FOSSLight Scanner
Project description
FOSSLight Scanner
Analyze at once for Open Source Compliance.
FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git. Instead, open source analysis can be performed for the local source path. The output result is generated in FOSSLight Report format.
- FOSSLight Prechecker Check whether the source code's copyright and license writing rules are complied with.
- FOSSLight Source Scanner Extract license and copyright in the source code using ScanCode.
- FOSSLight Dependency Scanner Extract dependency and OSS information from the package manager's manifest file.
- FOSSLight Binary Scanner Find binary and print OSS information.
Contents
📋 Prerequisite
FOSSLight Scanner needs a Python 3.6+.
🎉 How to install
It can be installed using pip3. It is recommended to install it in the python 3.7 + virtualenv environment.
$ pip3 install fosslight_scanner
🚀 How to run
FOSSLight Scanner is run with the fosslight command.
fosslight [Mode] [option1] <arg1> [option2] <arg2>...
Parameters
Mode
all Run all scanners(Default)
source Run FOSSLight Source
dependency Run FOSSLight Dependency
binary Run FOSSLight Binary
prechecker Run FOSSLight Prechecker
compare Compare two FOSSLight reports
Options:
-h Print help message
-p <path> Path to analyze (ex, -p {input_path})
* Compare mode input file: Two FOSSLight reports (supports excel, yaml)
(ex, -p {before_name}.xlsx {after_name}.xlsx)
-w <link> Link to be analyzed can be downloaded by wget or git clone
-f <format> FOSSLight Report file format (excel, yaml)
* Compare mode result file: supports excel, json, yaml, html
-o <output> Output directory or file
-c <number> Number of processes to analyze source
-e <path> Path to exclude from analysis (ex, -e {dir} {file})
-r Keep raw data
-t Hide the progress bar
-v Print FOSSLight Scanner version
-s <path> Path to apply setting from json file (check format with 'setting.json' in this repository)
* Direct cli flags have higher priority than setting file
(ex, '-f yaml -s setting.json' - result file extension is .yaml)
- Refs.
- Additional arguments for running dependency analysis. See the FOSSLight Dependency Guide for instructions.
- In the case of DB URL, it is the DB connection information to be used in FOSSLight Binary.
Ex 1. Local Source Analysis
$ fosslight all -p /home/source_path -d "-a 'source /test/Projects/venv/bin/activate' -d 'deactivate'"
Ex 2. Local Source Analysis with Path to Exclude
$ fosslight all -p /home/source_path -e temp_dir src/temp.py
Ex 3. Download Link and analyze
$ fosslight all -o test_result_wget -w "https://github.com/LGE-OSS/example.git"
If you want to analyze private repository, set your github token like below.
$ fosslight all -w "https://my_github_token@github.com/Foo/private_repo
Ex 4. Compare the BOM of two FOSSLight reports with yaml or excel format and check the oss status (change/add/delete)
$ fosslight compare -p FOSSLight_before_proj.yaml FOSSLight_after_proj.yaml -f excel
📁 Result
$ tree
.
├── fosslight_log
│ ├── fosslight_log_20210924_022422.txt
└── FOSSLight-Report_20210924_022422.xlsx
- FOSSLight_Report-[datetime].xlsx : OSS Report format file that outputs source code analysis, binary analysis, and dependency analysis results.
- fosslight_raw_data_[datetime] directory: Directory in which raw data files are created as a result of analysis
🐳 How to run using Docker
- Build image using Dockerfile.
$docker build -t fosslight .
- Run with the image you built.
ex. Output: /Users/fosslight_source_scanner/test_output, Path to be analyzed: tests/test_files
$docker run -it -v /Users/fosslight_source_scanner/test_output:/app/output fosslight -p tests/test_files -o output
👏 How to report issue
Please report any ideas or bugs to improve by creating an issue in fosslight_scanner repository.
Then there will be quick bug fixes and upgrades. Ideas to improve are always welcome.
📄 License
FOSSLight Scanner is released under Apache-2.0.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file fosslight_scanner-2.1.0.tar.gz
.
File metadata
- Download URL: fosslight_scanner-2.1.0.tar.gz
- Upload date:
- Size: 24.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.8.18
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | b790c505cc132f95230da18964d2d9e4be8fa69a3cf92ce8667db28904a5699f |
|
MD5 | 41d10572b820f4983a9828a32fbd9df1 |
|
BLAKE2b-256 | 88b783541e73544ce1c55ebb1975030aa192640bb13578c0d560b86c66f54c56 |
File details
Details for the file fosslight_scanner-2.1.0-py3-none-any.whl
.
File metadata
- Download URL: fosslight_scanner-2.1.0-py3-none-any.whl
- Upload date:
- Size: 25.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.8.18
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 4d71329910214f2b8bd72e6b9acf992b355dc28190a9a8bb4fb50f4fefd76801 |
|
MD5 | da184ea76df1dbb8d6cac10f2b7ee36e |
|
BLAKE2b-256 | b343609ab61626309bf9c19742ae2dd72a55141622dc5fc5eba2a7ba3b471deb |