dido:public:ra:xapend:xapend.e_tools:license-scan
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
dido:public:ra:xapend:xapend.e_tools:license-scan [2021/08/11 13:13] murphy |
dido:public:ra:xapend:xapend.e_tools:license-scan [2021/10/03 15:31] (current) nick ↷ Links adapted because of a move operation |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== Tools: Source Code Scanning and License Compliance ====== | ====== Tools: Source Code Scanning and License Compliance ====== | ||
| - | [[dido:public:ra:xapend:xapend.e_tools| Return to Tools Area]] | + | [[dido:public:ra:xapend:xapend.e_tools:start| Return to Tools Area]] |
| Source: [[https://todogroup.org/guides/management-tools/ | Tools for managing open source programs ]] | Source: [[https://todogroup.org/guides/management-tools/ | Tools for managing open source programs ]] | ||
| Line 8: | Line 8: | ||
| * //**Black Duck Hub** – The commercial [[dido:public:ra:xapend:xapend.a_glossary:h:hub|Hub]] service scans code to identify all embedded open source components, and then automatically searches for known vulnerabilities for remediation. It can send alerts when new vulnerabilities are found in your code. [[https://www.blackducksoftware.com/products/hub | ]]// | * //**Black Duck Hub** – The commercial [[dido:public:ra:xapend:xapend.a_glossary:h:hub|Hub]] service scans code to identify all embedded open source components, and then automatically searches for known vulnerabilities for remediation. It can send alerts when new vulnerabilities are found in your code. [[https://www.blackducksoftware.com/products/hub | ]]// | ||
| - | * //**Black Duck Protex** – Protex is a commercial, fee-based license compliance management tool from Black Duck which integrates with existing tools to automatically scan, identify and inventory [[dido:public:ra:xapend:xapend.a_glossary:o:oss|open source software]], while also enforcing license compliance and corporate policy requirements.[[https://www.blackducksoftware.com/products/protex | ]]// | + | * //**Black Duck Protex** – Protex is a commercial, fee-based license compliance management tool from Black Duck which integrates with existing tools to automatically scan, identify and inventory [[dido:public:ra:xapend:xapend.a_glossary:o:oss|open source software]], while also enforcing license compliance and corporate [[dido:public:ra:xapend:xapend.a_glossary:p:policy|policy]] requirements.[[https://www.blackducksoftware.com/products/protex | ]]// |
| * //**[[dido:public:ra:xapend:xapend.a_glossary:c:copyright]] review tools** – This collection of open-source command-line tools help make initial copyright file construction and subsequent review and update easier. [[https://wiki.debian.org/CopyrightReviewTools | ]]// | * //**[[dido:public:ra:xapend:xapend.a_glossary:c:copyright]] review tools** – This collection of open-source command-line tools help make initial copyright file construction and subsequent review and update easier. [[https://wiki.debian.org/CopyrightReviewTools | ]]// | ||
| Line 20: | Line 20: | ||
| * //**FOSSology** – A Linux Foundation project, FOSSology is an open-source license compliance software toolkit that can run license, copyright and export control scans from the command line. A database and web UI are also available to create compliance workflows. [[https://www.fossology.org/ | ]]// | * //**FOSSology** – A Linux Foundation project, FOSSology is an open-source license compliance software toolkit that can run license, copyright and export control scans from the command line. A database and web UI are also available to create compliance workflows. [[https://www.fossology.org/ | ]]// | ||
| - | * //**janitor.git** – Code Janitor is an open-source tool that helps evaluate source code for compliance with open source licenses. From The Linux Foundation, Code Janitor can be used with other products to check code. [[http://git.linuxfoundation.org/janitor.git/ | ]]// | + | * //**janitor.git** – Code Janitor is an open-source tool that helps evaluate [[dido:public:ra:xapend:xapend.a_glossary:s:sourcecode|source code]] for compliance with open source licenses. From The Linux Foundation, Code Janitor can be used with other products to check code. [[http://git.linuxfoundation.org/janitor.git/ | ]]// |
| * //**LicenseFinder** – An open-source tool that detects the licenses of the code being used in your projects, compares those licenses against a user-defined whitelist and then provides an actionable report. [[https://github.com/pivotal/LicenseFinder | ]]// | * //**LicenseFinder** – An open-source tool that detects the licenses of the code being used in your projects, compares those licenses against a user-defined whitelist and then provides an actionable report. [[https://github.com/pivotal/LicenseFinder | ]]// | ||
dido/public/ra/xapend/xapend.e_tools/license-scan.1628702020.txt.gz · Last modified: 2021/08/11 13:13 by murphy
