ScanCode Toolkit

raw JSON →
32.5.0 verified Fri May 01 auth: no python

ScanCode is a tool to scan code for license, copyright, package and their documented dependencies and other interesting facts. Current version: 32.5.0. Releases are frequent (every few weeks to months). Requires Python >=3.10.

pip install scancode-toolkit

Common errors

error ModuleNotFoundError: No module named 'scancode'
cause Installing the wrong package or missing installed scancode-toolkit.
fix
Run: pip install scancode-toolkit
error AttributeError: 'NoneType' object has no attribute 'as_json'
cause scan() returned None because of invalid path or missing options.
fix
Ensure the path exists and you pass valid options like '--license' and '--copyright' as a dictionary.
error ValueError: Unknown option: --package-in-compiled
cause Using an older version of scancode that doesn't have that option.
fix
Upgrade scancode-toolkit to >=32.5.0

Warnings

breaking Output format version bumped to 4.0.0 in v32.3.0. Attribute renames: 'is_resolved' -> 'is_pinned' in dependencies, 'spdx_license_expression' -> 'license_expression_spdx' in license matches.
fix Update code and scripts to use new attribute names.
gotcha Binary package detection is now skipped by default. Use '--package-in-compiled' to scan packages in compiled binaries (rust/go). Previously these were detected under '--package'.
fix Add '--package-in-compiled' flag to your CLI options if you need to detect packages in compiled binaries.
deprecated Python 3.9 wheels removed in v32.5.0; Python 3.7 dropped in v32.1.0.
fix Upgrade Python to 3.10 or later.

Imports

Quickstart

Basic scan for licenses and copyrights on a directory. The scanner returns a results object; call as_json() to get JSON output.

import os
from scancode.cli import Scanner

scanner = Scanner()
results = scanner.scan('path/to/scan', options={'--license': True, '--copyright': True})
print(results.as_json())
last verified Fri May 01
next check Thu Jul 30