FOSSLight Scanner
Project description
FOSSLight Scanner
Analyze at once for Open Source Compliance.
FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git. Instead, open source analysis can be performed for the local source path. The output result is generated in FOSSLight Report format.
- FOSSLight Reuse Check whether the source code's copyright and license writing rules are complied with.
- FOSSLight Source Scanner Extract license and copyright in the source code using ScanCode.
- FOSSLight Dependency Scanner Extract dependency and OSS information from the package manager's manifest file.
- FOSSLight Binary Scanner Find binary and print OSS information.
Contents
📋 Prerequisite
FOSSLight Scanner needs a Python 3.6+.
🎉 How to install
It can be installed using pip3. It is recommended to install it in the python 3.6 + virtualenv environment.
$ pip3 install fosslight_scanner
🚀 How to run
FOSSLight Scanner is run with the fosslight command.
fosslight [Mode] [option1] <arg1> [option2] <arg2>...
Parameters
Mode
source Run FOSSLight Source
dependency Run FOSSLight Dependency
binary Run FOSSLight Binary
reuse Run FOSSLight Reuse
all Run all scanners
Options:
-h Print help message
-r Keep raw data
-t Hide the progress bar
-v Print FOSSLight Scanner version
-p <path> Path to analyze source
-w <link> Link to be analyzaed can be downloaded by wget or git clone
-o <output> Output Directory or file
-f <format> Output file format (excel, csv, opossum)
-c <cores> Number of processes to analyze source
-d <additional_arg> Additional arguments for running dependency analysis
-u <db_url> DB Connection(format :'postgresql://username:password@host:port/database_name')
- Refs.
- Additional arguments for running dependency analysis. See the FOSSLight Dependency Guide for instructions.
- In the case of DB URL, it is the DB connection information to be used in FOSSLight Binary.
Ex 1. Local Source Analysis
$ fosslight all -p /home/source_path -d "-a 'source /test/Projects/venv/bin/activate' -d 'deactivate'"
Ex 2. Download Link and analyze
$ fosslight all -o test_result_wget -w "https://github.com/LGE-OSS/example.git"
📁 Result
$ tree
.
├── fosslight_log
│ ├── fosslight_log_20210924_022422.txt
└── FOSSLight-Report_20210924_022422.xlsx
- FOSSLight_Report-[datetime].xlsx : OSS Report format file that outputs source code analysis, binary analysis, and dependency analysis results.
- fosslight_raw_data_[datetime] directory: Directory in which raw data files are created as a result of analysis
🐳 How to run using Docker
- Build image using Dockerfile.
$docker build -t fosslight .
- Run with the image you built.
ex. Output: /Users/fosslight_source_scanner/test_output, Path to be analyzed: tests/test_files
$docker run -it -v /Users/fosslight_source_scanner/test_output:/app/output fosslight -p tests/test_files -o output
👏 How to report issue
Please report any ideas or bugs to improve by creating an issue in fosslight_scanner repository.
Then there will be quick bug fixes and upgrades. Ideas to improve are always welcome.
📄 License
FOSSLight Scanner is released under Apache-2.0.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for fosslight_scanner-1.6.15-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | cf6ad2a29b06bdd7ce42db99727d366d43a1afe2791b5b23f6baea5dc818ec3f |
|
MD5 | 20417e057eb4100bcb9283948add9894 |
|
BLAKE2b-256 | 6344537d2966c13bd8ba436772fcde1c25779bb9b0d1fa558c9d7af7957c50bb |