Analyze Codebase (Command Line)
The focus of this tutorial is to guide you through scanning a codebase package using ScanCode.io.
Note
This tutorial assumes you have a current version of ScanCode.io installed locally on your machine. If you do not have it installed, see our Installation guide for instructions.
Requirements
Before you follow the instructions in this tutorial, you need to:
Install ScanCode.io locally
Download the following package archive and save it to your home directory: asgiref-3.3.0-py3-none-any.whl
Have Shell access on the machine where ScanCode.io is installed
Instructions
Open a shell in the ScanCode.io installation directory and activate the virtual environment - virtualenv:
$ source bin/activate
>> (scancodeio) $
Create a new project named
asgiref
:
$ scanpipe create-project asgiref
>> Project asgiref created with work directory projects/asgiref-072c89db
Add the package archive to the project workspace’s input/ directory:
$ scanpipe add-input --project asgiref --input-file ~/asgiref-3.3.0-py3-none-any.whl
>> File(s) copied to the project inputs directory:
- asgiref-3.3.0-py3-none-any.whl
Add the
scan_codebase
pipeline to your project:
$ scanpipe add-pipeline --project asgiref scan_codebase
>> Pipeline(s) added to the project
Note
The content of the input/ directory will be copied in the
codebase/ directory where extractcode
will be executed before
running scancode
.
Alternatively, the codebase content can be manually copied to the
codebase/ directory in which case the --input
option can be
omitted.
Run the
scan_codebase
pipeline on your project. The pipeline execution progress is shown within the following command’s output:
$ scanpipe execute --project asgiref
>> Pipeline scan_codebase run in progress..
2021-07-12 17:45:53.85 Pipeline [scan_codebase] starting
2021-07-12 17:45:53.85 Step [copy_inputs_to_codebase_directory] starting
2021-07-12 17:45:53.86 Step [copy_inputs_to_codebase_directory] completed in 0.00 seconds
2021-07-12 17:45:53.86 Step [extract_archives] starting
[...]
2021-07-12 17:46:01.61 Pipeline completed
Finally, you can view your scan results in JSON or CSV file formats inside the project’s output/ directory.
Tip
The inputs
and pipelines
can be provided at the same time when
calling the create-project
command. For instance, the following command
will create a new project named asgiref
, add the package archive as the
project input, add the scan_codebase
pipeline to the project, and
execute it:
$ scanpipe create-project asgiref \
--input-file ~/asgiref-3.3.0-py3-none-any.whl \
--pipeline scan_codebase \
--execute