Skip to content


@inveniosoftware @dejacode @nexB @spdx @package-url @clearlydefined


  1. 🔎 ScanCode detects licenses, copyrights, package manifests & dependencies and more by scanning code ... to discover and inventory open source and third-party packages used in your code.

    C 1k 284

  2. AboutCode Toolkit provides a simple way to document provenance metadata (origin and license) about third-party code that you use in your project: it includes utilities to generate inventory/BOM o…

    Python 58 22

  3. 📊 ScanCode Workbench is a desktop app to review and conclude license and origin from code scans generated by ScanCode Toolkit.

    HTML 82 42

  4. [WIP] A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities.

    Python 58 22

1,754 contributions in the last year

Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Mon Wed Fri

Contribution activity

September 2020

Created a pull request in numpy/numpy that received 2 comments

DOC: Use SPDX license expressions with correct license

After a check I found that tools/npy_tempita/license.txt license is an MIT license and not a "BSD Derived" as reported. I also propose to use SPDX …

+4 −4 2 comments

Created an issue in nexB/scancode-toolkit that received 6 comments

Seeing something unexpected? Take a look at the GitHub profile guide.

You can’t perform that action at this time.