FOSSLight Source Scanner
FOSSLight Source Scanner uses source code scanners, ScanCode and SCANOSS. ScanCode detects copyright and license phrases contained in the file and SCANOSS searches OSS Name, OSS Version, download location, copyright and license information from OSSKB. Some files (ex- build script), binary files, directory and files in specific directories (ex-test) are excluded from the result. And removes words such as "-only" and "-old-style" from the license name to be printed. The output result is generated in spreadsheet format.
Github Repository : https://github.com/fosslight/fosslight_source_scanner
License : Apache-2.0
Contents
π Prerequisite
FOSSLight Source Scanner needs a Python 3.8+.
π How to install
It can be installed using pip3. It is recommended to install it in the python 3.8 + virtualenv environment.
$ pip3 install fosslight_source
π How to run
1. fosslight_source
After executing ScanCode, the source code scanner, print the FOSSLight Report.
$ fosslight_source [option] <arg>
Options
Optional
-p <source_path> Path to analyze source (Default: current directory)
-h Print help message
-v Print FOSSLight Source Scanner version
-m Print additional information for scan result on separate sheets
-o <output_path> Output path (Path or file name)
-f <format> Output file format (excel, csv, opossum, yaml)
Options only for FOSSLight Source Scanner
-s <scanner> Select which scanner to be run (scancode, scanoss, all)
-j Generate raw result of scanners in json format
-t <float> Stop scancode scanning if scanning takes longer than a timeout in seconds.
-c <core> Select the number of cores to be scanned with ScanCode.
--no_correction Enter if you don't want to correct OSS information with sbom-info.yaml
--correct_fpath <path> Path to the sbom-info.yaml file
If scanner is not specified with -s option, all scanners (ScanCode, SCANOSS) will be run and the result will be merged.
Example
Print result to FOSSLight Report and results of ScanCode and SCANOSS in json file.
$ fosslight_source -p /home/source_path -j
2. fosslight_convert
Converts the result of executing ScanCode in json format into FOSSLight Report format.
$ fosslight_convert [option] <arg>
Options
Optional
-p <path_dir> Path of ScanCode json files (Default: current directory)
-h Print help message
-m Print the Matched text for each license on a separate sheet
-o <output_path> Output path
(If you want to generate the specific file name, add the output path with file name.)
-f <format> Output file format (excel, csv, opossum)
Example
Converting scancode json result to FOSSLight report
$ fosslight_convert -p /home/jsonfile_dir
π Result
$ tree
.
βββ fosslight_log_220103_1540.txt
βββ fosslight_opossum_220103_1540.json
βββ fosslight_report_220103_1540.xlsx
βββ fosslight_report_220103_1540.csv
βββ scancode_raw_result.json
βββ scanner_output.wfp
βββ scanoss_raw_result.json
- fosslight_log_[datetime].txt : The execution log.
- fosslight_opossum_[datetime].json : FOSSLight Source Scanner result for OpossumUI
- fosslight_report_[datetime].xlsx : FOSSLight Source Scanner result in spreadsheet format.
- fosslight_report_[datetime].csv : FOSSLight Source Scanner result in csv format.
- scancode_raw_result.json : The ScanCode raw result. (Generated only when the -j option is enabled.)
- scanner_output.wfp : The finger prints generated by SCANOSS. (Generated only when the -j option is enabled.)
- scanoss_raw_result.json : The SCANOSS raw result. (Generated only when the -j option is enabled.)