From f898df9e6b5a089c5aba660815001a120151aca8 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 27 May 2026 23:09:36 +0200 Subject: [PATCH 01/16] Improve tagline Signed-off-by: Philippe Ombredanne --- website/src/components/HomepageHeader/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/src/components/HomepageHeader/index.js b/website/src/components/HomepageHeader/index.js index ae8c9d6..f7fffbe 100644 --- a/website/src/components/HomepageHeader/index.js +++ b/website/src/components/HomepageHeader/index.js @@ -9,7 +9,7 @@ export default function HomepageHeader() { Healthy Software Supply Chains

- We build and maintain open software supply chains data with open source code and open standards. + With open data, open code, and open standards.

From 9b47bccaf74b8827e93c2745814e4cb0d8036614 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Wed, 27 May 2026 23:14:09 +0200 Subject: [PATCH 02/16] Improve formatting Signed-off-by: Philippe Ombredanne --- website/src/components/HomepageContent/ProjectOverview.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/website/src/components/HomepageContent/ProjectOverview.md b/website/src/components/HomepageContent/ProjectOverview.md index 16ae958..96e9eeb 100644 --- a/website/src/components/HomepageContent/ProjectOverview.md +++ b/website/src/components/HomepageContent/ProjectOverview.md @@ -1,8 +1,7 @@ AboutCode has been designed as a modular stack of applications, tools, -libraries and data. - -We maintain, support and contribute to key open source projects that support -healthy software supply chains. Some these key projects are listed below. +libraries and data. We maintain, support and contribute to key open source +projects that support healthy software supply chains. +Some these key projects are listed below. All of the software is open source (primarily licensed under [Apache-2.0](https://scancode-licensedb.aboutcode.org/apache-2.0.html)) From f2329f43e632326a7b93945a4c3d09e8738beb58 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Thu, 28 May 2026 12:12:32 +0200 Subject: [PATCH 03/16] Remove big space below grid --- website/src/components/ProjectGridTemplate/styles.module.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/src/components/ProjectGridTemplate/styles.module.css b/website/src/components/ProjectGridTemplate/styles.module.css index 4b16ff0..387b945 100644 --- a/website/src/components/ProjectGridTemplate/styles.module.css +++ b/website/src/components/ProjectGridTemplate/styles.module.css @@ -544,7 +544,7 @@ } .gridSection { - margin-bottom: 30px; + margin-bottom: 0px; padding-bottom: 30px; } [data-theme='dark'] .gridSection { From 850afafe6cd0e1c348e4d40c59309eeef6297295 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Thu, 28 May 2026 12:13:29 +0200 Subject: [PATCH 04/16] Reorg and rename home links Signed-off-by: Philippe Ombredanne --- website/src/components/EcosystemGrid/index.js | 10 +++++----- .../HomepageContent/StandardsOverview.mdx | 4 ---- website/src/components/HomepageContent/index.js | 14 ++++---------- 3 files changed, 9 insertions(+), 19 deletions(-) diff --git a/website/src/components/EcosystemGrid/index.js b/website/src/components/EcosystemGrid/index.js index 029d801..950b9ba 100644 --- a/website/src/components/EcosystemGrid/index.js +++ b/website/src/components/EcosystemGrid/index.js @@ -194,23 +194,23 @@ export default function EcosystemGrid() {
The ScanCode LicenseDB contains 2,500+ curated licenses across 12 categories. Browse all 2,500+ licenses in the LicenseDB. Industry-leading license detection is backed by over 35,000 license notices used as detection rules.

} /> The AboutCode package database and scanners track million of packages over 70 package ecosystems and programming languages.

} /> AboutCode collects, correlates, and improves vulnerabilities from over 50 data sources, privileging upstream data.

} />
diff --git a/website/src/components/HomepageContent/StandardsOverview.mdx b/website/src/components/HomepageContent/StandardsOverview.mdx index 5151595..5fbcd95 100644 --- a/website/src/components/HomepageContent/StandardsOverview.mdx +++ b/website/src/components/HomepageContent/StandardsOverview.mdx @@ -1,5 +1,3 @@ -import Link from '@docusaurus/Link'; - AboutCode created Package-URL (PURL), the universal identifier for software packages now used across CycloneDX, SPDX, CSAF, OpenVEX, OSV, MITRE CVE, and many more standards. AboutCode also created VERS for version ranges and @@ -10,5 +8,3 @@ advisories, and attestations together. SPDX license expressions enable common, concise and accurate licensing identification across tools and SBOMs. - -See all supported standards diff --git a/website/src/components/HomepageContent/index.js b/website/src/components/HomepageContent/index.js index f05a844..398482c 100644 --- a/website/src/components/HomepageContent/index.js +++ b/website/src/components/HomepageContent/index.js @@ -16,7 +16,6 @@ import styles from './styles.module.css'; export default function HomepageContent() { const meetingsUrl = useBaseUrl('/docs/about/meetings/'); - const gettingStartedUrl = useBaseUrl('/docs/getting_started/getting-started/'); return (
@@ -76,7 +75,7 @@ export default function HomepageContent() { className={styles.sectionHeader} style={{ marginBottom: '15px', marginTop: '15px' }} > -

Practical software supply chain standards

+

Practical software supply chain standards - See all supported standards

@@ -99,9 +98,9 @@ export default function HomepageContent() { className={styles.sectionHeader} style={{ marginBottom: '15px', marginTop: '15px' }} > -

Interoperable modular tools and projects we - support or maintain - Getting started...

+

Interoperable modular tools and projects we + support or maintain - See all projects

