Scan and list the dependencies in a source code repository.
Supports:
- Go
- Java
- NodeJS
- Python
- Ruby
- Rust
Dependencies are printed in PackageURL format.
On Fedora:
dnf install golang-bin yarnpkg rubygem-bundler ruby-devel npm$ make
go build cmd/deplist/deplist.go$ ./deplist test/testRepo
pkg:npm/[email protected]
pkg:npm/[email protected]
pkg:npm/[email protected]
pkg:npm/[email protected]
...Verbose/debug output:
deplist -debug ./test/testRepo/
DEBU[0000] Checking ./test/testRepo/
DEBU[0000] GetRubyDeps test/testRepo/Gemfile
DEBU[0000] Running env [--chdir=test/testRepo ruby /tmp/gemfile-parser.rb927489446 .]
DEBU[0000] GetGoPkgDeps test/testRepo/Gopkg.lock
DEBU[0000] GetGlideDeps test/testRepo/glide.lock
DEBU[0000] GetGolangDeps test/testRepo/go.mod
...The api functions as follows:
func GetDeps(fullPath string, ignoreDirs ...string) ([]Dependency, Bitmask, error) {-
fullPath:
Path to directory with source code.
-
Dependency:
Array of Dependency structs from dependencies.go
-
Bitmask:
A bitmask of found languages:
const (
LangGolang = 1 << iota
LangJava
LangNodeJS
LangPython
LangRuby
LangRust
)-
error:
Standard Go error handling