Scan and list the dependencies in a source code repository.
Supports:
- Go
- NodeJS
- Python
- Ruby
- Java
Dependencies are printed in PackageURL format.
On Fedora:
$ dnf install golang-bin yarnpkg maven rubygem-bundler ruby-devel gcc gcc-c++ npm$ make
go build cmd/deplist/deplist.go$ ./deplist test/testRepo
pkg:npm/[email protected]
pkg:npm/[email protected]
pkg:npm/[email protected]
pkg:npm/[email protected]
...Verbose/debug output:
deplist -debug ./test/testRepo/
DEBU[0000] Checking ./test/testRepo/
DEBU[0000] GetRubyDeps test/testRepo/Gemfile
DEBU[0000] Running env [--chdir=test/testRepo ruby /tmp/gemfile-parser.rb927489446 .]
DEBU[0000] GetGoPkgDeps test/testRepo/Gopkg.lock
DEBU[0000] GetGlideDeps test/testRepo/glide.lock
DEBU[0000] GetGolangDeps test/testRepo/go.mod
...The api functions as follows:
func GetDeps(fullPath string) ([]Dependency, Bitmask, error) {
-
fullPath:
Path to directory with source code.
-
Depenency:
Array of Dependency structs from dependencies.go
-
Bitmask:
A bitmask of found languages:
const (
LangGolang = 1 << iota
LangNodeJS
LangPython
LangRuby
)
-
error:
Standard Go error handling