aboutcode-org
diff --git a/‎.github/workflows/ci.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/ci.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/generate-sboms.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/generate-sboms.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/pypi-release-aboutcode-pipeline.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/pypi-release-aboutcode-pipeline.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/pypi-release.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/pypi-release.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.gitignore
Lines changed: 1 addition & 0 deletions b/‎.gitignore
Lines changed: 1 addition & 0 deletions
diff --git a/‎CHANGELOG.rst
Lines changed: 43 additions & 2 deletions b/‎CHANGELOG.rst
Lines changed: 43 additions & 2 deletions
diff --git a/‎Dockerfile
Lines changed: 1 addition & 1 deletion b/‎Dockerfile
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/automation.rst
Lines changed: 2 additions & 2 deletions b/‎docs/automation.rst
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/command-line-interface.rst
Lines changed: 12 additions & 0 deletions b/‎docs/command-line-interface.rst
Lines changed: 12 additions & 0 deletions
diff --git a/‎docs/faq.rst
Lines changed: 1 addition & 1 deletion b/‎docs/faq.rst
Lines changed: 1 addition & 1 deletion
@@ -31,7 +31,7 @@ jobs:
     strategy:
       max-parallel: 4
       matrix:
-        python-version: ["3.10", "3.11", "3.12"]
+        python-version: ["3.10", "3.11", "3.12", "3.13"]
 
     steps:
       - name: Checkout code
 
@@ -32,7 +32,7 @@ jobs:
           find scancodeio/ -type f -name "*.ABOUT" -exec cp {} "${{ env.INPUTS_PATH }}/about-files/" \;
 
       - name: Resolve the dependencies using ScanCode-action
-        uses: nexB/scancode-action@main
+        uses: aboutcode-org/scancode-action@main
         with:
           pipelines: "resolve_dependencies:DynamicResolver"
           inputs-path: ${{ env.INPUTS_PATH }}
 
@@ -17,7 +17,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: 3.12
+          python-version: 3.13
 
       - name: Install flot
         run: python -m pip install flot --user
 
@@ -17,7 +17,7 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v5
         with:
-          python-version: 3.12
+          python-version: 3.13
 
       - name: Install pypa/build
         run: python -m pip install build --user
 
@@ -51,6 +51,7 @@ local
 *.rdb
 *.aof
 .vscode
+.ipynb_checkpoints
 
 # This is only created when packaging for external redistribution
 /thirdparty/
@@ -1,14 +1,55 @@
 Changelog
 =========
 
-v34.12.0 (unreleased)
----------------------
+v35.1.0 (unreleased)
+--------------------
+
+- Add a ``--fail-on-vulnerabilities`` option in ``check-compliance`` management command.
+  When this option is enabled, the command will exit with a non-zero status if known
+  vulnerabilities are detected in discovered packages and dependencies.
+  Requires the ``find_vulnerabilities`` pipeline to be executed beforehand.
+  https://github.com/aboutcode-org/scancode.io/pull/1702
+
+v35.0.0 (2025-06-23)
+--------------------
+
+- Add support for Python 3.13.
+  Upgrade the base image in Dockerfile to ``python:3.13-slim``.
+  https://github.com/aboutcode-org/scancode.io/pull/1469/files
+
+- Display matched snippets details in "Resource viewer", including the package,
+  resource, and similarity values.
+  https://github.com/aboutcode-org/scancode.io/issues/1688
+
+- Add filtering by label and pipeline in the ``flush-projects`` management command.
+  Also, a new ``--dry-run`` option is available to test the filters before applying
+  the deletion.
+  https://github.com/aboutcode-org/scancode.io/pull/1690
+
+- Add support for using Package URL (purl) as project input.
+  This implementation is based on ``purl2url.get_download_url``.
+  https://github.com/aboutcode-org/scancode.io/issues/1383
 
 - Raise a ``MatchCodeIOException`` when the response from the MatchCode.io service is
   not valid in ``send_project_json_to_matchcode``.
   This generally means an issue on the MatchCode.io server side.
   https://github.com/aboutcode-org/scancode.io/issues/1665
 
+- Upgrade Bulma CSS and Ace JS libraries to latest versions.
+  Refine the CSS for the Resource viewer.
+  https://github.com/aboutcode-org/scancode.io/pull/1692
+
+- Add "(No value detected)" for Copyright and Holder charts.
+  https://github.com/aboutcode-org/scancode.io/issues/1697
+
+- Add "Package Compliance Alert" chart in the Policies section.
+  https://github.com/aboutcode-org/scancode.io/pull/1699
+
+- Update univers to v31.0.0, catch ``NotImplementedError`` in
+  ``get_unique_unresolved_purls``, and properly log error in project.
+  https://github.com/aboutcode-org/scancode.io/pull/1700
+  https://github.com/aboutcode-org/scancode.io/pull/1701
+
 v34.11.0 (2025-05-02)
 ---------------------
 
 
@@ -20,7 +20,7 @@
 # ScanCode.io is a free software code scanning tool from nexB Inc. and others.
 # Visit https://github.com/aboutcode-org/scancode.io for support and download.
 
-FROM python:3.12-slim
+FROM python:3.13-slim
 
 LABEL org.opencontainers.image.source="https://github.com/aboutcode-org/scancode.io"
 LABEL org.opencontainers.image.description="ScanCode.io"
 
@@ -79,8 +79,8 @@ automation methods such as a cron job or a git hook::
 Seamlessly integrate ScanCode.io into your GitHub Workflows to enable automated scans
 as an integral part of your development process.
 
-Visit the `scancode-action repository <https://github.com/nexB/scancode-action>`_ to
-explore and learn more about the GitHub Action for ScanCode.io.
+Visit the `scancode-action repository <https://github.com/aboutcode-org/scancode-action>`_
+to explore and learn more about the GitHub Action for ScanCode.io.
 The repository provides detailed information, usage instructions,
 and configuration options to help you incorporate code scanning effortlessly into your
 workflows.
 
@@ -497,6 +497,10 @@ Optional arguments:
 - ``--fail-level {ERROR,WARNING,MISSING}`` Compliance alert level that will cause the
   command to exit with a non-zero status. Default is ERROR.
 
+- ``--fail-on-vulnerabilities`` Exit with a non-zero status if known vulnerabilities
+  are detected in discovered packages and dependencies.
+  Requires the ``find_vulnerabilities`` pipeline to be executed beforehand.
+
 `$ scanpipe archive-project --project PROJECT`
 ----------------------------------------------
 
@@ -549,6 +553,14 @@ Optional arguments:
 
     scanpipe flush-projects --retain-days 7
 
+- ``--dry-run`` Do not delete any projects; just print the ones that would be flushed.
+
+- ``--label LABELS`` Filter projects by the provided label.
+  Multiple labels can be provided by using this argument multiple times.
+
+- ``--pipeline PIPELINES`` Filter projects by the provided pipeline name.
+  Multiple pipeline name can be provided by using this argument multiple times.
+
 - ``--no-input`` Does not prompt the user for input of any kind.
 
 
 
@@ -202,7 +202,7 @@ How can I trigger a pipeline scan from a CI/CD, such as Jenkins, TeamCity or Azu
 You can refer to the :ref:`automation` to automate your projects management.
 
 Also, A new GitHub action is available at
-`scancode-action repository <https://github.com/nexB/scancode-action>`_
+`scancode-action repository <https://github.com/aboutcode-org/scancode-action>`_
 to run ScanCode.io pipelines from your GitHub Workflows.
 
 How can I get notified about my project progression?