Blurb mentioning Jar analysis.

fossas · Jun 28, 2024 · 8d2a16d · 8d2a16d
1 parent b80a6d5
commit 8d2a16d
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 0 deletions.
diff --git a/docs/README.md b/docs/README.md
@@ -99,6 +99,7 @@ Concept guides explain the nuances behind how basic FOSSA primitives work. If yo
   - [From Docker Engine](./references/subcommands/container/scanner.md#2-from-docker-engine)
   - [From Container Registries](./references/subcommands/container/scanner.md#3-from-registries)
 - [Supported Container Package Managers](./references/subcommands/container/scanner.md#supported-container-package-managers)
+  - [Container Jar File Analysis](./references/subcommands/container/scanner.md#container-jar-analysis)
 - [Viewing Detected Projects](./references/subcommands/container/scanner.md#view-detected-projects)
 - [Configuring Container Analysis Targets](./references/subcommands/container/scanner.md#utilize-analysis-target-configuration)
 - [Integrating Container Scanning in CI](./walkthroughs/container-scanning-generic-ci.md)

diff --git a/docs/references/subcommands/container/scanner.md b/docs/references/subcommands/container/scanner.md
@@ -8,6 +8,7 @@
     - [2) From Docker Engine](#2-from-docker-engine)
     - [3) From registries](#3-from-registries)
   - [Container image analysis](#container-image-analysis)
+    - [Container Jar analysis](#container-jar-analysis)
     - [View detected projects](#view-detected-projects)
       - [Command output](#command-output)
     - [Utilize analysis target configuration](#utilize-analysis-target-configuration)
@@ -204,6 +205,14 @@ The new container scanner scans in two steps:
 1. The base layer.
 2. The rest of the layers, squashed. 
 
+### Container JAR analysis
+
+The container analyzer will try to find Java Archive (Jar) files inside each layer.
+It will then report them to FOSSA which will try to match the Jar files to the project they are a build artifact from.
+
+This process relies on there being a back-end that can perform that analysis.
+SaaS customers should have this functionality available but on-prem customers may need to contact FOSSA support to have it enabled.
+
 ### Supported Container Package Managers
 The following package managers are supported in container scanning:
 
@@ -225,6 +234,7 @@ The following package managers are supported in container scanning:
 | Nim (nimble)                         | :warning:          | [Nim](./../../strategies/languages/nim/nimble.md)                |
 | Dart (pub)                           | :warning:          | [Dart](./../../strategies/languages/dart/pub.md)                 |
 | Maven                                | :warning:          | [Maven](./../../strategies/languages/maven/maven.md)             |
+| Java Jar Files                       | :white_check_mark: | [Container Jar Analysis](#container-jar-analysis)_               |
 | Golang (gomod)                       | :x:                | N/A                                                              |
 | Rust (cargo)                         | :x:                | N/A                                                              |
 | Haskell (cabal, stack)               | :x:                | N/A                                                              |