Updated documentation, added plugin info

BBVA · May 7, 2019 · 75664ba · 75664ba
1 parent 1cd7852
commit 75664ba
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 3 deletions.
diff --git a/README.rst b/README.rst
@@ -1,7 +1,7 @@
 Deeptracy
 =========
 
-.. image::  https://raw.githubusercontent.com/BBVA/deeptracy/develop/docs/_static/deeptracy-logo-small.png
+.. image::  _static/deeptracy-logo-small.png
   :alt: Deeptracy logo
   :width: 250 px
   :align: center
@@ -12,13 +12,13 @@ Deeptracy scans your project dependencies to spot vulnerabilities.
 Is a meta tool to analyze the security issues in third party libraries used in
 your project.
 
-We have created **this project to simplify this process** and you can focus
+We have created **this project to simplify this process** so you can focus
 only in the important: your project.
 
 **Deeptracy** can choose the most suitable security tools for each languages
 and notify the spotted vulnerabilities in the project dependencies.
 
-You can learn more about Deeptracy in the `official documentation`_. 
+You can learn more about Deeptracy in the `official documentation`_.
 
 This project is distributed under `Apache License`_.
 

diff --git a/docs/source/index.rst b/docs/source/index.rst
@@ -7,5 +7,6 @@
    architecture
    installation
    configuration
+   plugins
    usage
    api
diff --git a/docs/source/plugins.rst b/docs/source/plugins.rst
@@ -0,0 +1,41 @@
+Deeptracy plugins
+=================
+
+The dependency extraction proccess is carried out by Buildbot. It leverages on a plugin architecture in which separated components, the plugins, provide different ways, called tasks, of doing de extraction. Each plugin gives support for a particular programming language.
+
+
+Available plugins
+-----------------
+
+Currently Deeptracy offers several plugins to do dependency extraction that give support to the main programming languages.
+
+Dependencycheck
+~~~~~~~~~~~~~~~
+
+This plugin is intended for java projects, and uses the OWASP Dependencycheck utility (version 4.0.2) to do the dependency extraction.
+
+It publishes one task 'dependency_check'.
+
+Maven
+~~~~~
+
+A set of plugins intended for java projects that use Maven to do the dependency extraction, each plugin gives support for a specific version of Maven.
+
+Each plugin publishes one task 'mvn_dependencytree'
+
+Npm
+~~~
+
+A set of plugins intended for javascript projects that use Npm to do the dependency extraction, each plugin gives support for a specific version of Npm.
+
+Each plugin publishes one task 'npm_install'
+
+
+python
+~~~~~~
+
+A set of plugins intended for Python project, each plugin gives support for a specific version of Python.
+
+Each plugin publishes two task:
+- 'requirement_file', for doing the dependency extraction by analyzing the project's requirements.txt file.
+- 'pip_install',  for doing the dependency extraction by using the pip utility.