Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

fosslight-dependency

Package Overview
Dependencies
Maintainers
2
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

fosslight-dependency

FOSSLight Dependency Scanner

  • 4.1.2
  • PyPI
  • Socket score

Maintainers
2

FOSSLight Dependency Scanner

<img src="https://img.shields.io/pypi/l/fosslight_dependency" alt="License" /> <a href="https://pypi.org/project/fosslight-dependency/"><img src="https://img.shields.io/pypi/v/fosslight_dependency" alt="Current python package version." />``</a> <img src="https://img.shields.io/pypi/pyversions/fosslight_dependency" /> REUSE status

💡 Introduction

This is the tool that supports the analysis of dependencies for multiple package managers. It detects the manifest file of package managers automatically and analyzes the dependencies with using open source tools. Then, it generates the report file that contains OSS information of dependencies.

📖 User Guide

We describe the user guide in the FOSSLight Guide page. In this user guide, you can see how to install the FOSSLight Dependency Scanner and how to set up the prerequisite step and run it according to the package manager of your project. Also, you can check the results of the FOSSLight Dependency Scanner.

👀 Package Support Level

Language/
Project
Package ManagerManifest fileDirect dependenciesTransitive dependenciesRelationship of dependencies
(Dependencies of each dependency)
JavascriptNpmpackage.jsonOOO
JavaGradlebuild.gradleOOO
Mavenpom.xmlOOO
Java (Android)Gradlebuild.gradleOOO
ObjC, Swift (iOS)CocoapodsPodfile.lockOOO
CarthageCartfile.resolvedOOX
Swift (iOS)SwiftPackage.resolvedOOO
Dart, FlutterPubpubspec.yamlOOO
GoGogo.modOOO
PythonPypirequirements.txt, setup.py, pyproject.tomlOOO
.NETNugetpackages.config, obj/project.assets.jsonOOO
KubernetesHelmChart.yamlOXX
UnityUnityLibrary/PackageManager/ProjectCacheOOX
RustCargoCargo.tomlOOO

👏 Contributing Guide

We always welcome your contributions. Please see the CONTRIBUTING guide for how to contribute.

📄 License

Copyright (c) 2020 LG Electronics, Inc. FOSSLight Dependency Scanner is licensed under Apache-2.0, as found in the LICENSE file.

FAQs


Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc