Update project data

website/blog/atom-chen-aboutcode/2025-02-04-atom-chen-aboutcode.md

@@ -23,7 +23,7 @@ lead maintainer of atom and chen, founder of AppThreat, and creator of other
 open source  supply chain security tools like [OWASP CycloneDX Generator
 (cdxgen)](https://github.com/CycloneDX/cdxgen),
 [OWASP blint](https://github.com/owasp-dep-scan/blint), and
- [OWASP depscan](https://owasp.org/www-project-dep-scan/).
+ [OWASP depscan](https://owasp.org/www-project-dep-scan/).  <!-- truncate -->
 
 While working on a different problem, Prabhu uncovered a lack of high-quality
 code hierarchy analysis libraries and CLI tools. atom and chen were built as

website/blog/copyleft-licensed-software-java-app/2021-01-31-copyleft-licensed-software-java-app.md

@@ -17,7 +17,7 @@ This document explains some key considerations for the use of Copyleft-licensed
 
 For this document, “JAR” refers specifically to an executable Java library that is a collection of `.class` files packaged into a file with the `.jar` extension; it does not refer to the use of a `.jar` file as an archive file only (such as for packaging source files for a Java library).
 
-The purpose of this document is to present a “conservative” interpretation of what linking, or interaction may mean in the Java context. It is not based on any particular product or application and we are not aware of any specific license compliance enforcement actions in this area.
+The purpose of this document is to present a “conservative” interpretation of what linking, or interaction may mean in the Java context. It is not based on any particular product or application and we are not aware of any specific license compliance enforcement actions in this area.  <!-- truncate -->
 
 ## “Strong” Copyleft-licensed Components
 

website/blog/curated-licenses-public-database-scancode-licensedb/2026-01-29-scancode-licensedb.md

@@ -9,7 +9,7 @@ hide_table_of_contents: false
 The ScanCode LicenseDB is all about identifying a wide variety of licenses that are actually found in software.
 
 ![ScanCode-LicenseDB-2026-01](ScanCode-LicenseDB-2026-01.png)
-
+<!-- truncate -->
 New software licenses appear constantly (like mushrooms popping out of the ground after a heavy rain) and old nearly-forgotten ones are rediscovered when someone [scans a codebase](https://www.nexb.com/scancode/) that incorporates legacy code (like finding rare medieval manuscripts in the back shelves of a library). The [ScanCode LicenseDB](https://scancode-licensedb.aboutcode.org/) precisely identifies and organizes licenses and their metadata so that multiple members of the software community can understand exactly which licenses are being referenced in project documentation.
 
 If you have seen a license notice, passed it on to your legal team for scrutiny, and completed that review, then you probably do not want to repeat that process over and over again.

website/blog/non-vulnerable-dependency-resolution/2023-04-13-non-vulnerable-dependency-resolution.md

@@ -18,7 +18,7 @@ Until now, these contexts have been considered as separate domains:
 
 - Security tools check if resolved package versions are affected by known vulnerabilities (even when integrated in a package management tool)
 
-As a result, the typical approach to get a non-vulnerable dependency tree is:
+As a result, the typical approach to get a non-vulnerable dependency tree is: <!-- truncate -->
 
 1. Resolve a dependency tree and install the resolved package versions.
 

website/blog/purls-of-wisdom/2023-05-03-purls-of-wisdom.md

@@ -12,7 +12,7 @@ Accurately identify third-party software packages with PURL.
 
 If you need to generate (or consume) Software Bill of Materials (SBOMs), then you need a standardized way to communicate information about what components are in your software.
 
-If you’re using or building applications, you need tools to determine if there are any known security issues with open source and third-party components.
+If you’re using or building applications, you need tools to determine if there are any known security issues with open source and third-party components.  <!-- truncate -->
 
 If you’re building tools for Software Composition Analysis (SCA) like analyzing the origin, license, security, and quality of the code across different ecosystems. You need a simple way to identify the packages used.
 

website/blog/scancode-license-clarity-scoring/2022-10-27-scancode-license-clarity-scoring.md

@@ -12,7 +12,7 @@ When automating SCA, License Clarity Scoring helps determine if scan results req
 
 When automating Software Composition Analysis (SCA) with a scanning tool, you need to quickly evaluate the results – especially to determine whether or not the results require a deeper investigation.
 
-[ScanCode](https://www.nexb.com/scancode) now includes License Clarity Scoring to provide users with a confidence level regarding the automated scan results.
+[ScanCode](https://www.nexb.com/scancode) now includes License Clarity Scoring to provide users with a confidence level regarding the automated scan results.  <!-- truncate -->
 
 License Clarity is a set of criteria that indicate how clearly, comprehensively and accurately a software project has defined and communicated the licensing that applies to the project software. Note that this is not an indication of the license clarity of any software dependencies.
 

website/blog/software-versioning/2022-11-15-software-versioning.md

@@ -12,7 +12,7 @@ One software version control to rule them (modern software development) all?
 