@@ -110,11 +109,6 @@ export default function HomepageContent() { projectSources={featuredProjectSources} showSectionTitles={false} /> -
- - See all supported projects - -
From 8ef85f26927f737e5e6896a8b28ea0ce71bd71c1 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Thu, 28 May 2026 12:17:55 +0200 Subject: [PATCH 05/16] Remove white space Signed-off-by: Philippe Ombredanne --- website/src/components/ProjectGridTemplate/styles.module.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/src/components/ProjectGridTemplate/styles.module.css b/website/src/components/ProjectGridTemplate/styles.module.css index 387b945..4243c64 100644 --- a/website/src/components/ProjectGridTemplate/styles.module.css +++ b/website/src/components/ProjectGridTemplate/styles.module.css @@ -545,7 +545,7 @@ .gridSection { margin-bottom: 0px; - padding-bottom: 30px; + padding-bottom: 0px; } [data-theme='dark'] .gridSection { border-bottom: solid 1px #505050; From 543c732665320a5ba2d518542f4cc453ead5def0 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Thu, 28 May 2026 15:32:02 +0200 Subject: [PATCH 06/16] Reorg featured projects Signed-off-by: Philippe Ombredanne --- website/src/data/projects-featured.js | 225 +++++++++++++------------- 1 file changed, 116 insertions(+), 109 deletions(-) diff --git a/website/src/data/projects-featured.js b/website/src/data/projects-featured.js index 2487d10..1a52445 100644 --- a/website/src/data/projects-featured.js +++ b/website/src/data/projects-featured.js @@ -34,116 +34,123 @@ export const clearlyDefinedProject = { notes: 'Not applicable', }; +const scanCodeIoProject = { + group: 'application', + name: 'ScanCode.io', + description: [ + 'ScanCode.io provides a Web UI and API to run and review complex scans in rich scripted pipelines, on different kinds of containers, docker images, package archives, manifests etc, to get information on licenses, copyrights, sources, and vulnerabilities.', + ], + repository_url: 'https://github.com/aboutcode-org/scancode.io', + documentation_url: 'https://scancodeio.readthedocs.io/en/latest/', + package_download_url: ['https://pypi.org/project/scancodeio/'], + service_url: 'Not applicable', + languages: 'Python', + software_license: 'Apache-2.0', + data_license: 'Not applicable', + platform: 'Docker', + lead_maintainer: ['https://github.com/tdruez'], + notes: 'Not applicable', +}; + +const scanCodeToolkitProject = { + group: 'scancode', + name: 'ScanCode Toolkit', + description: [ + 'ScanCode Toolkit is a set of code scanning tools that detect the origin (copyrights), license and vulnerabilities of code, packages and dependencies in a codebase.', + ], + repository_url: 'https://github.com/aboutcode-org/scancode-toolkit', + documentation_url: 'https://scancode-toolkit.readthedocs.io/en/stable/', + package_download_url: [ + 'https://pypi.org/project/scancode-toolkit/', + 'https://pypi.org/project/scancode-toolkit-mini/', + ], + service_url: 'Not applicable', + languages: 'Python', + software_license: 'Apache-2.0', + data_license: 'CC-BY-4.0', + platform: 'Python', + lead_maintainer: ['https://github.com/AyanSinhaMahapatra'], + notes: 'Not applicable', +}; + +const purlDBProject = { + group: 'package-url', + name: 'PurlDB', + description: [ + 'PURLDB provides tools to create and update a database of package metadata keyed by PURL (Package URL) and an API for the PURL data.', + ], + repository_url: 'https://github.com/aboutcode-org/purldb', + documentation_url: 'https://purldb.readthedocs.io/en/stable/', + package_download_url: [ + 'https://pypi.org/project/minecode-pipelines/', + 'https://pypi.org/project/purl2vcs/', + ], + service_url: 'https://public.purldb.io/api/', + languages: 'Python', + software_license: 'Apache-2.0', + data_license: 'CC-BY-SA-4.0', + platform: 'Debian-based Linux distros', + lead_maintainer: ['https://github.com/JonoYang'], + notes: 'Not applicable', +}; + +const dejaCodeProject = { + group: 'application', + name: 'DejaCode', + description: [ + 'DejaCode provides an enterprise-level application to automate open source license compliance and ensure software supply chain integrity, powered by ScanCode.', + ], + repository_url: 'https://github.com/aboutcode-org/dejacode', + documentation_url: 'https://dejacode.readthedocs.io/en/stable/', + package_download_url: ['https://pypi.org/project/dejacode/'], + service_url: 'https://public.dejacode.com/account/register/', + languages: 'Python', + software_license: 'AGPL-3.0-only', + data_license: 'Not applicable', + platform: 'Docker, Debian-based Linux distros', + lead_maintainer: [ + 'https://github.com/tdruez', + 'https://github.com/DennisClark', + ], + notes: 'Not applicable', +}; + +const vulnerableCodeProject = { + group: 'application', + name: 'VulnerableCode', + description: [ + 'VulnerableCode provides a Web UI and API to access a database of known software package vulnerabilities with comprehensive information from upstream and downstream public sources including packages affected by a vulnerability and packages that fix a vulnerability. There is a public VulnerableCode database at: https://public.vulnerablecode.io/ and the project also provides the tools to build your own instance of the database.', + ], + repository_url: 'https://github.com/aboutcode-org/vulnerablecode', + documentation_url: 'https://vulnerablecode.readthedocs.io/en/stable/', + package_download_url: [ + 'https://pypi.org/project/vulnerablecode/', + 'https://pypi.org/project/aboutcode.federated/', + 'https://pypi.org/project/aboutcode.hashid/', + ], + service_url: 'https://public.vulnerablecode.io/', + languages: 'Python', + software_license: 'Apache-2.0', + data_license: 'CC-BY-SA-4.0', + platform: 'Docker, Debian-based Linux distros, MacOS', + lead_maintainer: [ + 'https://github.com/TG1999', + 'https://github.com/keshav-space', + ], + notes: 'Coming soon: https://public2.vulnerablecode.io/.', +}; + export const featuredProjectSources = [ { - id: 'featured-projects', - title: 'Featured projects', - data: [ - packageUrlProject, - { - group: 'scancode', - name: 'ScanCode Toolkit', - description: [ - 'ScanCode Toolkit is a set of code scanning tools that detect the origin (copyrights), license and vulnerabilities of code, packages and dependencies in a codebase.', - ], - repository_url: 'https://github.com/aboutcode-org/scancode-toolkit', - documentation_url: - 'https://scancode-toolkit.readthedocs.io/en/stable/', - package_download_url: [ - 'https://pypi.org/project/scancode-toolkit/', - 'https://pypi.org/project/scancode-toolkit-mini/', - ], - service_url: 'Not applicable', - languages: 'Python', - software_license: 'Apache-2.0', - data_license: 'CC-BY-4.0', - platform: 'Python', - lead_maintainer: ['https://github.com/AyanSinhaMahapatra'], - notes: 'Not applicable', - }, - { - group: 'application', - name: 'ScanCode.io', - description: [ - 'ScanCode.io provides a Web UI and API to run and review complex scans in rich scripted pipelines, on different kinds of containers, docker images, package archives, manifests etc, to get information on licenses, copyrights, sources, and vulnerabilities.', - ], - repository_url: 'https://github.com/aboutcode-org/scancode.io', - documentation_url: 'https://scancodeio.readthedocs.io/en/latest/', - package_download_url: ['https://pypi.org/project/scancodeio/'], - service_url: 'Not applicable', - languages: 'Python', - software_license: 'Apache-2.0', - data_license: 'Not applicable', - platform: 'Docker', - lead_maintainer: ['https://github.com/tdruez'], - notes: 'Not applicable', - }, - { - group: 'package-url', - name: 'PurlDB', - description: [ - 'PURLDB provides