.com/aboutcode-org/debian-inspector
A python library to parse Debian deb822-style control and copyright files and all related Debian, Ubuntu and Debian-derivative manifest and metadata files, an alternative approach to python-debian.
apt apt-get deb822 debian debian-control debian-copyright debian-packages debian-packaging debian-repositories debian-source-contro dep5 dpkg dpkg-deb python-debian ubuntu
Last synced: 10 Apr 2025
https://github.com/aboutcode-org/cwe2
Common weakness enumeration library for Python (maintained fork of https://github.com/Julian-Nash/cwe )
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/fetchcode
A library to reliably fetch code via HTTP, FTP and version control systems. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ Google Summer of Code, nexB and others generous sponsors!
Last synced: 04 Mar 2025
https://github.com/aboutcode-org/saneyaml
Cleaner, simpler, safer and saner YAML parsing/serialization in Python, for YAML meant to be readable first, on top of PyYAML
Last synced: 27 Jul 2025
https://github.com/aboutcode-org/ai-gen-code-search
A set of utilities and tools to detect and search AI-generated code
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/matchcode-toolkit
A collection of plugins that makes matchcode-related functions available for scancode-toolkit and scancode.io.
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/tracecode-toolkit
Trace software components, packages and files between Development/Source and Deployment/Distribution/Binaries codebases - Static analysis
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/scancode-analyzer
scancode-results-analyzer
Last synced: 13 Dec 2025
https://github.com/aboutcode-org/pygmars
Craft simple regex-based small language lexers and parsers. Build parsers from grammars and accept Pygments lexers as an input. Derived from NLTK.
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/scancode-thirdparty-src
Source code for ScanCode prebuilt dependencies
Last synced: 23 Jun 2025
https://github.com/aboutcode-org/nuget-inspector
Inspect and resolve .NET and NuGet package dependencies like dotnet and nuget do. Fetch manifests data. Runs on Linux, Windows and macOS as a standalone application.
dependencies dependency-resolver dotnet nuget package-manager
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/purldb-data
A dataset of purl for offline lookup and verification usage. This project is sponsored by NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ and nexB for https://www.aboutcode.org/ Chat is at https://gitter.im/aboutcode-org/discuss
dependencies package package-management purl purldb
Last synced: 02 Dec 2025
https://github.com/aboutcode-org/django-altcha
Django field and widget for Altcha CAPTCHA.
altcha captcha django open-source
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/commoncode
A library of common functions shared in many other AboutCode projects
Last synced: 30 Jul 2025
https://github.com/aboutcode-org/federatedcode
Decentralized and federated metadata for software applications
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/flot
Make it easier to create Python packages. Build multiple Python packages from one repo easily.
Last synced: 14 Dec 2025
https://github.com/aboutcode-org/pkginfo2
Git mirror of http://bazaar.launchpad.net/~tseaver/pkginfo ... with modifications
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/workshop
FOSS license and security compliance tools workshop before FOSDEM
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/scancode-plugins
A set of plugins either delivered as builtin scancode-toolkit or extra plugins
Last synced: 04 Mar 2025
https://github.com/aboutcode-org/turbo-spdx
Fast and lightweight Python library for parsing and writing SPDX JSON documents correctly.
fast json lightweight python sbom-generator sbom-reader spdx spdx-23
Last synced: 23 Jun 2025
https://github.com/aboutcode-org/vulnerablecode-data
A demonstration, and testbed data storage for FederatedCode data
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/pymaven
pymaven is a library for working with maven repositories via python. pymaven is not intended as a complete replacement of the maven build system, but instead as a way for python programs to fetch artifacts and artifact dependencies from maven2 repositories.
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/github-import-issues-csv
A simple tool designed to import new issues from a CSV file into GitHub repositories and optionally, to add these issues to Projects. Also copies items between projects.
csv-import github-issues github-projects
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/dependency-inspector
A general purpose, mostly universal software package dependency resolver.
Last synced: 11 Apr 2025
https://github.com/aboutcode-org/scancode-toolkit-contrib
Candidate additions and contribution for the ScanCode toolkit
Last synced: 21 Jul 2025
https://github.com/aboutcode-org/heritedcode
A software heritage API client
Last synced: 23 Jun 2025
https://github.com/aboutcode-org/popular-package-purls
List of popular open source packages keyed by Package-URL (PURL).
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/purl-benchmarks
AboutCode PURL Accuracy Benchmarks
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/vulnerablecode-ai-experiments
Experiments with AI to analyze vulnerabilities
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/rust-inspector
An inspector for Rust language-based source, binaries, packages, dependencies and metadata
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/spdx-licenses
A mirror of http://spdx.org licenses
Last synced: 23 Jun 2025
https://github.com/aboutcode-org/binary-inspector
A library and tools to inspect binaries (elf, winpe, mach0) for dependencies, symbols and other info, and models to store this.
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/source-inspector
Tools to inspect source code and code symbols
Last synced: 24 Jun 2025
https://github.com/aboutcode-org/purl-validator.rs
Offline Package URL validator using a prebuilt FST of known packages.
airgapped fst packageurl purl sbom-tool
Last synced: 05 Jan 2026
https://github.com/aboutcode-org/aboutcode-mirror-kev
AboutCode Mirror for CISA Known Exploited Vulnerabilities
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/elf-inspector
A library to inspect ELF binary files
Last synced: 04 Mar 2025
https://github.com/aboutcode-org/purl-validator
Let's create a PURL validator that's decentralized such that libraries can use it offline and help them create better PURLs.
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/scancode.io-tutorial
Tutorial code and test files for ScanCode.io and ScanPipe
Last synced: 23 Jun 2025
https://github.com/aboutcode-org/back2source-data
Checking if package sources and binaries match
Last synced: 04 Mar 2025
https://github.com/aboutcode-org/gsoc-proposals
An archive of GSoC proposals recieved by aboutcode.
Last synced: 23 Jun 2025
https://github.com/aboutcode-org/www.aboutcode.org
Staging, issue content tidbits for AboutCode.org
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/aboutcode-mirror-nuget-catalog
Append-only mirror of NuGet Catalog, updated hourly
Last synced: 10 Oct 2025
https://github.com/aboutcode-org/android-inspector
android-inspector is a library of utilities to introspect source and binary Android apps and Android device firmware. It can be used as a plugin to ScanCode.
android android-application decompiler dex extractor sbom
Last synced: 25 Mar 2025
https://github.com/aboutcode-org/thirdparty-packages
A collection of various pre-built thirdparty packages with their corresponding source code
Last synced: 04 Mar 2025
https://github.com/aboutcode-org/aboutcode-example-code
Example code used for AboutCode training
Last synced: 23 Jun 2025
https://github.com/aboutcode-org/scorecode
A library to fetch and store various software package score, like OpenSSF Scorecard data.
Last synced: 08 May 2025
https://github.com/aboutcode-org/project-sync-for-github
Display your GitHub projects in Wordpress - Maintained fork of https://plugins.trac.wordpress.org/browser/project-sync-for-github
Last synced: 01 Sep 2025
https://github.com/aboutcode-org/go-inspector
An inspector for Go language-based source, binaries, packages, dependencies and metadata
Last synced: 20 Jun 2025