Skip to main content

FOSSLight Scanner

Project description

FOSSLight Scanner

Analyze at once for Open Source Compliance.

FOSSLight Scanner is released under the Apache-2.0. Current python package version. REUSE status

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git. Instead, open source analysis can be performed for the local source path. The output result is generated in FOSSLight Report format.

Contents

📋 Prerequisite

FOSSLight Scanner needs a Python 3.6+.

🎉 How to install

It can be installed using pip3. It is recommended to install it in the python 3.7 + virtualenv environment.

$ pip3 install fosslight_scanner

🚀 How to run

FOSSLight Scanner is run with the fosslight command.

fosslight [Mode] [option1] <arg1> [option2] <arg2>...

Parameters

Mode

        all                     Run all scanners(Default)
        source                  Run FOSSLight Source
        dependency              Run FOSSLight Dependency
        binary                  Run FOSSLight Binary
        prechecker              Run FOSSLight Prechecker
        compare                 Compare two FOSSLight reports

Options:

        -h                      Print help message
        -p <path>               Path to analyze (ex, -p {input_path})
                                 * Compare mode input file: Two FOSSLight reports (supports excel, yaml)
                                   (ex, -p {before_name}.xlsx {after_name}.xlsx)
        -w <link>               Link to be analyzed can be downloaded by wget or git clone
        -f <format>             FOSSLight Report file format (excel, yaml)
                                 * Compare mode result file: supports excel, json, yaml, html
        -o <output>             Output directory or file
        -c <number>             Number of processes to analyze source
        -e <path>               Path to exclude from analysis (ex, -e {dir} {file})
        -r                      Keep raw data
        -t                      Hide the progress bar
        -v                      Print FOSSLight Scanner version
        -s <path>               Path to apply setting from json file (check format with 'setting.json' in this repository)
                                 * Direct cli flags have higher priority than setting file
                                   (ex, '-f yaml -s setting.json' - result file extension is .yaml)

Ex 1. Local Source Analysis

$ fosslight all -p /home/source_path -d "-a 'source /test/Projects/venv/bin/activate' -d 'deactivate'"

Ex 2. Local Source Analysis with Path to Exclude

$ fosslight all -p /home/source_path -e temp_dir src/temp.py

Ex 3. Download Link and analyze

$ fosslight all -o test_result_wget -w "https://github.com/LGE-OSS/example.git"

If you want to analyze private repository, set your github token like below.

$ fosslight all -w "https://my_github_token@github.com/Foo/private_repo

Ex 4. Compare the BOM of two FOSSLight reports with yaml or excel format and check the oss status (change/add/delete)

$ fosslight compare -p FOSSLight_before_proj.yaml FOSSLight_after_proj.yaml -f excel

📁 Result

$ tree
.
├── fosslight_log
│   ├── fosslight_log_20210924_022422.txt
└── FOSSLight-Report_20210924_022422.xlsx
  • FOSSLight_Report-[datetime].xlsx : OSS Report format file that outputs source code analysis, binary analysis, and dependency analysis results.
  • fosslight_raw_data_[datetime] directory: Directory in which raw data files are created as a result of analysis

🐳 How to run using Docker

  1. Build image using Dockerfile.
$docker build -t fosslight .
  1. Run with the image you built.
    ex. Output: /Users/fosslight_source_scanner/test_output, Path to be analyzed: tests/test_files
$docker run -it -v /Users/fosslight_source_scanner/test_output:/app/output fosslight -p tests/test_files -o output

👏 How to report issue

Please report any ideas or bugs to improve by creating an issue in fosslight_scanner repository.
Then there will be quick bug fixes and upgrades. Ideas to improve are always welcome.

📄 License

FOSSLight Scanner is released under Apache-2.0.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

fosslight_scanner-2.1.0.tar.gz (24.1 kB view details)

Uploaded Source

Built Distribution

fosslight_scanner-2.1.0-py3-none-any.whl (25.0 kB view details)

Uploaded Python 3

File details

Details for the file fosslight_scanner-2.1.0.tar.gz.

File metadata

  • Download URL: fosslight_scanner-2.1.0.tar.gz
  • Upload date:
  • Size: 24.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.8.18

File hashes

Hashes for fosslight_scanner-2.1.0.tar.gz
Algorithm Hash digest
SHA256 b790c505cc132f95230da18964d2d9e4be8fa69a3cf92ce8667db28904a5699f
MD5 41d10572b820f4983a9828a32fbd9df1
BLAKE2b-256 88b783541e73544ce1c55ebb1975030aa192640bb13578c0d560b86c66f54c56

See more details on using hashes here.

File details

Details for the file fosslight_scanner-2.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for fosslight_scanner-2.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 4d71329910214f2b8bd72e6b9acf992b355dc28190a9a8bb4fb50f4fefd76801
MD5 da184ea76df1dbb8d6cac10f2b7ee36e
BLAKE2b-256 b343609ab61626309bf9c19742ae2dd72a55141622dc5fc5eba2a7ba3b471deb

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page