| published | true |
|---|---|
| title | γ΄ FOSSLight Source Scanner |
FOSSLight Source Scannerλ ScanCode, SCANOSSμ KB(LGE Only) modeλ‘ λμν©λλ€.
- ScanCode : νμΌ μμ ν¬ν¨λ Copyrightκ³Ό License 문ꡬλ₯Ό κ²μΆν©λλ€.
- SCANOSS : OSS Name, OSS Version, Download Location, Copyright, License μ 보λ₯Ό OSSKBμμ κ²μν©λλ€.
- KB(LGE Only) : LGμ μμμ ꡬμΆν Knowledge Database μλ²λ‘λΆν° ν΄λΉ νμΌμ μΆμ²λ₯Ό μ‘°ννμ¬ OSS Name, OSS Version, Download Location μ 보λ₯Ό μΆλ ₯ν©λλ€.
Build Script, Binary, Directory, νΉμ Directory (ex-test), μ¨κΉ ν΄λ μμ νμΌμ μ μΈλ©λλ€.
{: .left-bar-title}
FOSSLight Source Scannerλ pip3λ₯Ό μ΄μ©νμ¬ μ€μΉν μ μμ΅λλ€.
python 3.10 + virtualenv νκ²½μμ μ€μΉν κ²μ κΆμ₯ν©λλ€.
$ pip3 install fosslight_source
{: .left-bar-title}
Source Code λΆμμ μ€νν ν FOSSLight Report νμμΌλ‘ μΆλ ₯ν©λλ€.
$ fosslight_source [option] <arguments>
{: .specific-title}
π Usage
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
fosslight_source [options] <arguments>
π Description
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
FOSSLight Source Scanner analyzes source code to detect copyright and
license information using several modes.
Note: Build scripts, binary files, and test directories are automatically
excluded from analysis.
π Guide: https://fosslight.org/fosslight-guide/scanner/2_source.html
βοΈ General Options
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
-p <path> Source path to analyze (default: current directory)
-o <path> Output file path or directory
-f <format> Output formats: excel, csv, opossum, yaml, spdx-yaml, spdx-json, spdx-xml, spdx-tag, cyclonedx-json, cyclonedx-xml
(multiple formats can be specified, separated by space)
-e <pattern> Exclude paths from analysis (files and directories)
β οΈ IMPORTANT: Always wrap in quotes to avoid shell expansion
Example: fosslight_source -e "dev/" "tests/" "*.jar"
-m Generate detailed scan results on separate sheets
-h Show this help message
-v Show version information
π Scanner-Specific Options
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
-s <mode> Choose mode: scancode, scanoss, kb, or all(default)
-c <number> Number of CPU cores/threads to use for scanning
-t <seconds> Timeout in seconds for ScanCode scanning
-j Generate raw scanner results in JSON format
--no_correction Skip OSS information correction with sbom-info.yaml
--correct_fpath <path> Path to custom sbom-info.yaml file
--hide_progress Hide the progress bar during scanning
π‘ Examples
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
# Scan current directory
fosslight_source
# Scan specific path with exclusions
fosslight_source -p /path/to/source -e "test/" "node_modules/"
# Generate output in specific format
fosslight_source -f excel -o results/
# Generate raw scanner results in JSON format
fosslight_source -p /path/to/source -j
- -s μ΅μ μ΄ μΆκ°λμ§ μμ κ²½μ° all λͺ¨λ(ScanCode, SCANOSS, KB)κ° λμν κ²°κ³Όκ° μ·¨ν©λ©λλ€.
- -e μ΅μ
κ΄λ ¨ Pattern λ§€μΉ κ°μ΄λ
β οΈ μ¬μ© μ λ°λμ μ λ°μ΄ν("")λ₯Ό μ΄μ©νμ¬ μ λ ₯νμκΈ° λ°λλλ€.- μμ) fosslight_source -e "dev/" "tests/"
β οΈ μ λ ₯ μ νμΌλͺ κ³Ό νμ₯μλ λμλ¬Έμλ₯Ό μ νν ꡬλΆν΄μΌ ν©λλ€.
{: .specific-title} Source Code λΆμ
$ fosslight_source -p /home/source_path
{: .left-bar-title}
$ tree
.
βββ fosslight_log_src_260311_1503.txt
βββ fosslight_report_src_260311_1544.xlsx
- fosslight_log_src_[datetime].txt : μ€ν λ‘κ·Έκ° μ μ₯λ νμΌ
- fosslight_report_src_[datetime].xlsx : FOSSLight Report ννμ Source Code λΆμ κ²°κ³Ό
- fosslight_opossum_src_[datetime].json : OpossumUIμμ νμ© κ°λ₯ν Source Code λΆμ κ²°κ³Ό ( -f opossum μ΅μ )
- fosslight_report_src_[datetime].csv : FOSSLight Reportλ₯Ό csvλ‘ μΆλ ₯ν κ²°κ³Ό ( -f csv μ΅μ )
- scancode_raw_result.json : ScanCode μ€ν κ²°κ³Ό ( -j μ΅μ )
- scanoss_raw_result.json : SCANOSS μ€ν κ²°κ³Ό ( -j μ΅μ )
- scanner_output.wfp : SCANOSS μ€ν μ μμ±λ Finger Print ( -j μ΅μ )