The FOSSA CLI leverages the built/installed project and it's package manager and queries these tools for the installed dependencies and then FOSSA will in turn analyze these packages for their dependency information. Our list of supported languages and package managers is useful for seeing what the CLI will support.
If you want to see an example of what we send, you can run the fossa analyze
command with the -o
or --output
flag (e.g. fossa analyze -o
) and it will output the JSON that we send to the server. Below is an example of the output of a small FOSS project called Gist (run through jq
for nicer formatting) but you can test this on your own projects if you have further questions about what will be sent from your projects.
michael@smolbook:~/tmp/repos/gist (master)$ FOSSA_API_KEY= XXXX fossa analyze -o |jq '.'
⢿ Analyzing module (1/1): Gemfile WARNING Could not resolve Bundler
[
{
"Name": "Gemfile",
"Type": "gem",
"Manifest": ".",
"Build": {
"Artifact": "default",
"Context": null,
"Succeeded": true,
"Imports": [
"gem+gist$5.0.0",
"gem+rake$13.0.1",
"gem+ronn$0.7.3",
"gem+rspec$3.9.0",
"gem+webmock$3.7.6"
],
"Dependencies": [
{
"locator": "gem+rspec-support$3.9.2"
},
{
"locator": "gem+gist$5.0.0"
},
{
"locator": "gem+diff-lcs$1.3"
},
{
"locator": "gem+hashdiff$1.0.0"
},
{
"locator": "gem+rdiscount$2.2.0.1"
},
{
"locator": "gem+ronn$0.7.3",
"imports": [
"gem+hpricot$0.8.6",
"gem+mustache$1.1.1",
"gem+rdiscount$2.2.0.1"
]
},
{
"locator": "gem+addressable$2.7.0",
"imports": [
"gem+public_suffix$4.0.3"
]
},
{
"locator": "gem+mustache$1.1.1"
},
{
"locator": "gem+rspec$3.9.0",
"imports": [
"gem+rspec-core$3.9.1",
"gem+rspec-expectations$3.9.0",
"gem+rspec-mocks$3.9.1"
]
},
{
"locator": "gem+rspec-core$3.9.1",
"imports": [
"gem+rspec-support$3.9.2"
]
},
{
"locator": "gem+rspec-mocks$3.9.1",
"imports": [
"gem+diff-lcs$1.3",
"gem+rspec-support$3.9.2"
]
},
{
"locator": "gem+crack$0.4.3",
"imports": [
"gem+safe_yaml$1.0.5"
]
},
{
"locator": "gem+hpricot$0.8.6"
},
{
"locator": "gem+public_suffix$4.0.3"
},
{
"locator": "gem+rake$13.0.1"
},
{
"locator": "gem+webmock$3.7.6",
"imports": [
"gem+addressable$2.7.0",
"gem+crack$0.4.3",
"gem+hashdiff$1.0.0"
]
},
{
"locator": "gem+rspec-expectations$3.9.0",
"imports": [
"gem+diff-lcs$1.3",
"gem+rspec-support$3.9.2"
]
},
{
"locator": "gem+safe_yaml$1.0.5"
}
]
}
}
]
Comments
0 comments
Please sign in to leave a comment.