Merge branch 'main' into store-all-downloaded-packages

Author: VarshaUN

.github/workflows/ci.yml

@@ -31,7 +31,7 @@ jobs:
     strategy:
       max-parallel: 4
       matrix:
-        python-version: ["3.10", "3.11", "3.12"]
+        python-version: ["3.10", "3.11", "3.12", "3.13"]
 
     steps:
       - name: Checkout code

.github/workflows/generate-sboms.yml

@@ -32,7 +32,7 @@ jobs:
           find scancodeio/ -type f -name "*.ABOUT" -exec cp {} "${{ env.INPUTS_PATH }}/about-files/" \;
 
       - name: Resolve the dependencies using ScanCode-action
-        uses: nexB/scancode-action@main
+        uses: aboutcode-org/scancode-action@main
         with:
           pipelines: "resolve_dependencies:DynamicResolver"
           inputs-path: ${{ env.INPUTS_PATH }}

.github/workflows/pypi-release-aboutcode-pipeline.yml

@@ -17,7 +17,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: 3.12
+          python-version: 3.13
 
       - name: Install flot
         run: python -m pip install flot --user

.github/workflows/pypi-release.yml

@@ -17,7 +17,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: 3.12
+          python-version: 3.13
 
       - name: Install pypa/build
         run: python -m pip install build --user

.gitignore

@@ -51,6 +51,7 @@ local
 *.rdb
 *.aof
 .vscode
+.ipynb_checkpoints
 
 # This is only created when packaging for external redistribution
 /thirdparty/

CHANGELOG.rst

@@ -1,8 +1,21 @@
 Changelog
 =========
 
-v34.12.0 (unreleased)
----------------------
+v35.0.0 (2025-06-23)
+--------------------
+
+- Add support for Python 3.13.
+  Upgrade the base image in Dockerfile to ``python:3.13-slim``.
+  https://github.com/aboutcode-org/scancode.io/pull/1469/files
+
+- Display matched snippets details in "Resource viewer", including the package,
+  resource, and similarity values.
+  https://github.com/aboutcode-org/scancode.io/issues/1688
+
+- Add filtering by label and pipeline in the ``flush-projects`` management command.
+  Also, a new ``--dry-run`` option is available to test the filters before applying
+  the deletion.
+  https://github.com/aboutcode-org/scancode.io/pull/1690
 
 - Add support for using Package URL (purl) as project input.
   This implementation is based on ``purl2url.get_download_url``.
@@ -13,6 +26,16 @@ v34.12.0 (unreleased)
   This generally means an issue on the MatchCode.io server side.
   https://github.com/aboutcode-org/scancode.io/issues/1665
 
+- Upgrade Bulma CSS and Ace JS libraries to latest versions.
+  Refine the CSS for the Resource viewer.
+  https://github.com/aboutcode-org/scancode.io/pull/1692
+
+- Add "(No value detected)" for Copyright and Holder charts.
+  https://github.com/aboutcode-org/scancode.io/issues/1697
+
+- Add "Package Compliance Alert" chart in the Policies section.
+  https://github.com/aboutcode-org/scancode.io/pull/1699
+
 v34.11.0 (2025-05-02)
 ---------------------
 

Dockerfile

@@ -20,7 +20,7 @@
 # ScanCode.io is a free software code scanning tool from nexB Inc. and others.
 # Visit https://github.com/aboutcode-org/scancode.io for support and download.
 
-FROM python:3.12-slim
+FROM python:3.13-slim
 
 LABEL org.opencontainers.image.source="https://github.com/aboutcode-org/scancode.io"
 LABEL org.opencontainers.image.description="ScanCode.io"

docs/automation.rst

@@ -79,8 +79,8 @@ automation methods such as a cron job or a git hook::
 Seamlessly integrate ScanCode.io into your GitHub Workflows to enable automated scans
 as an integral part of your development process.
 
-Visit the `scancode-action repository <https://github.com/nexB/scancode-action>`_ to
-explore and learn more about the GitHub Action for ScanCode.io.
+Visit the `scancode-action repository <https://github.com/aboutcode-org/scancode-action>`_
+to explore and learn more about the GitHub Action for ScanCode.io.
 The repository provides detailed information, usage instructions,
 and configuration options to help you incorporate code scanning effortlessly into your
 workflows.

docs/command-line-interface.rst

@@ -549,6 +549,14 @@ Optional arguments:
 
     scanpipe flush-projects --retain-days 7
 
+- ``--dry-run`` Do not delete any projects; just print the ones that would be flushed.
+
+- ``--label LABELS`` Filter projects by the provided label.
+  Multiple labels can be provided by using this argument multiple times.
+
+- ``--pipeline PIPELINES`` Filter projects by the provided pipeline name.
+  Multiple pipeline name can be provided by using this argument multiple times.
+
 - ``--no-input`` Does not prompt the user for input of any kind.
 
 

docs/faq.rst

@@ -202,7 +202,7 @@ How can I trigger a pipeline scan from a CI/CD, such as Jenkins, TeamCity or Azu
 You can refer to the :ref:`automation` to automate your projects management.
 
 Also, A new GitHub action is available at
-`scancode-action repository <https://github.com/nexB/scancode-action>`_
+`scancode-action repository <https://github.com/aboutcode-org/scancode-action>`_
 to run ScanCode.io pipelines from your GitHub Workflows.
 
 How can I get notified about my project progression?