DejaCode

DejaCode: is a Cloud application server that automates open source license compliance and ensures software supply chain integrity. It is a comprehensive enterprise-level application, powered by ScanCode, the industry-leading code scanner.

• Run scans and track all the open source and third-party products and components used in your software.

• Apply usage policies at the license or component level, integrate into ScanCode to ensure compliance.

• Capture software inventories (SBOMs), generate compliance artifacts, and keep historical data.

• Ensure FOSS compliance with enterprise-grade features and integrations for DevOps and software systems.

• Scan a software package, simply by providing its Download URL, to get comprehensive details of its composition and create an SBOM.

• Load software package data into DejaCode with the integration for the open source ScanCode.io and ScanCode Toolkit projects to create a product’s SBOM.

• Track and report vulnerability tracking and reporting by integrating with the open source VulnerableCode project.

• Create, publish and share SBOM documents in DejaCode, including detailed attribution documentation and custom reports in multiple file formats and standards, such as CycloneDX and SPDX.

Read more at: https://dejacode.readthedocs.io

Get the code at: https://github.com/aboutcode-org/dejacode