top of page

OSS Review Toolkit Gets Smarter: Introducing Snippet Choice

  • Writer: Giuliana Bruni
    Giuliana Bruni
  • Jun 17
  • 2 min read

Updated: Jun 19

Geometric logo with colorful triangles beside text "ORT + SCANOSS Snippet Detection" on a light, tech-patterned background.

Developers using SCANOSS with the OSS Review Toolkit (ORT) already know the value of precise, automated scanning. Now, with support for Snippet Choices, the workflow becomes smarter, and a lot less noisy.


This isn’t a new integration, SCANOSS has worked seamlessly with ORT for some time. What’s new is how decisions from past scans can now be persisted, reused, and versioned as part of your project’s source, cutting down repetitive work and making real changes easier to spot.


What is snippet_choices?


When SCANOSS scans your code via ORT, it surfaces all detected snippets: full or partial code matches from publicly available repositories. That’s powerful—but sometimes too noisy. Some findings are relevant, some are obvious reuses, and others are marginal matches.


The snippet_choices feature allows you to annotate your decisions directly into your .ort.yml. You declare which findings are correct, which are irrelevant, and ORT will honour those decisions in every future scan. SCANOSS will only raise the flag on new, unclassified findings—keeping your compliance workflow clean and focused.


Why it matters


Without snippet_choices, every scan shows the same snippet results, and you're forced to re-triage again and again. This clutters your workflow and slows your ability to respond to real changes, like introducing a new open source component.


With SCANOSS + snippet_choices:

·      You accept or ignore each result.

·      Store your decision in version control.

·      Re-run the scan.

·      SCANOSS now focuses only on new or changed findings.


This streamlines compliance reviews and flags only meaningful differences going forward. It’s ideal for iterative development and critical for CI environments.

 

How it works


Here’s the basic flow:

1.        Run a scan with SCANOSS + ORT.

2.        Inspect the scan output.

3.        Create a snippet-choice.yml (or JSON) file to declare your decisions, file by file.

4.        Re-run the scan. Decisions are applied automatically.

5.        Repeat until only new, unreviewed results are surfaced.


Think of it as a decision cache that lives in your project — and evolves with your code.


Unlike other scanners, SCANOSS treats even partial snippet matches as first-class evidence. With snippet_choices, accepted matches (even if incomplete) will now contribute to license findings. The rest are automatically suppressed. This gives you:


·      Precise control over what counts.

·      Traceable auditability for your decisions.

·      Confidence that only new, unreviewed content raises flags.


And all your findings will be recorded in the output scan result.


If you’re already using SCANOSS with ORT, no major changes are needed. Just start recording your decisions using the supported format:  ORT Snippet Choice Docs


This feature is already available.

Adopt SCANOSS today

Get complete visibility and control over your open source.

Product
Overview
Open Source Tools
Resources
Get Support
support@scanoss.com
White Papers
Standardizing OSS Inventorying
The Future of Software Supply Chain Transparency
Find us
SCAN Open Source Solutions SL
Paseo de la Castellana 81, Floor 15
Madrid, Spain 28046

© Copyright 2018-2024 / SCANOSS.COM / All Rights Reserved

The information in this website is provided "As is", without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose and noninfringement. In no event shall the authors or copyright holders be liable for any claim, damages or other liability, whether in an action of contract, tort or otherwise, arising from, out of or in connection with the information or the use or other dealings in the information.

Privacy Policy - Terms of Service

bottom of page