All Available Options

This section contains an exhaustive list of all Scancode options, arranged in various sections. The sections are as follows:

  • Basic Scan Options

  • Core Scan Options

  • Output Formats

  • Controlling Output and Filters

  • Pre-Scan Options

  • Post-Scan Options

There’s also another section for extractcode options.

The order of the sections and all their options is the same as in the :ref:’cli_help_text’, available in the command line.

Note

Please note that different for different install methods, scan commands vary.

The basic command to perform a scan, in case of a download and configure installation (on Linux/MacOS) is:

path/to/scancode [OPTIONS] <OUTPUT FORMAT OPTION(s)> <SCAN INPUT>

The basic usage, if Scancode is installed from pip, or in Windows:

scancode [OPTIONS] <OUTPUT FORMAT OPTION(s)> <SCAN INPUT>

For more information on how the Scan Command varies for Various Installation Methods/Operating Systems, refer Command Invocation Variations.

All “Basic” Scan Options

Option lists are two-column lists of command-line options and descriptions, documenting a program’s options. For example:

-c, --copyright

Scan <input> for copyrights.

Sub-Options:

  • --consolidate

-l, --license

Scan <input> for licenses.

Sub-Options:

  • --consolidate

  • --license-score INT

  • --license-text

  • --license-url-template TEXT

  • --license-text-diagnostics

  • --is-license-text

-p, --package

Scan <input> for packages.

Sub-Options:

  • --consolidate

-e, --email

Scan <input> for emails.

Sub-Options:

  • --max-email INT

-u, --url

Scan <input> for urls.

Sub-Options:

  • --max-url INT

-i, --info

Include information such as:

  • Size,

  • Type,

  • Date,

  • Programming language,

  • sha1 and md5 hashes,

  • binary/text/archive/media/source/script flags

  • Additional options through more CLI options

Sub-Options:

  • --mark-source

Note

Unlike previous 2.x versions, -c, -l, and -p are not default. If any of combination of these options are used, ScanCode only performs that specific task, and not the others. scancode -e only scans for emails, and doesn’t scan for copyright/license/packages/general information.

Note

These options, i.e. -c, -l, -p, -e, -u, and -i can be used together. As in, instead of scancode -c -i -p, you can write scancode -cip and it will be the same.

--generated

Classify automatically generated code files with a flag.

--max-email INT

Report only up to INT emails found in a file. Use 0 for no limit. [Default: 50]

Sub-Option of - --email

--max-url INT

Report only up to INT urls found in a file. Use 0 for no limit. [Default: 50]

Sub-Option of - --url

--license-score INTEGER

Do not return license matches with scores lower than this score. A number between 0 and 100. [Default: 0] Here, a bigger number means a better match, i.e. Setting a higher license score translates to a higher threshold (with equal or less number of matches).

Sub-Option of - --license

--license-text

Include the matched text for the detected licenses in the output report.

Sub-Option of - --license

Sub-Options:

  • --license-text-diagnostics

  • --is-license-text

--license-url-template TEXT

Set the template URL used for the license reference URLs.

In a template URL, curly braces ({}) are replaced by the license key. [Default: https://enterprise.dejacode.com/urn/urn:dje:license:{}]

Sub-Option of - --license

--license-text-diagnostics

In the matched license text, include diagnostic highlights surrounding with square brackets [] words that are not matched.

Sub-Option of - --license and --license-text


All Extractcode Options

This is intended to be used as an input preparation step, before running the scan. Archives found in an extracted archive are extracted recursively by default. Extraction is done in-place in a directory named ‘-extract’ side-by-side with an archive.

To extract the packages in the samples directory

extractcode samples

This extracts the zlib.tar.gz package:

../_images/extractcode.png
--shallow

Do not extract recursively nested archives (e.g. Not archives in archives).

--verbose

Print verbose file-by-file progress messages.

--quiet

Do not print any summary or progress message.

-h, --help

Show the extractcode help message and exit.

--about

Show information about ScanCode and licensing and exit.

--version

Show the version and exit.


scancode-reindex-licenses Usage

Usage: scancode-reindex-licenses [OPTIONS]

Reindex scancode licenses and exit

Options

--all-languages

[EXPERIMENTAL] Rebuild the license index including texts all languages (and not only English) and exit.

--only-builtin

Rebuild the license index excluding any additional license directory or additional license plugins which were added previously, i.e. with only builtin scancode license and rules.

--additional-directory DIR

Include this directory with additional custom licenses and license rules in the license detection index.

-h, --help

Shows the options and explanations.


All “Core” Scan Options

-n, --processes INTEGER

Scan <input> using n parallel processes. [Default: 1]

-v, --verbose

Print verbose file-by-file progress messages.

-q, --quiet

Do not print summary or progress messages.

