deplist

Scan and list the dependencies in a source code repository.

Supports:

Go
NodeJS
Python
Ruby
Java

Dependencies are printed in PackageURL format.

Requirements

On Fedora:

$ dnf install golang-bin yarnpkg maven rubygem-bundler ruby-devel gcc gcc-c++ npm

Command Line

Build from source

$ make
go build cmd/deplist/deplist.go

Run

$ ./deplist test/testRepo
pkg:npm/d3-scale-chromatic@2.0.0
pkg:npm/d3-time@2.0.0
pkg:npm/prop-types@15.7.2
pkg:npm/react@16.13.1
...

Verbose/debug output:

 deplist -debug ./test/testRepo/
DEBU[0000] Checking ./test/testRepo/
DEBU[0000] GetRubyDeps test/testRepo/Gemfile
DEBU[0000] Running env [--chdir=test/testRepo ruby /tmp/gemfile-parser.rb927489446 .]
DEBU[0000] GetGoPkgDeps test/testRepo/Gopkg.lock
DEBU[0000] GetGlideDeps test/testRepo/glide.lock
DEBU[0000] GetGolangDeps test/testRepo/go.mod
...

API

The api functions as follows:

func GetDeps(fullPath string) ([]Dependency, Bitmask, error) {

Parameters

fullPath:

Path to directory with source code.

Returns

Depenency:

Array of Dependency structs from dependencies.go
Bitmask:

A bitmask of found languages:

const (
	LangGolang = 1 << iota
	LangNodeJS
	LangPython
	LangRuby
)

error:

Standard Go error handling

Name		Name	Last commit message	Last commit date
Latest commit History 110 Commits
.github/workflows		.github/workflows
cmd/deplist		cmd/deplist
internal		internal
test/testRepo		test/testRepo
vendor		vendor
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
dependencies.go		dependencies.go
deplist.go		deplist.go
deplist_test.go		deplist_test.go
go.mod		go.mod
go.sum		go.sum

License

RedHatProductSecurity/deplist

Folders and files

Latest commit

History

Repository files navigation

deplist

Requirements

Command Line

Build from source

Run

API

Parameters

Returns

About

Resources

License

Stars

Watchers

Forks

Languages