tools to create and update a database of package metadata keyed by PURL (Package URL) and an API for the PURL data.', - ], - repository_url: 'https://github.com/aboutcode-org/purldb', - documentation_url: 'https://purldb.readthedocs.io/en/stable/', - package_download_url: [ - 'https://pypi.org/project/minecode-pipelines/', - 'https://pypi.org/project/purl2vcs/', - ], - service_url: 'https://public.purldb.io/api/', - languages: 'Python', - software_license: 'Apache-2.0', - data_license: 'CC-BY-SA-4.0', - platform: 'Debian-based Linux distros', - lead_maintainer: ['https://github.com/JonoYang'], - notes: 'Not applicable', - }, - { - group: 'application', - name: 'DejaCode', - description: [ - 'DejaCode provides an enterprise-level application to automate open source license compliance and ensure software supply chain integrity, powered by ScanCode.', - ], - repository_url: 'https://github.com/aboutcode-org/dejacode', - documentation_url: 'https://dejacode.readthedocs.io/en/stable/', - package_download_url: ['https://pypi.org/project/dejacode/'], - service_url: 'https://public.dejacode.com/account/register/', - languages: 'Python', - software_license: 'AGPL-3.0-only', - data_license: 'Not applicable', - platform: 'Docker, Debian-based Linux distros', - lead_maintainer: [ - 'https://github.com/tdruez', - 'https://github.com/DennisClark', - ], - notes: 'Not applicable', - }, - { - group: 'application', - name: 'VulnerableCode', - description: [ - 'VulnerableCode provides a Web UI and API to access a database of known software package vulnerabilities with comprehensive information from upstream and downstream public sources including packages affected by a vulnerability and packages that fix a vulnerability. There is a public VulnerableCode database at: https://public.vulnerablecode.io/ and the project also provides the tools to build your own instance of the database.', - ], - repository_url: 'https://github.com/aboutcode-org/vulnerablecode', - documentation_url: - 'https://vulnerablecode.readthedocs.io/en/stable/', - package_download_url: [ - 'https://pypi.org/project/vulnerablecode/', - 'https://pypi.org/project/aboutcode.federated/', - 'https://pypi.org/project/aboutcode.hashid/', - ], - service_url: 'https://public.vulnerablecode.io/', - languages: 'Python', - software_license: 'Apache-2.0', - data_license: 'CC-BY-SA-4.0', - platform: 'Docker, Debian-based Linux distros, MacOS', - lead_maintainer: [ - 'https://github.com/TG1999', - 'https://github.com/keshav-space', - ], - notes: 'Coming soon: https://public2.vulnerablecode.io/.', - }, - clearlyDefinedProject, - ], + id: 'featured-row-1', + data: [scanCodeIoProject, scanCodeToolkitProject], + }, + { + id: 'featured-row-2', + data: [purlDBProject, dejaCodeProject, vulnerableCodeProject], + }, + { + id: 'featured-row-3', + data: [packageUrlProject, clearlyDefinedProject], }, ]; From 62f17cbc898963758df3f43dc472a4ea39350748 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 29 May 2026 09:58:01 +0200 Subject: [PATCH 07/16] Split grid by type This makes more send to have os, langauges, packages, etc. grouped together. Also add a new subgrid for binary formats, and archives. --- website/src/components/EcosystemGrid/index.js | 201 +++++++++++++----- .../EcosystemGrid/styles.module.css | 13 ++ 2 files changed, 161 insertions(+), 53 deletions(-) diff --git a/website/src/components/EcosystemGrid/index.js b/website/src/components/EcosystemGrid/index.js index 950b9ba..ffd7458 100644 --- a/website/src/components/EcosystemGrid/index.js +++ b/website/src/components/EcosystemGrid/index.js @@ -26,10 +26,53 @@ const licenses = [ { label: 'Zlib', logo: 'img/logos/lic-zlib.svg', url: 'https://scancode-licensedb.aboutcode.org/zlib.html' }, ]; -const ecosystems = [ - { label: 'Alpine', logo: 'img/logos/apk.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/apk-definition.md' }, +const programming_languages = [ + { label: 'Bash/Shell', logo: 'img/logos/bash.svg', url: 'https://www.gnu.org/software/bash/' }, + { label: 'C', logo: 'img/logos/c-lang.svg', url: 'https://en.cppreference.com/w/c' }, + { label: 'C#', logo: 'img/logos/csharp.svg', url: 'https://learn.microsoft.com/en-us/dotnet/csharp/' }, + { label: 'C++', logo: 'img/logos/cpp.svg', url: 'https://isocpp.org' }, + { label: 'Dart', logo: 'img/logos/dart.png', url: 'https://dart.dev' }, + { label: '.NET', logo: 'img/logos/dotnet.svg', url: 'https://dotnet.microsoft.com' }, + { label: 'Go', logo: 'img/logos/golang.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/golang-definition.md' }, + { label: 'Haxe', logo: 'img/logos/haxe.svg', url: 'https://lib.haxe.org' }, + { label: 'HTML/CSS', logo: 'img/logos/html-css.svg', url: 'https://developer.mozilla.org/en-US/docs/Web', logoClass: 'logoWideLarge' }, + { label: 'Java', logo: 'img/logos/java.svg', url: 'https://www.java.com' }, + { label: 'JavaScript', logo: 'img/logos/javascript.png', url: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript' }, + { label: 'Kotlin', logo: 'img/logos/kotlin.svg', url: 'https://kotlinlang.org' }, + { label: 'PHP', logo: 'img/logos/php.svg', url: 'https://www.php.net', logoClass: 'logoWideLarge' }, + { label: 'Python', logo: 'img/logos/python.svg', url: 'https://www.python.org' }, + { label: 'R', logo: 'img/logos/r-lang.svg', url: 'https://www.r-project.org' }, + { label: 'Raku', logo: 'img/logos/raku.svg', url: 'https://raku.org' }, + { label: 'Ruby', logo: 'img/logos/ruby.svg', url: 'https://www.ruby-lang.org' }, + { label: 'Rust', logo: 'img/logos/rust.svg', url: 'https://www.rust-lang.org' }, + { label: 'Scala', logo: 'img/logos/scala.svg', url: 'https://www.scala-lang.org', logoClass: 'logoWideLarge' }, + { label: 'Swift', logo: 'img/logos/swift.svg', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/swift-definition.md' }, + { label: 'TypeScript', logo: 'img/logos/typescript.svg', url: 'https://www.typescriptlang.org' }, + { label: 'Visual Basic', logo: 'img/logos/vb.svg', url: 'https://learn.microsoft.com/en-us/dotnet/visual-basic/' }, +]; + +const operating_systems = [ + { label: 'Alpine', logo: 'img/logos/apk.png', url: 'https://alpinelinux.org' }, { label: 'Android', logo: 'img/logos/android.svg', url: 'https://developer.android.com' }, - { label: 'Arch Linux', logo: 'img/logos/alpm.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/alpm-definition.md', logoClass: 'logoXL' }, + { label: 'Arch Linux', logo: 'img/logos/alpm.png', url: 'https://archlinux.org', logoClass: 'logoXL' }, + { label: 'Debian', logo: 'img/logos/deb.png', url: 'https://www.debian.org' }, + { label: 'Fedora', logo: 'img/logos/fedora.svg', url: 'https://fedoraproject.org' }, + { label: 'FreeBSD', logo: 'img/logos/freebsd.png', url: 'https://www.freebsd.org', logoClass: 'logoLarge' }, + { label: 'Gentoo', logo: 'img/logos/gentoo.png', url: 'https://www.gentoo.org' }, + { label: 'iOS', logo: 'img/logos/ios.svg', url: 'https://developer.apple.com/ios/' }, + { label: 'Linux', logo: 'img/logos/linux.png', url: 'https://www.kernel.org' }, + { label: 'macOS', logo: 'img/logos/macos.svg', url: 'https://developer.apple.com/macos/' }, + { label: 'openSUSE', logo: 'img/logos/suse.svg', url: 'https://www.opensuse.org', logoClass: 'logoXL' }, + { label: 'OpenWrt', logo: 'img/logos/openwrt.png', url: 'https://openwrt.org', logoClass: 'logoLarge' }, + { label: 'QNX', logo: 'img/logos/qnap.svg', url: 'https://blackberry.qnx.com', logoClass: 'logoWideLarge' }, + { label: 'Red Hat', logo: 'img/logos/redhat.png', url: 'https://www.redhat.com' }, + { label: 'Ubuntu', logo: 'img/logos/ubuntu.svg', url: 'https://ubuntu.com', logoClass: 'ubuntuLogo' }, + { label: 'Windows', logo: 'img/logos/windows.svg', url: 'https://www.microsoft.com/windows' }, + { label: 'Yocto', logo: 'img/logos/yocto.png', url: 'https://www.yoctoproject.org', logoClass: 'logoWideLarge' }, +]; + +const package_ecosystems = [ + { label: 'Autotools', logo: 'img/logos/autotools.svg', url: 'https://www.gnu.org/software/automake/' }, { label: 'Bazel', logo: 'img/logos/bazel.