ScanCode.io documentation
Welcome to the very start of your ScanCode.io journey! In this documentation you’ll find information on:
An overview of ScanCode.io and ScanPipe
Installation instructions
Tutorials to get you started
Reference documentation about the ScanPipe concepts, Pipelines, Pipes and more
How to make technical contributions to the project and the community
- ScanCode.io Overview
- Installation
- User Interface
- FAQs
- How can I run a scan?
- Which pipeline should I use?
- What is the difference between scan_codebase and scan_single_package pipelines?
- Can I run multiple pipelines in parallel?
- Can I pause/resume a running pipeline?
- What tool does ScanCode.io use to analyze docker images?
- Am I able to run ScanCode.io on Windows?
- Is it possible to compare scan results?
- How can I trigger a pipeline scan from a CI/CD, such as Jenkins, TeamCity or Azure Devops?
- How to tag input files?
- How to fetch files from private sources and protected by credentials?
- Contributing to ScanCode.io
- Changelog
- v34.4.0 (unreleased)
- v34.3.0 (2024-04-10)
- v34.2.0 (2024-03-28)
- v34.1.0 (2024-03-27)
- v34.0.0 (2024-03-04)
- v33.1.0 (2024-02-02)
- v33.0.0 (2024-01-16)
- v32.7.0 (2023-10-25)
- v32.6.0 (2023-08-29)
- v32.5.2 (2023-08-14)
- v32.5.1 (2023-08-07)
- v32.5.0 (2023-08-02)
- v32.4.0 (2023-07-13)
- v32.3.0 (2023-06-12)
- v32.2.0 (2023-04-25)
- v32.1.0 (2023-03-23)
- v32.0.1 (2023-02-20)
- v32.0.0 (2022-11-29)
- v31.0.0 (2022-08-25)
- v30.2.0 (2021-12-17)
- v30.1.1 (2021-11-23)
- v30.1.0 (2021-11-22)
- v30.0.1 (2021-10-11)
- v30.0.0 (2021-10-8)
- v21.9.6
- v21.8.2
- v21.6.10
- v21.5.12
- v21.4.28
- v21.4.14
- v21.4.5
- v1.1.0 (2021-02-16)
- v1.0.7 (2021-02-01)
- v1.0.6 (2020-12-23)
- v1.0.5 (2020-12-07)
- v1.0.4 (2020-11-17)
- v1.0.3 (2020-09-24)
- v1.0.2 (2020-09-18)
- v1.0.1 (2020-09-12)
- v1.0.0 (2020-09-09)
- ScanPipe Concepts
- Built-in Pipelines
- Pipeline Base Class
- Analyse Docker Image
- Analyze Root Filesystem or VM Image
- Analyse Docker Windows Image
- Collect Source Strings (addon)
- Collect Codebase Symbols (addon)
- Find Vulnerabilities (addon)
- Inspect ELF Binaries (addon)
- Inspect Packages
- Load Inventory
- Load SBOM
- Resolve Dependencies
- Map Deploy To Develop
- Match to MatchCode (addon)
- Populate PurlDB (addon)
- Scan Codebase
- Scan Single Package
- Custom Pipelines
- Pipes
- Project configuration
- Data Models
- Output Files
- Command Line Interface
- $ scanpipe –help
- $ scanpipe <subcommand> –help
- $ scanpipe create-project <name>
- $ scanpipe list-project [–search SEARCH] [–include-archived]
- $ scanpipe add-input –project PROJECT [–input-file FILES] [–input-url URLS]
- $ scanpipe add-pipeline –project PROJECT PIPELINE_NAME [PIPELINE_NAME …]
- $ scanpipe execute –project PROJECT
- $ scanpipe show-pipeline –project PROJECT
- $ scanpipe status –project PROJECT
- $ scanpipe output –project PROJECT –format {json,csv,xlsx,spdx,cyclonedx,attribution}
- $ scanpipe archive-project –project PROJECT
- $ scanpipe reset-project –project PROJECT
- $ scanpipe delete-project –project PROJECT
- $ scanpipe create-user <username>
- REST API
- Automation
- Application Settings
- Recognized Distros, OS, and Images