(Enterprise Only) FOSSLight Scanner Service

Overview

Source, binary and dependency analysis is performed using FOSSLight Scanneras a web service. Analysis results are generated in the form of a FOSSLight Report.

How to use

Login

Create a Project

  1. Click the "New Project" button in the upper right corner to create a project.
    New Project

  2. Enter the contents in "Create a Project".
    Creat a Project

    • Name : Enter the Project name.
    • Inputs : Select sources to analyze.
      • Upload files : Compress and upload files to be analyzed. (Please upload only 1 file.)
        ⚠️ You can upload up to 3GB.
      • Download URLs : Enter the source link to be analyzed (link that can be obtained through "wget" or "git clone")
        • Public
          • The example of input value
            • wget : github.com/LGE-OSS/example/archive/refs/tags/v1.0.0.zip
            • git clone : github.com/LGE-OSS/example
        • Private Git
          • http:// or https:// : You must enter the user name and PAT value.
          • ssh:// : Copy the provided ssh key value and register it in your private git repository. ⚠️ Please use PAT instead of ssh for github.
            ssh
    • Pipeline
      • scan_all : Analyze source, binary, dependency.
      • source : Analyze only the source code.
      • binary : Analyze only binary.
      • dependency : Analyze only dependency.
    • Permission
      • Private : Only the creator can view.
      • Public : Other people can view the project and download analysis results through the link.

Analysis Result

analysis_result

  1. Dependencies
    • The number displayed under Dependencies indicates the count of dependency analysis results. Clicking this number allows you to view the list of open source packages detected through dependency analysis. dependencies
  2. Detected Open Source
    • The number displayed under Detected Open Source indicates the count of source and binary analysis results. Clicking this number allows you to view the list of open source detected through source and binary analysis. detected_opensource
      • When you click on the file name in the Path column, you can view the contents of that file. file_viewer
  3. Download results
    • You can download the analysis result file.
      • FOSSLight Scanner Result : This is a report that can be uploaded during the Identification process in FOSSLight Hub.
  4. Files
    • You can view the detection results for each analyzed file in File Tree format. (Since these are file-specific detection results, FOSSLight Dependency results are not included)