The SCANOSS python package provides a simple, easy to consume library for interacting with SCANOSS APIs/Engine.

To install (from pypi.org), please run:

pip3 install scanoss

The package can be run from the command line, or consumed from another Python script.

For more details, please look at PACKAGE.md.

To leverage the CLI from within a container, please look at GHCR.md.

Before starting with development of this project, please read our CONTRIBUTING and CODE OF CONDUCT.

Python 3.7 or higher.

The dependencies can be found in the requirements.txt and requirements-dev.txt files.

To install dependencies, run:

pip3 install -r requirements.txt
pip3 install -r requirements-dev.txt

To enable dependency scanning, an extra tool is required: scancode-toolkit

pip3 install -r requirements-scancode.txt

More details on Python packaging/distribution can be found here, here, and here.

It is good practice to set up a Virtual Env (venv) to isolate and simplify development/testing. If using PyCharm, please follow these instructions.

In order to develop/test a Python package, it is necessary to register the package locally. This can be done using the following command:

python3 setup.py develop --user

There is also a Makefile in the repository, which provide helpers to achieve this:

make dev_setup

The client now makes use of REST & gRPC. For gRPC specific environment variables please look here.

Packaging the library for deployment is done using setup.

The version of the package is defined in the scanoss init file. Please update this version before packaging/releasing an update.

To package the library, please run:

make dist

This project uses twine to upload packages to pypi.org. In order to run twine, a user needs to be registered with both TestPyPI and PyPI. Details for using TestPyPI can be found here and PyPI here.

Once the credentials have been stored in $HOME/.pypirc, the following command can be run:

make publish_test

This will deploy the package to TestPyPI. Run some tests to verify everything is ok.

Then deploy to prod:

make publish

This will deploy the package to PyPI.

The package will then be available to install using:

pip3 install scanoss

There are a number of workflows setup for this repository. They provide the following:

• Local build/test
  • Automatically triggered on pushes or PRs to main. Can also be run manually for other branches
• Local container build/test
  • Automatically triggered on pushes or PRs to main. Can also be run manually for other branches
• Publish to Test PyPI
  • Can be manually triggered to push a test version from any branch
• Publish to PyPI
  • Build and publish the Python package to PyPI (triggered by v*.. tag)
• Publish container to GHCR
  • Build and publish the Python container to GHCR (triggered by v*.. tag)

To request features or alert about bugs, please do so here.

Details of major changes to the library can be found in CHANGELOG.md.

Details about the Winnowing algorithm used for scanning can be found here.