 Software projects make many decisions, but one of the most critical is deciding how to implement version control (also known as revision control, source control, or source code management). With modern software development, a versioning convention is a key tool to manage software releases and revisions. The two main approaches are calendar versioning (CalVer) and semantic versioning (SemVer), often with some alterations depending on an organization’s or project’s requirements.
 
-For AboutCode projects, we started with SemVer, transitioned to CalVer and then migrated back to a format that mostly resembles SemVer. This blog post details the pros and cons of each version convention, along with explaining why we embarked on this version convention journey.
+For AboutCode projects, we started with SemVer, transitioned to CalVer and then migrated back to a format that mostly resembles SemVer. This blog post details the pros and cons of each version convention, along with explaining why we embarked on this version convention journey.  <!-- truncate -->
 
 ## The Fellowship of the Version Conventions
 

website/blog/tags.yml

@@ -18,16 +18,51 @@ chen:
   permalink: /chen
   description: chen tag description
 
+copyleft:
+  label: copyleft
+  permalink: /copyleft
+  description: copyleft tag description
+
 dependencies:
   label: dependencies
   permalink: /dependencies
   description: dependencies tag description
 
+dual license:
+  label: dual license
+  permalink: /dual license
+  description: dual license tag description
+
+java:
+  label: java
+  permalink: /java
+  description: java tag description
+
+license clarity scoring:
+  label: license clarity scoring
+  permalink: /license clarity scoring
+  description: license clarity scoring tag description
+
+license compliance:
+  label: license compliance
+  permalink: /license compliance
+  description: license compliance tag description
+
+license detection:
+  label: license detection
+  permalink: /license detection
+  description: license detection tag description
+
 purl:
   label: PURL
   permalink: /PURL
   description: PURL tag description
 
+SCA automation:
+  label: SCA automation
+  permalink: /SCA automation
+  description: SCA automation tag description
+
 vcio:
   label: vcio
   permalink: /vcio
@@ -38,6 +73,11 @@ vers:
   permalink: /VERS
   description: VERS tag description
 
+version control:
+  label: version control
+  permalink: /version control
+  description: version control tag description
+
 vulnerabilities:
   label: vulnerabilities
   permalink: /vulnerabilities

website/blog/vcio-migration-announcement-aboutcode/2026-01-21-vcio-migration-announcement-aboutcode.md

@@ -14,7 +14,7 @@ The AboutCode team is planning to deprecate the V1 and V2 API of VulnerableCode
 
 ## Why this new API
 
-The existing V1 and V2 APIs are both based on the “vulnerabilities” model, designed to aggregate information from multiple advisory sources based on identifiers and aliases. With the "vulnerabilities" model it is difficult to determine which source is correct because of the combination of sources. This may result in data from one source overwriting data from another source.
+The existing V1 and V2 APIs are both based on the “vulnerabilities” model, designed to aggregate information from multiple advisory sources based on identifiers and aliases. With the "vulnerabilities" model it is difficult to determine which source is correct because of the combination of sources. This may result in data from one source overwriting data from another source.  <!-- truncate -->
 
 ---
 
@@ -32,20 +32,20 @@ The new “advisories” model introduces an Advisory ID (AVID) for each advisor
 
 We are planning to complete the following tasks by the end of January 2026:
 
-- Redesigning the API and UI  
-- Migrating our existing data sources  
-- Documenting the V3 API and the new UI  
+- Redesigning the API and UI
+- Migrating our existing data sources
+- Documenting the V3 API and the new UI
 
 ---
 
 ## Current Status
 
-https://public2.vulnerablecode.io/v2 uses the new advisory based UI 
+https://public2.vulnerablecode.io/v2 uses the new advisory based UI
 https://public2.vulnerablecode.io/api/v3/ uses new API, but it is still under development and not ready for production use.
 
 ---
 
 ## Migration Progress
 
-You can track the progress of migration here:  
+You can track the progress of migration here:
 https://github.com/orgs/aboutcode-org/projects/52/views/48

website/blog/what-is-a-dual-license-anyway/2023-03-14-what-is-a-dual-license-anyway.md

@@ -19,7 +19,7 @@ What does “Dual” mean in this context? In a practical sense, it means you ha
 - Which version of BSD?
 - And which version of GPL?
 
-Typically, but not always, this example statement means that you have a choice of BSD-3-Clause OR GPL 2.0 or later because these are the most common versions of those licenses. As the consumer of the software project you must conclude that interpretation and choice, usually after exploring the other license notices in the project files. You must declare that choice in the attribution of your project(s) or product(s) that use that software.
+Typically, but not always, this example statement means that you have a choice of BSD-3-Clause OR GPL 2.0 or later because these are the most common versions of those licenses. As the consumer of the software project you must conclude that interpretation and choice, usually after exploring the other license notices in the project files. You must declare that choice in the attribution of your project(s) or product(s) that use that software.  <!-- truncate -->
 
 But doesn’t “Dual” mean “consisting of two parts”? Well, yes, that is true in standard English usage, but in the historical practice of many open source projects, this term is ambiguously applied. This wreaks havoc on license detection programs, and creates more busy-work for anyone wanting to use the “Dual-licensed” software.