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/bazel-definition.md' }, { label: 'Bitbucket', logo: 'img/logos/bitbucket.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/bitbucket-definition.md' }, { label: 'Bitnami', logo: 'img/logos/bitnami.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/bitnami-definition.md' }, @@ -43,12 +86,8 @@ const ecosystems = [ { label: 'Conda', logo: 'img/logos/conda.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/conda-definition.md' }, { label: 'CPAN', logo: 'img/logos/cpan.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/cpan-definition.md', logoClass: 'logoLarge' }, { label: 'CRAN', logo: 'img/logos/cran.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/cran-definition.md' }, - { label: 'Debian / Ubuntu', logo: 'img/logos/deb.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/deb-definition.md' }, { label: 'Docker', logo: 'img/logos/docker.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/docker-definition.md' }, { label: 'F-Droid', logo: 'img/logos/fdroid.png', url: 'https://f-droid.org' }, - { label: 'Fedora', logo: 'img/logos/fedora.svg', url: 'https://packages.fedoraproject.org' }, - { label: 'FreeBSD', logo: 'img/logos/freebsd.png', url: 'https://www.freebsd.org/ports/', logoClass: 'logoLarge' }, - { label: 'Gentoo', logo: 'img/logos/gentoo.png', url: 'https://packages.gentoo.org' }, { label: 'GitHub', logo: 'img/logos/github.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/github-definition.md' }, { label: 'GitLab', logo: 'img/logos/gitlab.png', url: 'https://gitlab.com', logoClass: 'logoLarge' }, { label: 'Hackage', logo: 'img/logos/hackage.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/hackage-definition.md' }, @@ -62,66 +101,76 @@ const ecosystems = [ { label: 'NuGet', logo: 'img/logos/nuget.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/nuget-definition.md' }, { label: 'OCI', logo: 'img/logos/oci.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/oci-definition.md' }, { label: 'opam', logo: 'img/logos/opam.svg', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/opam-definition.md', logoClass: 'logoLarge' }, - { label: 'OpenWrt', logo: 'img/logos/openwrt.png', url: 'https://openwrt.org', logoClass: 'logoLarge' }, { label: 'OTP', logo: 'img/logos/otp.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/otp-definition.md' }, { label: 'Pub', logo: 'img/logos/pub.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/pub-definition.md' }, { label: 'PyPI', logo: 'img/logos/pypi.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/pypi-definition.md' }, - { label: 'QNX QPKG', logo: 'img/logos/qnap.svg', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/qpkg-definition.md', logoClass: 'logoWideLarge' }, { label: 'RPM', logo: 'img/logos/rpm.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/rpm-definition.md', logoClass: 'logoLarge' }, { label: 'RubyGems', logo: 'img/logos/gem.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/gem-definition.md' }, - { label: 'Swift', logo: 'img/logos/swift.svg', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/swift-definition.md' }, { label: 'VS Code Extension', logo: 'img/logos/vscode.svg', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/vscode-extension-definition.md' }, - { label: 'Yocto', logo: 'img/logos/yocto.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/yocto-definition.md', logoClass: 'logoWideLarge' }, - { label: 'Autotools', logo: 'img/logos/autotools.svg', url: 'https://www.gnu.org/software/automake/' }, - { label: 'Bash/Shell', logo: 'img/logos/bash.svg', url: 'https://www.gnu.org/software/bash/' }, - { label: 'C', logo: 'img/logos/c-lang.svg', url: 'https://en.cppreference.com/w/c' }, - { label: 'C#', logo: 'img/logos/csharp.svg', url: 'https://learn.microsoft.com/en-us/dotnet/csharp/' }, - { label: 'C++', logo: 'img/logos/cpp.svg', url: 'https://isocpp.org' }, - { label: 'Dart', logo: 'img/logos/dart.png', url: 'https://dart.dev' }, - { label: '.NET', logo: 'img/logos/dotnet.svg', url: 'https://dotnet.microsoft.com' }, - { label: 'Go', logo: 'img/logos/golang.png', url: 'https://github.com/package-url/purl-spec/blob/main/types-doc/golang-definition.md' }, - { label: 'Haxe', logo: 'img/logos/haxe.svg', url: 'https://lib.haxe.org' }, - { label: 'HTML/CSS', logo: 'img/logos/html-css.svg', url: 'https://developer.mozilla.org/en-US/docs/Web', logoClass: 'logoWideLarge' }, - { label: 'iOS', logo: 'img/logos/ios.svg', url: 'https://developer.apple.com/ios/' }, - { label: 'Java', logo: 'img/logos/java.svg', url: 'https://www.java.com' }, - { label: 'JavaScript', logo: 'img/logos/javascript.png', url: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript' }, - { label: 'Kotlin', logo: 'img/logos/kotlin.svg', url: 'https://kotlinlang.org' }, - { label: 'Linux', logo: 'img/logos/linux.png', url: 'https://www.kernel.org' }, - { label: 'macOS', logo: 'img/logos/macos.svg', url: 'https://developer.apple.com/macos/' }, - { label: 'PHP', logo: 'img/logos/php.svg', url: 'https://www.php.net', logoClass: 'logoWideLarge' }, - { label: 'Python', logo: 'img/logos/python.svg', url: 'https://www.python.org' }, - { label: 'R', logo: 'img/logos/r-lang.svg', url: 'https://www.r-project.org' }, - { label: 'Raku', logo: 'img/logos/raku.svg', url: 'https://raku.org' }, - { label: 'Ruby', logo: 'img/logos/ruby.svg', url: 'https://www.ruby-lang.org' }, - { label: 'Rust', logo: 'img/logos/rust.svg', url: 'https://www.rust-lang.org' }, - { label: 'Scala', logo: 'img/logos/scala.svg', url: 'https://www.scala-lang.org', logoClass: 'logoWideLarge' }, - { label: 'TypeScript', logo: 'img/logos/typescript.svg', url: 'https://www.typescriptlang.org' }, - { label: 'Visual Basic', logo: 'img/logos/vb.svg', url: 'https://learn.microsoft.com/en-us/dotnet/visual-basic/' }, - { label: 'Windows', logo: 'img/logos/windows.svg', url: 'https://www.microsoft.com/windows' }, ]; -const vulnSources = [ +const binary_formats = [ + { label: 'Windows PE', logo: 'img/logos/windows.svg', url: 'https://en.wikipedia.org/wiki/Portable_Executable' }, + { label: 'ELF', color: '#4a6fa5', url: 'https://en.wikipedia.org/wiki/Executable_and_Linkable_Format' }, + { label: 'DWARF', color: '#6b4c9a', url: 'https://en.wikipedia.org/wiki/DWARF' }, + { label: 'Mach-O', logo: 'img/logos/macos.svg', url: 'https://en.wikipedia.org/wiki/Mach-O' }, + { label: 'JVM bytecode', logo: 'img/logos/java.svg', url: 'https://en.wikipedia.org/wiki/Java_bytecode' }, + { label: '.NET assemblies', logo: 'img/logos/dotnet.svg', url: 'https://en.wikipedia.org/wiki/.NET_assembly' }, + { label: 'Rust binaries', logo: 'img/logos/rust.svg', url: 'https://en.wikipedia.org/wiki/Rust_(programming_language)' }, + { label: 'Go binaries', logo: 'img/logos/golang.png', url: 'https://en.wikipedia.org/wiki/Go_(programming_language)' }, + { label: 'Minimized JavaScript', logo: 'img/logos/javascript.png', url: 'https://en.wikipedia.org/wiki/Minification_(programming)' }, +]; + +const archive_formats = [ + { label: 'tar', color: '#2e7d32', url: 'https://en.wikipedia.org/wiki/Tar_(computing)' }, + { label: 'ZIP', color: '#1565c0', url: 'https://en.wikipedia.org/wiki/ZIP_(file_format)' }, + { label: 'RAR', color: '#6a1b9a', url: 'https://en.wikipedia.org/wiki/RAR_(file_format)' }, + { label: '7z', color: '#37474f', url: 'https://en.wikipedia.org/wiki/7z' }, + { label: 'gzip', color: '#d84315', url: 'https://en.wikipedia.org/wiki/Gzip' }, + { label: 'bzip2', color: '#4e342e', url: 'https://en.wikipedia.org/wiki/Bzip2' }, + { label: 'XZ', color: '#0277bd', url: 'https://en.wikipedia.org/wiki/XZ_Utils' }, + { label: 'LZMA', color: '#00695c', url: 'https://en.wikipedia.org/wiki/Lempel%E2%80%93Ziv%E2%80%93Markov_chain_algorithm' }, + { label: 'LZ4', color: '#558b2f', url: 'https://en.wikipedia.org/wiki/LZ4_(compression_algorithm)' }, + { label: 'Zstandard', color: '#e65100', url: 'https://en.wikipedia.org/wiki/Zstd' }, + { label: 'CPIO', color: '#5d4037', url: 'https://en.wikipedia.org/wiki/Cpio' }, + { label: 'AR', color: '#455a64', url: 'https://en.wikipedia.org/wiki/Ar_(Unix)' }, + { label: 'XAR', color: '#7b1fa2', url: 'https://en.wikipedia.org/wiki/Xar_(archiver)' }, + { label: 'ISO 9660', color: '#c62828', url: 'https://en.wikipedia.org/wiki/ISO_9660' }, + { label: 'QCOW2', color: '#ad1457', url: 'https://en.wikipedia.org/wiki/Qcow' }, + { label: 'VMDK', color: '#1a237e', url: 'https://en.wikipedia.org/wiki/VMDK' }, + { label: 'VDI', color: '#283593', url: 'https://en.wikipedia.org/wiki/VDI_(file_format)' }, + { label: 'CAB', logo: 'img/logos/windows.svg', url: 'https://en.wikipedia.org/wiki/Cabinet_(file_format)' }, + { label: 'MSI', logo: 'img/logos/windows.svg', url: 'https://en.wikipedia.org/wiki/Windows_Installer' }, + { label: 'DMG', logo: 'img/logos/macos.svg', url: 'https://en.wikipedia.org/wiki/Apple_Disk_Image' }, + { label: 'RPM', logo: 'img/logos/rpm.png', url: 'https://en.wikipedia.org/wiki/RPM_Package_Manager', logoClass: 'logoLarge' }, + { label: 'Debian .deb', logo: 'img/logos/deb.png', url: 'https://en.wikipedia.org/wiki/Deb_(file_format)' }, + { label: 'NuGet .nupkg', logo: 'img/logos/nuget.png', url: 'https://en.wikipedia.org/wiki/NuGet' }, + { label: 'Java JAR/WAR', logo: 'img/logos/java.svg', url: 'https://en.wikipedia.org/wiki/JAR_(file_format)' }, + { label: 'Python .whl/.egg', logo: 'img/logos/pypi.png', url: 'https://en.wikipedia.org/wiki/Pip_(package_manager)#Wheel' }, + { label: 'Ruby .gem', logo: 'img/logos/gem.png', url: 'https://en.wikipedia.org/wiki/RubyGems' }, + { label: 'InstallShield', color: '#bf360c', url: 'https://en.wikipedia.org/wiki/InstallShield' }, + { label: 'NSIS', color: '#33691e', url: 'https://en.wikipedia.org/wiki/Nullsoft_Scriptable_Install_System' }, + { label: 'EPUB', color: '#4527a0', url: 'https://en.wikipedia.org/wiki/EPUB' }, +]; + +const vulnerability_sources = [ { label: 'Alpine Security', logo: 'img/logos/apk.png', url: 'https://secdb.alpinelinux.org' }, { label: 'Apache HTTPD', logo: 'img/logos/apache.svg', url: 'https://httpd.apache.org/security/', logoClass: 'logoWideLarge' }, { label: 'Apache Kafka', logo: 'img/logos/apache.svg', url: 'https://kafka.apache.org/cve-list', logoClass: 'logoWideLarge' }, { label: 'Apache Tomcat', logo: 'img/logos/apache.svg', url: 'https://tomcat.apache.org/security.html', logoClass: 'logoWideLarge' }, { label: 'Arch Linux', logo: 'img/logos/alpm.png', url: 'https://security.archlinux.org', logoClass: 'logoXL' }, - { label: 'CPE', logo: 'img/logos/cpe.svg', url: 'https://nvd.nist.gov/products/cpe', logoClass: 'logoWideLarge' }, { label: 'CVE', logo: 'img/logos/cve.svg', url: 'https://www.cve.org/', logoClass: 'logoWideLarge' }, - { label: 'CVSS', logo: 'img/logos/cvss.svg', url: 'https://www.first.org/cvss/', logoClass: 'logoWideLarge' }, - { label: 'CWE', logo: 'img/logos/cwe.svg', url: 'https://cwe.mitre.org/', logoClass: 'logoWideLarge' }, { label: 'curl', logo: 'img/logos/curl.svg', url: 'https://curl.se/docs/security.html', logoClass: 'logoWideLarge' }, { label: 'Debian Security', logo: 'img/logos/deb.png', url: 'https://security-tracker.debian.org' }, { label: '.NET Advisories', logo: 'img/logos/dotnet.svg', url: 'https://github.com/dotnet/announcements' }, { label: 'Elixir Advisories', logo: 'img/logos/elixir.png', url: 'https://github.com/dependabot/elixir-security-advisories', logoClass: 'logoLarge' }, - { label: 'EPSS', logo: 'img/logos/epss.png', url: 'https://www.first.org/epss/', logoClass: 'logoXL' }, { label: 'ExploitDB', logo: 'img/logos/exploitdb.svg', url: 'https://www.exploit-db.com', logoClass: 'logoWideLarge' }, { label: 'Gentoo GLSA', logo: 'img/logos/gentoo.png', url: 'https://security.gentoo.org' }, { label: 'GitHub Advisories', logo: 'img/logos/github.png', url: 'https://github.com/advisories' }, { label: 'GitLab Advisories', logo: 'img/logos/gitlab.png', url: 'https://advisories.gitlab.com', logoClass: 'logoLarge' }, { label: 'glibc', logo: 'img/logos/glibc.svg', url: 'https://sourceware.org/glibc/wiki/Security' }, { label: 'Istio', logo: 'img/logos/istio.png', url: 'https://istio.io/latest/news/security/' }, - { label: 'Linux Kernel', logo: 'img/logos/linux-kernel.svg', url: 'https://www.kernel.org' }, + { label: 'Linux Kernel', logo: 'img/logos/linux.png', url: 'https://www.kernel.org' }, { label: 'Mattermost', logo: 'img/logos/mattermost.png', url: 'https://mattermost.com/security-updates/' }, { label: 'Metasploit', logo: 'img/logos/metasploit.svg', url: 'https://www.metasploit.com', logoClass: 'logoWideLarge' }, { label: 'Mozilla', logo: 'img/logos/mozilla.svg', url: 'https://www.mozilla.org/en-US/security/advisories/', logoClass: 'logoWideLarge' }, @@ -136,7 +185,6 @@ const vulnSources = [ { label: 'Red Hat', logo: 'img/logos/redhat.png', url: 'https://access.redhat.com/security/security-updates/' }, { label: 'Ruby Advisory DB', logo: 'img/logos/gem.png', url: 'https://github.com/rubysec/ruby-advisory-db' }, { label: 'Rust Advisory DB', logo: 'img/logos/cargo.png', url: 'https://github.com/rustsec/advisory-db' }, - { label: 'SSVC', logo: 'img/logos/ssvc.svg', url: 'https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc', logoClass: 'logoWideLarge' }, { label: 'openSUSE', logo: 'img/logos/suse.svg', url: 'https://www.suse.com/security/', logoClass: 'logoXL' }, { label: 'Ubuntu USN', logo: 'img/logos/ubuntu.svg', url: 'https://ubuntu.com/security/notices', logoClass: 'ubuntuLogo' }, { label: 'Vulnrichment (CISA)', logo: 'img/logos/cisa.png', url: 'https://github.com/cisagov/vulnrichment', logoClass: 'logoLarge' }, @@ -144,9 +192,17 @@ const vulnSources = [ { label: 'Xen', logo: 'img/logos/xen.svg', url: 'https://xenbits.xen.org/xsa/', logoClass: 'logoLarge' }, ]; +const vulnerability_reference_data = [ + { label: 'CPE', logo: 'img/logos/cpe.svg', url: 'https://nvd.nist.gov/products/cpe', logoClass: 'logoWideLarge' }, + { label: 'CVSS', logo: 'img/logos/cvss.svg', url: 'https://www.first.org/cvss/', logoClass: 'logoWideLarge' }, + { label: 'CWE', logo: 'img/logos/cwe.svg', url: 'https://cwe.mitre.org/', logoClass: 'logoWideLarge' }, + { label: 'SSVC', logo: 'img/logos/ssvc.svg', url: 'https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc', logoClass: 'logoWideLarge' }, + { label: 'EPSS', logo: 'img/logos/epss.png', url: 'https://www.first.org/epss/', logoClass: 'logoXL' }, +]; + function GridItem({ item }) { - const logoSrc = useBaseUrl(`/${item.logo}`); + const logoSrc = useBaseUrl(`/${item.logo || ''}`); return (
- {item.logo && ( + {item.logo ? ( {item.label} - )} + ) : item.color ? ( + + {item.label.slice(0, 2).toUpperCase()} + + ) : null}
{item.label} @@ -197,21 +257,56 @@ export default function EcosystemGrid() { title="License" items={licenses} header_link={{ label: 'Get started with compliance', url: '/docs/getting_started/compliance/' }} - intro={

