Archive

Read about and watch videos on AboutCode projects, open source, SBOMs, vulnerabilities, licensing, SCA, compliance, and more.

atom and chen join AboutCode

python-inspector: Easily resolve Python dependencies

Manage your organization’s Usage Policies in DejaCode

Open Source Software Supply Chain: FOSS for FOSS

Practical License Detection for Organizations

FOSS Daily for licensing “hygiene” and vulnerability compliance

PURLs of Wisdom: Universal software package identification

Non-Vulnerable Dependency Resolution

Tooling in software supply chain management

Standardizing FOSS package identifiers using PURL

Track your software, and ensure compliance with DejaCode

ScanCode LicenseDB: 2,000+ licenses curated in a public database

Software Composition Analysis for Software Supply Chain Security

What is a Dual License Anyway?

FOSDEM Recap: FOSDEM 2023 partial event report

Technical deep dive into VulnerableCode v31 and VulnTotal

VulnTotal: Validate vulnerability coverage of VulnerableCode

SCA the FOSS Way – Part 1: Software Composition Analysis

Do you really need to update the copyright statement each new year?

VulnerableCode v31 expands vulnerability coverage

There and back again: A software versioning story

Providing Clarity on License Clarity Scoring in ScanCode

VulnerableCode: Find FOSS vulnerabilities, improve FOSS security

VulnerableCode v30 publicly available with new UI and API access

Finding FOSS software vulnerabilities with FOSS tools

Scanning Docker images with ScanCode.io

A vulnerability database should not be about vulnerabilities!

Identifying packages and vulnerabilities across ecosystems

Google Summer of Code: Open source SCA tools with AboutCode

Software Bill of Materials and Software Composition Analysis

Updates on open source scanning with ScanCode

nexB on GPL 3.0 and Related License Compliance Issues

Using Copyleft-licensed software components in a Java application

FOSS and Third Party Software Compliance for Small Businesses

Building the FOSS security commons to identify vulnerabilities

Exploring the state of open source licensing clarity

Ready to automate open compliance?

Archive

atom and chen join AboutCode

python-inspector: Easily resolve Python dependencies

Manage your organization’s Usage Policies in DejaCode

Open Source Software Supply Chain: FOSS for FOSS

Practical License Detection for Organizations

FOSS Daily for licensing “hygiene” and vulnerability compliance

PURLs of Wisdom: Universal software package identification

Non-Vulnerable Dependency Resolution

Tooling in software supply chain management

Standardizing FOSS package identifiers using PURL

Track your software, and ensure compliance with DejaCode

ScanCode LicenseDB: 2,000+ licenses curated in a public database

Software Composition Analysis for Software Supply Chain Security

What is a Dual License Anyway?

FOSDEM Recap: FOSDEM 2023 partial event report

Technical deep dive into VulnerableCode v31 and VulnTotal

VulnTotal: Validate vulnerability coverage of VulnerableCode

SCA the FOSS Way – Part 1: Software Composition Analysis

Do you really need to update the copyright statement each new year?

VulnerableCode v31 expands vulnerability coverage

There and back again: A software versioning story

Providing Clarity on License Clarity Scoring in ScanCode

VulnerableCode: Find FOSS vulnerabilities, improve FOSS security

VulnerableCode v30 publicly available with new UI and API access

Finding FOSS software vulnerabilities with FOSS tools

Scanning Docker images with ScanCode.io

A vulnerability database should not be about vulnerabilities!

Identifying packages and vulnerabilities across ecosystems

Google Summer of Code: Open source SCA tools with AboutCode

Software Bill of Materials and Software Composition Analysis

Updates on open source scanning with ScanCode

nexB on GPL 3.0 and Related License Compliance Issues

Using Copyleft-licensed software components in a Java application

FOSS and Third Party Software Compliance for Small Businesses

Building the FOSS security commons to identify vulnerabilities

Exploring the state of open source licensing clarity

Ready to automate open compliance?

Request a demo of the AboutCode stack.

Open source for open source.