Roadmap
This is a high level list of what we are working on and what is completed.
This is not updated regularly, see the milestones instead for updated shorter and longer term roadmaps.
Legend
Work in Progress
(see Completed features below)
Package manifest and dependency parsers
Docker image base (as part of: https://github.com/pombredanne/conan ) #651
RubyGems base and dependencies #650 (code in https://github.com/aboutcode-org/scancode-toolkit-contrib/ )
Perl, CPAN (basic in https://github.com/aboutcode-org/scancode-toolkit-contrib/)
Go : parsing for Godep in https://github.com/aboutcode-org/scancode-toolkit-contrib/
License Detection
support and detect license expressions (code in https://github.com/aboutcode-org/license-expression)
Copyrights
Core features
pre/post/ouput plugins! (worked as part of the GSoC by @yadsharaf )
transparent archive extraction (as opposed to on-demand with extractcode)
scancode.yml configuration file for exclusions, defaults, scan failure conditions, etc.
support scan pipelines and rules to organize more complex scans
scan baselining, delta scan and failure conditions (such as license change, etc) ( spawned as its the DeltaCode project)
dedupe and similarities to avoid re-scanning. For now only identical files are scanned only once.
native support for ABC Data (See AboutCode Data Structure (ABCD) )
Classification, summarization and deduction
Source code support (some will be spawned as their own tool)
symbols : parsing complete in https://github.com/aboutcode-org/scancode-toolkit-contrib/
metrics : some elements in https://github.com/aboutcode-org/scancode-toolkit-contrib/
Compiled code support (will be spawned as their own tool)
ELFs : parsing complete in https://github.com/aboutcode-org/scancode-toolkit-contrib/
Java bytecode : parsing complete in https://github.com/aboutcode-org/scancode-toolkit-contrib/
Windows PE : parsing complete in https://github.com/aboutcode-org/scancode-toolkit-contrib/
Mach-O : parsing complete in in https://github.com/aboutcode-org/scancode-toolkit-contrib/
Data exchange
Packaging
Documentation
CI integration
Other work in progress
ScanCode server: Separate project: https://github.com/nexB/scancode-server. Will include Integration / webhooks for Github, Bitbucket.
VulnerableCode: NVD and CVE lookups: Separate project: https://github.com/aboutcode-org/vulnerablecode
ScanCode Workbench: desktop app for scan review: Separate project: https://github.com/aboutcode-org/scancode-workbench
DependentCode: dynamic dependencies resolutions: Separate project: https://github.com/nexB/dependentcode
Package mining and matching
(Note that this will be a separate project) Some code is in https://github.com/aboutcode-org/scancode-toolkit-contrib/