SCANOSS-PY

# Scan directory with dependency detection
scanoss-py scan /path/to/your/code \
  --dependencies \
  --output results.json \
  --apiurl https://api.scanoss.com/scan/direct \
  --key "$SCANOSS_API_KEY"

# View complete scan results
cat results.json | jq '.'

# View cryptography information for all files
cat results.json | jq '.[].[] | select(.cryptography != null) | {file: .file, component: .component, crypto: .cryptography}'

{
  "file": "src/copyright.c",
  "component": "engine",
  "crypto": [
    {
      "algorithm": "md5",
      "strength": "128"
    }
  ]
}
{
  "file": "src/scanoss/scanner.py",
  "component": "scanoss.py",
  "crypto": [
    {
      "algorithm": "sha2",
      "strength": "224-512"
    }
  ]
}

# Extract all PURLs with versions
jq -r '.[].[] | select(.purl != null) | .purl[] as $purl | "\($purl)@\(.version)"' results.json

# Extract unique PURLs
jq -r '.[].[] | select(.purl != null) | .purl[]' results.json | sort -u

# Save PURLs to file for batch processing
jq -r '.[].[] | select(.purl != null) | .purl[] as $purl | "\($purl)@\(.version)"' results.json > purls.txt

pkg:github/scanoss/engine@5.0.0
pkg:github/scanoss/scanoss.py@v1.3.6
pkg:pypi/scanoss@v1.3.6

scanoss-py crypto algorithms \
  --purl "pkg:github/scanoss/scanoss.py@>v1.3.5" \
  --key "$SCANOSS_API_KEY"

{
  "components": [
    {
      "purl": "pkg:github/scanoss/scanoss.py",
      "version": "v1.41.0",
      "requirement": ">v1.3.5",
      "algorithms": [
        {
          "algorithm": "fnv1",
          "strength": "1024"
        },
        {
          "algorithm": "md5",
          "strength": "128"
        },
        {
          "algorithm": "sha2",
          "strength": "224-512"
        }
      ]
    }
  ],
  "status": {
    "status": "SUCCESS",
    "message": "Algorithms retrieved successfully."
  }
}

# Create PURL input file
cat > purl-list.json << 'EOF'
{
  "purls": [
    {
      "purl": "pkg:npm/crypto-js@4.1.1"
    },
    {
      "purl": "pkg:pypi/cryptography@40.0.2"
    },
    {
      "purl": "pkg:maven/org.bouncycastle/bcprov-jdk15on@1.70"
    }
  ]
}
EOF

# Query all components
scanoss-py crypto algorithms \
  --input purl-list.json \
  --key "$SCANOSS_API_KEY"

# Query hints for one component
scanoss-py crypto hints \
  --purl "pkg:github/scanoss/scanoss.py@>v1.3.5" \
  --key "$SCANOSS_API_KEY"

{
  "components": [
    {
      "purl": "pkg:github/scanoss/scanoss.py",
      "version": "v1.41.0",
      "requirement": ">v1.3.5",
      "hints": [
        {
          "id": "library/openssl",
          "name": "OpenSSL",
          "description": "A robust, full-featured open-source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.",
          "category": "library",
          "url": "https://www.openssl.org/docs/",
          "purl": "pkg:github/openssl/openssl"
        },
        {
          "id": "package/pycryptodome",
          "name": "PyCryptodome",
          "description": "A self-contained Python package of low-level cryptographic primitives.",
          "category": "package",
          "url": "https://pycryptodome.readthedocs.io/en/latest/",
          "purl": "pkg:github/Legrandin/pycryptodome"
        },
        {
          "id": "protocol/tls",
          "name": "TLS",
          "description": "TLS (Transport Layer Security) is a cryptographic protocol designed to provide secure communication over computer networks.",
          "category": "protocol"
        },
        {
          "id": "protocol/https",
          "name": "HTTPS",
          "description": "HTTPS (Hypertext Transfer Protocol Secure) is a protocol for secure communication over a computer network",
          "category": "library"
        },
        {
          "id": "protocol/OAuth",
          "name": "Open Authorization",
          "description": "N/A",
          "category": "protocol"
        }
      ]
    }
  ],
  "status": {
    "status": "SUCCESS",
    "message": "Encryption's hints retrieved successfully."
  }
}