The ScanCode LicenseDB contains 2,500+ curated licenses across 12 categories. Browse all 2,500+ licenses in the LicenseDB. Industry-leading license detection is backed by over 35,000 license notices used as detection rules.

} + intro={

AboutCode tracks over 2,500+ curated licenses across 12 categories. Browse all 2,500+ licenses in the LicenseDB. Industry-leading license detection is backed by over 35,000 license notices used as detection rules.

} /> + AboutCode tools detect and analyze code across many programming languages.

} + /> + AboutCode tools support packages and distributions across major server, desktop, and mobile operating systems.

} + /> The AboutCode package database and scanners track million of packages over 70 package ecosystems and programming languages.

} + intro={

The AboutCode package database and scanners track millions of packages from most package ecosystems.

} /> AboutCode collects, correlates, and improves vulnerabilities from over 50 data sources, privileging upstream data.

} + intro={

AboutCode collects, correlates, and improves vulnerabilities from multiple advisory data sources, privileging upstream data.

} + /> + AboutCode imports vulnerability reference data in key industry formats, mapping these to PURL.

} + /> + AboutCode tools analyze compiled binary, bytecode, and minified code file formats to identify origin, dependencies, and embedded components.

} + /> + AboutCode supports extraction of most archive, compressed, package, and disk image file formats.

} /> ); diff --git a/website/src/components/EcosystemGrid/styles.module.css b/website/src/components/EcosystemGrid/styles.module.css index ffd1d51..727c8fa 100644 --- a/website/src/components/EcosystemGrid/styles.module.css +++ b/website/src/components/EcosystemGrid/styles.module.css @@ -89,6 +89,19 @@ border-radius: 4px; } +.colorBadge { + width: 32px; + height: 32px; + border-radius: 6px; + display: flex; + align-items: center; + justify-content: center; + color: #fff; + font-size: 0.7rem; + font-weight: 700; + letter-spacing: 0.5px; +} + .logoLarge { width: 42px; height: 42px; From 0da0615fb014ae6a8b8c9a0302a33aec490f984c Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 29 May 2026 12:23:45 +0200 Subject: [PATCH 08/16] Add heading to capabilities section Signed-off-by: Philippe Ombredanne --- website/src/components/HomepageContent/index.js | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/website/src/components/HomepageContent/index.js b/website/src/components/HomepageContent/index.js index 398482c..2a4c29c 100644 --- a/website/src/components/HomepageContent/index.js +++ b/website/src/components/HomepageContent/index.js @@ -34,6 +34,16 @@ export default function HomepageContent() {
+
+

Key capabilities

+
+
+

AboutCode provides modular building blocks for software composition analysis, + from license detection to vulnerability management, that you can combine to match your workflow.

+
From 0880e9a7bf06fc672349e3f9d06775a8a2dc0d21 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 29 May 2026 12:27:08 +0200 Subject: [PATCH 09/16] Rename ProjectGridTemplate ... to ProjectGrid Signed-off-by: Philippe Ombredanne --- website/src/components/HomepageContent/index.js | 4 ++-- .../components/{ProjectGridTemplate => ProjectGrid}/index.js | 0 .../{ProjectGridTemplate => ProjectGrid}/styles.module.css | 0 website/src/pages/projects.js | 4 ++-- 4 files changed, 4 insertions(+), 4 deletions(-) rename website/src/components/{ProjectGridTemplate => ProjectGrid}/index.js (100%) rename website/src/components/{ProjectGridTemplate => ProjectGrid}/styles.module.css (100%) diff --git a/website/src/components/HomepageContent/index.js b/website/src/components/HomepageContent/index.js index 2a4c29c..1e03f1a 100644 --- a/website/src/components/HomepageContent/index.js +++ b/website/src/components/HomepageContent/index.js @@ -10,7 +10,7 @@ import ValuePillars from '@site/src/components/ValuePillars'; import CapabilitiesGrid from '@site/src/components/CapabilitiesGrid'; import EcosystemGrid from '@site/src/components/EcosystemGrid'; import OpenDataSection from '@site/src/components/OpenDataSection'; -import ProjectGridTemplate from '@site/src/components/ProjectGridTemplate'; +import ProjectGrid from '@site/src/components/ProjectGrid'; import { featuredProjectSources } from '@site/src/data/projects-featured'; import styles from './styles.module.css'; @@ -115,7 +115,7 @@ export default function HomepageContent() {
- diff --git a/website/src/components/ProjectGridTemplate/index.js b/website/src/components/ProjectGrid/index.js similarity index 100% rename from website/src/components/ProjectGridTemplate/index.js rename to website/src/components/ProjectGrid/index.js diff --git a/website/src/components/ProjectGridTemplate/styles.module.css b/website/src/components/ProjectGrid/styles.module.css similarity index 100% rename from website/src/components/ProjectGridTemplate/styles.module.css rename to website/src/components/ProjectGrid/styles.module.css diff --git a/website/src/pages/projects.js b/website/src/pages/projects.js index 26df2dd..968edcb 100644 --- a/website/src/pages/projects.js +++ b/website/src/pages/projects.js @@ -1,7 +1,7 @@ import React from 'react'; import Layout from '@theme/Layout'; import ProjectOverview from '@site/src/components/HomepageContent/ProjectOverview.md'; -import ProjectGridTemplate from '@site/src/components/ProjectGridTemplate'; +import ProjectGrid from '@site/src/components/ProjectGrid'; import { allProjectSources } from '@site/src/data/projects-all'; import styles from '@site/src/components/HomepageContent/styles.module.css'; @@ -22,7 +22,7 @@ export default function Projects() {
- +
From b42db5bac3c05898b56e496f780a6d54dfa4bd60 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 29 May 2026 22:28:09 +0200 Subject: [PATCH 10/16] Rename Key to Main capabilities Signed-off-by: Philippe Ombredanne --- website/src/components/HomepageContent/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/src/components/HomepageContent/index.js b/website/src/components/HomepageContent/index.js index 1e03f1a..a7946b9 100644 --- a/website/src/components/HomepageContent/index.js +++ b/website/src/components/HomepageContent/index.js @@ -38,7 +38,7 @@ export default function HomepageContent() { className={styles.sectionHeader} style={{ marginBottom: '15px', marginTop: '15px' }} > -

