DejaCode: is a Cloud application server that automates open source license compliance and ensures software supply chain integrity. It is a comprehensive enterprise-level application, powered by ScanCode, the industry-leading code scanner.
- Run scans and track all the open source and third-party products and components used in your software.
- Apply usage policies at the license or component level, integrate into ScanCode to ensure compliance.
- Capture software inventories (SBOMs), generate compliance artifacts, and keep historical data.
- Ensure FOSS compliance with enterprise-grade features and integrations for DevOps and software systems.
- Scan a software package, simply by providing its Download URL, to get comprehensive details of its composition and create an SBOM.
- Load software package data into DejaCode with the integration for the open source ScanCode.io and ScanCode Toolkit projects to create a product’s SBOM.
- Track and report vulnerability tracking and reporting by integrating with the open source VulnerableCode project.
- Create, publish and share SBOM documents in DejaCode, including detailed attribution documentation and custom reports in multiple file formats and standards, such as CycloneDX and SPDX.
Read more at: https://dejacode.readthedocs.io
Get the code at: https://github.com/aboutcode-org/dejacode