Use AboutCode to Start Scanning Code
You can use ScanCode.io to identify all the licenses associated with a package, codebase, or container. ScanCode.io will also identify software vulnerabilities. With its library of standard and custom pipelines, ScanCode.io performs deep and comprehensive scanning to meet your analysis requirements.
1. Install ScanCode.io
Install ScanCode.io
https://scancodeio.readthedocs.io/en/latest/installation.html
Configure ScanCode.io to identify software vulnerabilities.
2. Scan Software Using ScanCode.io
Create a new Project in ScanCode.io to scan a Docker image.
https://scancodeio.readthedocs.io/en/latest/tutorial_web_ui_analyze_docker_image.html
You now know how to use the analyze_docker_image pipeline!
3. Review Scan Results Using ScanCode.io
https://scancodeio.readthedocs.io/en/latest/tutorial_web_ui_review_scan_results.html
4. Analyze a Codebase from the Command Line
Thinking about integrating ScanCode.io into your build system? You can scan a codebase from the command line.
https://scancodeio.readthedocs.io/en/latest/tutorial_cli_analyze_codebase.html
You now know how to use the scan_codebase pipeline, and you are ready to explore the many other features of ScanCode.io!