Hi Philippe, Thank you for your interest in guix =)
All package metadata can be accessed easily through scheme. There is no way to export this data currently, although it probably wouldn't be too hard to implement. The approach I was planning on taking is the following: Take a package, remove all build-phases except unpack, add a phase to run scancode and add the output json to the store. This way guix already takes care of fetching and unpacking the package and caching the result. Unless a build input changes, for example scancode (an input to the scancode phase) is updated, or a scanned package is updated, running a tool that I'll call `guix license` for now will work of the json file that was already generated. This means that improving the reporting or postprocessing the results doesn't require rescanning a dependency. Maybe someone else has other/better ;-) thoughts on this? Cheers David
