AboutCode project: tools and data to uncover things about code: the provenance, origin, license, and more (packages, security, quality, etc.) of FOSS code
This is a process where software team run decentralized scans and federate their data in a centralized DejaCode and PurlDB
Possible Solution/Implementation Details
sequenceDiagram
codebase->>+frontend-scancode.io: Run front-end scan
frontend-scancode.io->>+scan-storage: Send inventory JSON to some storage
scan-storage->>+DejaCode: Load inventory JSON in new DejaCode product version
DejaCode->>+PurlDB: Collect on-demand the package in PurlDB
PurlDB->>+backend-scancode.io: Run full scan on packages
PurlDB->>-DejaCode: Get scan from purldb
Short Description
This is a process where software team run decentralized scans and federate their data in a centralized DejaCode and PurlDB
Possible Solution/Implementation Details
See https://mermaid.live/edit#pako:eNptkctOwzAQRX9l5C0NH-BFFzQSEkIUkW02k3haAvY4-FFUVf13xjURCJqVk3vu8cQ-qdEbUlpF-sjEI7UT7gO6nkGekg0YqVmvb3bBcyI2TRyRS3A7eQ0vmeGSNBJBiWrzGl0s5bWJyQfck4aulCY-EMuXIzx02ydIHqJ3BN9Q1f2uFU1Lb7gRq4ZHj_8UEwPTJywQzMGbPCY4UIiTZ6jOJS6-5xxse6dh460lIT03hhzKdOlV-ji-y8bFW8EqqOtSHwS4fjTZ2svwYlw08U-7-fmZe0qVluNzMAthhp7VSjkKDicj93Qq7V7JWI56pWVpaIfZpl71fBYUc_LdkUelU8i0Unk2mJZrVXqHNtL5C5HyrDI