Key capabilities

+

Main capabilities

AboutCode provides modular building blocks for software composition analysis, From 2fcec6615d6f28bf578bdd06d281d1a26bf84617 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 29 May 2026 22:44:58 +0200 Subject: [PATCH 11/16] Use correct date Signed-off-by: Philippe Ombredanne --- ...t-case-study.md => 2026-05-23-agentic-rust-port-case-study.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename website/blog/agentic-scancode-port-case-study/{2026-06-23-agentic-rust-port-case-study.md => 2026-05-23-agentic-rust-port-case-study.md} (100%) diff --git a/website/blog/agentic-scancode-port-case-study/2026-06-23-agentic-rust-port-case-study.md b/website/blog/agentic-scancode-port-case-study/2026-05-23-agentic-rust-port-case-study.md similarity index 100% rename from website/blog/agentic-scancode-port-case-study/2026-06-23-agentic-rust-port-case-study.md rename to website/blog/agentic-scancode-port-case-study/2026-05-23-agentic-rust-port-case-study.md From dc6f93ab7d05f514f12856858151073620a5ed16 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 29 May 2026 22:49:27 +0200 Subject: [PATCH 12/16] Correct dead links Signed-off-by: Philippe Ombredanne --- website/src/components/EcosystemGrid/index.js | 6 +++--- website/src/data/projects-package-url.json | 2 +- website/src/data/projects-scancode.json | 2 +- website/static/releases.json | 10 +++++----- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/website/src/components/EcosystemGrid/index.js b/website/src/components/EcosystemGrid/index.js index ffd7458..590b531 100644 --- a/website/src/components/EcosystemGrid/index.js +++ b/website/src/components/EcosystemGrid/index.js @@ -256,7 +256,7 @@ export default function EcosystemGrid() { id="licensing" title="License" items={licenses} - header_link={{ label: 'Get started with compliance', url: '/docs/getting_started/compliance/' }} + header_link={{ label: 'Get started with compliance', url: '/docs/getting_started/license-compliance/' }} intro={

AboutCode tracks over 2,500+ curated licenses across 12 categories. Browse all 2,500+ licenses in the LicenseDB. Industry-leading license detection is backed by over 35,000 license notices used as detection rules.

} /> AboutCode collects, correlates, and improves vulnerabilities from multiple advisory data sources, privileging upstream data.

} /> AboutCode imports vulnerability reference data in key industry formats, mapping these to PURL.

