Skip to content

Releases: scanoss/scanoss.py

Proxy and Results Conversion Support

02 Dec 19:02
@eeisegn eeisegn
v1.3.0
404f7e7
Compare
Choose a tag to compare
Proxy and Results Conversion Support

This release contains multiple features:

  • Added support for proxy (--proxy) and certificates (--ca-certs) while scanning
    • Certificates can also be supplied using environment variables: REQUESTS_CA_BUNDLE & GRPC_DEFAULT_SSL_ROOTS_FILE_PATH
    • Proxies can be supplied using: grpc_proxy, https_proxy, http_proxy, HTTPS_PROXY, HTTP_PROXY
  • Added snippet match fields to CSV output
  • Added convert command to convert raw JSON reports into CSV, CycloneDX and SPDXLite
  • Added utils certloc sub-command to print the location of Python's CA Cert file
    • This is useful to know where to append custom certificates to if needed
Loading

File statistics and multi-platform container images

18 Nov 16:17
@eeisegn eeisegn
v1.2.2
20ccf9d
Compare
Choose a tag to compare
File statistics and multi-platform container images

This release contains a new sub command; scanoss-py file_count . which will produce file extension statistics for evaluating how much source code is in a folder.
It also contains multiple container platform (amd64 and arm64) images.

Loading

CycloneDX Vulnerability Details and Scan Obfuscation

09 Nov 12:23
@eeisegn eeisegn
v1.2.0
f94e07a
Compare
Choose a tag to compare
CycloneDX Vulnerability Details and Scan Obfuscation

This release contains vulnerability details in the CycloneDX output and adds support for filename obfuscation (--obfuscate) while scanning source files.

Loading

Fixed issue with dependency lock file parsing

19 Oct 10:22
@eeisegn eeisegn
v1.1.1
b97f2cc
Compare
Choose a tag to compare
Fixed issue with dependency lock file parsing

Fixed an issue where some .lock files were overwriting dependency entries.

Loading

SPDXLite and CycloneDX Improvements

13 Oct 18:29
@eeisegn eeisegn
v1.1.0
95e4397
Compare
Choose a tag to compare
SPDXLite and CycloneDX Improvements

Updated the SPDX Lite license references for non-SPDX compliant instances. Updated CycloneDX to support version 1.4.

Loading

Scancode 2.0 output support

06 Oct 14:59
@eeisegn eeisegn
v1.0.6
6ced7de
Compare
Choose a tag to compare
Scancode 2.0 output support

This version adds support for parsing Scancode 2.0 output format.

Loading

CSV Output and SPDX Updates

22 Jul 19:55
@scanoss-cs scanoss-cs
v1.0.0
22fb863
Compare
Choose a tag to compare
CSV Output and SPDX Updates

This release contains updates to the SPDX Lite output to make it compliant with the 2.2 standard, including documentDescribes.
It also has added support for CSV report output (--format csv).

Loading

Dependency Analysis Support

10 Jun 10:59
@scanoss-cs scanoss-cs
v0.9.0
1aaaea6
Compare
Choose a tag to compare
Dependency Analysis Support

This version of the CLI now supports package dependency decoration as part of the scanning process (--dependencies).
Please note, it depends on scancode to search for the dependency data.
There is also a docker image which contains both tools (for convenience). It can be found here.

Loading

SPDX Lite Output Updates

15 Dec 17:05
@scanoss-cs scanoss-cs
v0.7.4
aa3d3a9
Compare
Choose a tag to compare
SPDX Lite Output Updates 
v0.7.4

Extended SPDX Lite data production
Loading

SPDX Lite Output

11 Dec 13:18
@scanoss-cs scanoss-cs
v0.7.3
1a72651
Compare
Choose a tag to compare
SPDX Lite Output

Added support for SPDX Lite as an output format

Loading