--timeout FLOAT

Stop scanning a file if scanning takes longer than a timeout in seconds. [Default: 120]

--from-json

Load codebase from an existing JSON scan

--max-in-memory INTEGER

Maximum number of files and directories scan details kept in memory during a scan. Additional files and directories scan details above this number are cached on-disk rather than in memory. Use 0 to use unlimited memory and disable on-disk caching. Use -1 to use only on-disk caching. [Default: 10000]

--max-depth INTEGER

Descend at most INTEGER levels of directories including and below the starting point. INTEGER must be positive or zero for no limit. [Default: 0]


All Scan Output Options

--json FILE

Write scan output as compact JSON to FILE.

--json-pp FILE

Write scan output as pretty-printed JSON to FILE. This is one of the recommended output formats and contains all the data scancode can show along with the YAML output format.

--json-lines FILE

Write scan output as JSON Lines to FILE.

--yaml FILE

Write scan output as YAML to FILE. This is one of the recommended output formats and contains all the data scancode can show along with the JSON output format.

--csv FILE

DEPRECATED: Write scan output as CSV to FILE. This option is deprecated and will be replaced by new CSV and tabular output formats in the next ScanCode release. Visit this issue for details: https://github.com/nexB/scancode-toolkit/issues/3043 and also provide inputs and feedback.

--html FILE

Write scan output as HTML to FILE.

--custom-output

Write scan output to FILE formatted with the custom Jinja template file.

Mandatory Sub-option:

  • --custom-template FILE

--custom-template FILE

Use this Jinja template FILE as a custom template.

Sub-Option of: --custom-output

--spdx-rdf FILE

Write scan output as SPDX RDF to FILE.

--spdx-tv FILE

Write scan output as SPDX Tag/Value to FILE.

--html-app FILE

Write scan output as a mini HTML application to FILE.

--cyclonedx FILE

Write scan output as a CycloneDx 1.3 BOM in pretty-printed JSON format to FILE

--cyclonedx-xml FILE

Write scan output as a CycloneDx 1.3 BOM in pretty-printed XML format to FILE

Warning

The html-app feature has been deprecated and you should use Scancode Workbench instead to visualize scan results. The official Repository link. Also refer How to Visualize Scan results.


All “Output Control” Scan Options

--strip-root

Strip the root directory segment of all paths.

--full-root

Report full, absolute paths.

Note

The options --strip-root and --full-root can’t be used together, i.e. Any one option may be used in a single scan.

Note

The default is to always include the last directory segment of the scanned path such that all paths have a common root directory.

--ignore-author <pattern>

Ignore a file (and all its findings) if an author contains a match to the <pattern> regular expression.

--ignore-copyright-holder <pattern>

Ignore a file (and all its findings) if a copyright holder contains a match to the <pattern> regular expression.

Note

Note that this both the options --ignore-author and --ignore-copyright-holder will ignore a file even if it has other scanned data such as a license or errors.

--only-findings

Only return files or directories with findings for the requested scans. Files and directories without findings are omitted (file information is not treated as findings).


All “Pre-Scan” Options

--ignore <pattern>

Ignore files matching <pattern>.

--include <pattern>

Include files matching <pattern>.

--classify

Classify files with flags telling if the file is a legal, or readme or test file, etc.

Sub-Options:

  • --license-clarity-score

  • --summary-key-files

--facet <facet_pattern>

Here <facet_pattern> represents <facet>=<pattern>. Add the <facet> to files with a path matching <pattern>.

Sub-Options:

  • --summary-by-facet


All “Post-Scan” Options

--mark-source

Set the “is_source” flag to true for directories that contain over 90% of source files as direct children and descendants. Count the number of source files in a directory as a new “source_file_counts” attribute

Sub-Option of - --url

--consolidate

Group resources by Packages or license and copyright holder and return those groupings as a list of consolidated packages and a list of consolidated components. The –consolidate option will be deprecated in a future version of scancode-toolkit as top level packages now provide a improved consolidated data.

Sub-Option of - --copyright, --license and --packages.

--filter-clues

Filter redundant duplicated clues already contained in detected licenses, copyright texts and notices.

--is-license-text

[DEPRECATED] Set the “is_license_text” flag to true for files that contain mostly license texts and notices (e.g. over 90% of the content). This is now built-in in the –license-text option with a “percentage_of_license_text” attribute.

Sub-Option of - --info and --license-text.

Warning

--is-license-text is an experimental Option.

--license-clarity-score

Compute a summary license clarity score at the codebase level.

Sub-Option of - --classify.

--license-policy FILE

Load a License Policy file and apply it to the scan at the Resource level.

--summary

Summarize license, copyright and other scans at the codebase level.

Sub-Options:

  • --summary-by-facet

  • --summary-key-files

  • --summary-with-details

--summary-by-facet

Summarize license, copyright and other scans and group the results by facet.

Sub-Option of - --summary and --facet.

--summary-key-files

Summarize license, copyright and other scans for key, top-level files. Key files are top- level codebase files such as COPYING, README and package manifests as reported by the --classify option “is_legal”, “is_readme”, “is_manifest” and “is_top_level” flags.

Sub-Option of - --classify and --summary.

--summary-with-details

Summarize license, copyright and other scans at the codebase level, keeping intermediate details at the file and directory level.