} /> Date: Fri, 29 May 2026 23:21:25 +0200 Subject: [PATCH 13/16] Add missing blog tag descriptions Also improve tag permalinks (remove spaces) Signed-off-by: Philippe Ombredanne --- website/blog/tags.yml | 58 +++++++++++++++++++++---------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/website/blog/tags.yml b/website/blog/tags.yml index 12fc951..4ec4004 100644 --- a/website/blog/tags.yml +++ b/website/blog/tags.yml @@ -1,104 +1,104 @@ advisories: label: advisories permalink: /advisories - description: advisories tag description + description: Posts about security advisories, related data, import in AboutCode. agent: label: agent permalink: /agent - description: agent tag description + description: Posts about AI agents and agentic workflows. api: label: api permalink: /api - description: api tag description + description: Posts about APIs and endpoints. atom: label: atom permalink: /atom - description: atom tag description + description: Posts about atom, a code analysis tool. chen: label: chen permalink: /chen - description: chen tag description + description: Posts about chen, a code analysis tool. copyleft: label: copyleft permalink: /copyleft - description: copyleft tag description + description: Posts about copyleft licenses. dependencies: label: dependencies permalink: /dependencies - description: dependencies tag description + description: Posts about software dependencies, resolution, and graphs. dual license: label: dual license - permalink: /dual license - description: dual license tag description + permalink: /dual-license + description: Posts about software released choices of licenses. java: label: java permalink: /java - description: java tag description + description: Posts about Java(tm) software. genai: label: GenAI permalink: /genai - description: GenAI tag description + description: Posts about generative AI. license clarity scoring: label: license clarity scoring - permalink: /license clarity scoring - description: license clarity scoring tag description + permalink: /license-clarity-scoring + description: Posts about license clarity scoring to measure license documentation quality. license compliance: label: license compliance - permalink: /license compliance - description: license compliance tag description + permalink: /license-compliance + description: Posts about open source license compliance processes and tooling. license detection: label: license detection - permalink: /license detection - description: license detection tag description + permalink: /license-detection + description: Posts about license detection. purl: label: PURL - permalink: /PURL - description: PURL tag description + permalink: /purl + description: Posts about Package URL (PURL), the standard identifier for software packages. SCA automation: label: SCA automation - permalink: /SCA automation - description: SCA automation tag description + permalink: /sca-automation + description: Posts about Software Composition Analysis workflows, and automation. rust: label: Rust permalink: /rust - description: Rust tag description + description: Posts about the Rust programming language or ecoystem. scancode: label: ScanCode permalink: /scancode - description: ScanCode tag description + description: Posts about ScanCode Toolkit and ScanCode.io. vcio: label: vcio permalink: /vcio - description: vcio tag description + description: Posts about VulnerableCode.io. vers: label: VERS - permalink: /VERS - description: VERS tag description + permalink: /vers + description: Posts about VERS, the version range specification used alongside PURL. version control: label: version control - permalink: /version control - description: version control tag description + permalink: /version-control + description: Posts about version control. vulnerabilities: label: vulnerabilities permalink: /vulnerabilities - description: vulnerabilities tag description + description: Posts about software vulnerabilities. From 153c48f38d1039e06514187e4621e1255844b6eb Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 29 May 2026 23:36:31 +0200 Subject: [PATCH 14/16] Add new ClerlyDefined posts Signed-off-by: Philippe Ombredanne --- ...04-15-clearlydefined-three-year-roadmap.md | 30 +++++++++++++++++ ...-02-03-osi-aboutcode-clearlydefined-mou.md | 33 +++++++++++++++++++ 2 files changed, 63 insertions(+) create mode 100644 website/blog/clearlydefined-three-year-roadmap/2026-04-15-clearlydefined-three-year-roadmap.md create mode 100644 website/blog/osi-aboutcode-clearlydefined-mou/2026-02-03-osi-aboutcode-clearlydefined-mou.md diff --git a/website/blog/clearlydefined-three-year-roadmap/2026-04-15-clearlydefined-three-year-roadmap.md b/website/blog/clearlydefined-three-year-roadmap/2026-04-15-clearlydefined-three-year-roadmap.md new file mode 100644 index 0000000..9f4e0a9 --- /dev/null +++ b/website/blog/clearlydefined-three-year-roadmap/2026-04-15-clearlydefined-three-year-roadmap.md @@ -0,0 +1,30 @@ +--- +slug: clearlydefined-three-year-roadmap +title: A three-year roadmap for ClearlyDefined +authors: [pombredanne] +tags: [license compliance, license detection] +hide_table_of_contents: false +--- + +ClearlyDefined has published a three-year roadmap covering sustainability, +technical investment, and adoption. AboutCode developed the roadmap together +with the ClearlyDefined community following the OSI and AboutCode +[Memorandum of Understanding](/blog/osi-aboutcode-clearlydefined-mou/) +signed in February. + + + +The roadmap is organized around three themes: + +- **Sustainability**: stable funding and governance so the service and its + curated data remain available without interruption. +- **Technical foundations**: modernizing the harvest/import, curation UX, and + pipelines, and aligning ClearlyDefined data with PURL, ScanCode, and the + rest of the AboutCode project for efficiency gains. +- **Adoption and reach**: lowering the barrier to entry for new contributors, + growing the curator base, and expanding integrations with downstream adopters. + +The full plan, including milestones, is in the +[ClearlyDefined roadmap](https://docs.clearlydefined.io/docs/resources/roadmap) +and is summarized in the +[OSI announcement](https://opensource.org/blog/clearlydefined-a-three-year-roadmap-for-sustainability-and-growth). diff --git a/website/blog/osi-aboutcode-clearlydefined-mou/2026-02-03-osi-aboutcode-clearlydefined-mou.md b/website/blog/osi-aboutcode-clearlydefined-mou/2026-02-03-osi-aboutcode-clearlydefined-mou.md new file mode 100644 index 0000000..fc601fa --- /dev/null +++ b/website/blog/osi-aboutcode-clearlydefined-mou/2026-02-03-osi-aboutcode-clearlydefined-mou.md @@ -0,0 +1,33 @@ +--- +slug: osi-aboutcode-clearlydefined-mou +title: OSI and AboutCode partner to sustain ClearlyDefined +authors: [pombredanne] +tags: [license compliance, license detection] +hide_table_of_contents: false +--- + +The Open Source Initiative (OSI) and AboutCode have signed a Memorandum of +Understanding to put ClearlyDefined on a sustainable path. ClearlyDefined +is a community-run database project of license, copyright, and package metadata +for open source components, and it has been a widely cited reference for +software composition analysis since 2017. It makes heavy usage of ScanCode. + + + +Under the MoU, OSI continues as the project's organizational steward while +AboutCode takes on responsibility for the technical foundations: the data +pipeline, the curation workflow, and integration with the broader AboutCode +toolchain (ScanCode, PurlDB, VulnerableCode). The goal is to keep +ClearlyDefined data current, improve its accuracy, and grow contributor +participation. + +For ClearlyDefined users there is no changes, just continuity: the data +and APIs remain available and open, and the curation process stays open. +For the AboutCode community it means a new project to maintain and support +and a clearer path for license data to flow between ClearlyDefined and +the rest of AboutCode. + +Background on the agreement is in the +[OSI announcement](https://opensource.org/blog/ensuring-the-long-term-sustainability-of-clearlydefined-osi-and-aboutcode-sign-mou) +and the signed +[Memorandum of Understanding](https://opensource.org/wp-content/uploads/2026/02/MoU-AboutCode-OSI-ClearlyDefined.pdf). From 3896e0134483ed22284a2e2ad21ea4fbe78b4279 Mon Sep 17 00:00:00 2001 From: Philippe Ombredanne Date: Fri, 29 May 2026 23:42:18 +0200 Subject: [PATCH 15/16] Reorder grids License, vulns, packages, then the rest Signed-off-by: Philippe Ombredanne --- website/src/components/EcosystemGrid/index.js | 46 +++++++++---------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/website/src/components/EcosystemGrid/index.js b/website/src/components/EcosystemGrid/index.js index 590b531..f147f79 100644 --- a/website/src/components/EcosystemGrid/index.js +++ b/website/src/components/EcosystemGrid/index.js @@ -260,19 +260,12 @@ export default function EcosystemGrid() { intro={

AboutCode tracks over 2,500+ curated licenses across 12 categories. Browse all 2,500+ licenses in the LicenseDB. Industry-leading license detection is backed by over 35,000 license notices used as detection rules.

} /> AboutCode tools detect and analyze code across many programming languages.

} - /> - AboutCode tools support packages and distributions across major server, desktop, and mobile operating systems.

} - /> + id="vuln-sources" + title="Software vulnerabilities" + items={vulnerability_sources} + header_link={{ label: 'Get started with security', url: '/docs/getting_started/software-security/' }} + intro={

AboutCode collects, correlates, and improves vulnerabilities from multiple advisory data sources, privileging upstream data.

} + /> The AboutCode package database and scanners track millions of packages from most package ecosystems.

} /> AboutCode collects, correlates, and improves vulnerabilities from multiple advisory data sources, privileging upstream data.

} + id="operating-systems" + title="Operating systems" + items={operating_systems} + header_link={{ label: 'Get started with software identification', url: '/docs/getting_started/software-identification/' }} + intro={

AboutCode tools support packages and distributions across major server, desktop, and mobile operating systems.

} /> AboutCode imports vulnerability reference data in key industry formats, mapping these to PURL.

} + id="programming-languages" + title="Programming languages" + items={programming_languages} + header_link={{ label: 'Get started with software identification', url: '/docs/getting_started/software-identification/' }} + intro={

AboutCode tools detect and analyze code across many programming languages.

} /> AboutCode supports extraction of most archive, compressed, package, and disk image file formats.

} /> + AboutCode imports vulnerability reference data in key industry formats, mapping these to PURL.

} + />
); } From f8d600034b97957f7c90ad6652d39aaabbb7a870 Mon Sep 17 00:00:00 2001 From: Michael Herzog Date: Fri, 29 May 2026 15:12:56 -0700 Subject: [PATCH 16/16] Update ProjectOverview.md Signed-off-by: Michael Herzog --- website/src/components/HomepageContent/ProjectOverview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/src/components/HomepageContent/ProjectOverview.md b/website/src/components/HomepageContent/ProjectOverview.md index 96e9eeb..9b25954 100644 --- a/website/src/components/HomepageContent/ProjectOverview.md +++ b/website/src/components/HomepageContent/ProjectOverview.md @@ -1,7 +1,7 @@ AboutCode has been designed as a modular stack of applications, tools, libraries and data. We maintain, support and contribute to key open source projects that support healthy software supply chains. -Some these key projects are listed below. +Some of these key projects are listed below. All of the software is open source (primarily licensed under [Apache-2.0](https://scancode-licensedb.aboutcode.org/apache-2.0.html))