Fossa supports fpm package manifests

[awvwgk]

Just found that fossa supports fpm package manifests for scanning dependency graphs:

https://github.com/fossas/fossa-cli/blob/master/docs/references/strategies/languages/fortran/fortran.md

[ivan-pi]

That's a great sign fpm is starting to be taken seriously. The static dependency analysis looks like something which could also be done in fpm. The bigger question which I guess Fossa answers is what can one do with this information.

I wonder what it would take to get fpm included in GitHub Packages. Such packages display their dependencies directly on their respective GitHub landing page. On the other hand Julia and Rust prefer to manage their own package registries. Personally, I'd kind of prefer to see Fortran remain kind of "decentralized" so no organization has too much power. (I attribute the (former) poor state of Fortran open source at least partially to the big library vendors).