From 60a1e3846a3b88118b057295691058037614a4e5 Mon Sep 17 00:00:00 2001 From: Leo Zhang Date: Mon, 12 Feb 2018 17:55:41 -0800 Subject: [PATCH] docs: Add basic documentation --- Gopkg.lock | 8 +----- docs/integrations/adding-new-languages.md | 17 +++++++++++++ docs/integrations/bower.md | 26 +++++++++++++++++++ docs/integrations/composer.md | 28 +++++++++++++++++++++ docs/integrations/maven.md | 14 +++++------ docs/integrations/nodejs.md | 26 +++++++++++++++++++ docs/integrations/php.md | 0 docs/integrations/{javascript.md => sbt.md} | 0 docs/integrations/scala.md | 0 test/fixtures/composer/.gitignore | 2 ++ 10 files changed, 107 insertions(+), 14 deletions(-) create mode 100644 docs/integrations/bower.md create mode 100644 docs/integrations/composer.md create mode 100644 docs/integrations/nodejs.md delete mode 100644 docs/integrations/php.md rename docs/integrations/{javascript.md => sbt.md} (100%) delete mode 100644 docs/integrations/scala.md diff --git a/Gopkg.lock b/Gopkg.lock index 4296fd56b1..b3a1ea5ad9 100644 --- a/Gopkg.lock +++ b/Gopkg.lock @@ -61,12 +61,6 @@ revision = "c37440a7cf42ac63b919c752ca73a85067e05992" version = "v0.2.0" -[[projects]] - name = "github.com/satori/go.uuid" - packages = ["."] - revision = "f58768cc1a7a7e77a3bd49e98cdd21419399b6a3" - version = "v1.2.0" - [[projects]] name = "github.com/sergi/go-diff" packages = ["diffmatchpatch"] @@ -220,6 +214,6 @@ [solve-meta] analyzer-name = "dep" analyzer-version = 1 - inputs-digest = "f7643b013e56469e9df97dcc68f3720b4b5abfbbbd6efba66ed6b0086d036116" + inputs-digest = "4d4e95d92ad3d6b6de6a25fa0c4db729da126de7e0106d205c61c9eedc713901" solver-name = "gps-cdcl" solver-version = 1 diff --git a/docs/integrations/adding-new-languages.md b/docs/integrations/adding-new-languages.md index e69de29bb2..a1227bb3af 100644 --- a/docs/integrations/adding-new-languages.md +++ b/docs/integrations/adding-new-languages.md @@ -0,0 +1,17 @@ +# Adding New Languages + +## How language integrations work +You can add support for a languages by creating a `Builder` for that language. +The `Builder` interface describes key functionality that FOSSA CLI relies on to +perform dependency analysis: + +- `Initialize` does initialization for the builder and gathers environment + context (e.g. binary paths). +- `Build` runs a default build of the module if the user requests it. +- `Analyze` returns a list of dependencies in a standard format. +- `IsBuilt` detects whether a module requires a build. + +A `Dependency` is a component with a locator. Locators are built out of 3 parts: +- `Fetcher`: the component's source ecosystem (e.g. `npm` or `mvn`). +- `Package`: the package name in the ecosystem's registries. +- `Revision`: the revision (or version) name in the ecosystem's registries. diff --git a/docs/integrations/bower.md b/docs/integrations/bower.md new file mode 100644 index 0000000000..c5c3f6a9fe --- /dev/null +++ b/docs/integrations/bower.md @@ -0,0 +1,26 @@ +# Bower Support + +Bower support in FOSSA CLI depends on the following tools existing in your environment: + +- Node.js +- Bower + +## Configuration + +Add a `bower` module with the path to the `bower.json` in your project. + +```yaml +analyze: + modules: + - name: your-bower-project + path: bower.json + type: bower +``` + +If you have an existing passing production build, you can run `fossa` from within the build environment and it should succeed. + +Otherwise, you can run `fossa build` to execute the default build command `bower install --production`. + +## Troubleshooting + +FOSSA CLI parses the package manifests in `bower_components` to generate dependency IDs. If FOSSA fails, your build might be failing. \ No newline at end of file diff --git a/docs/integrations/composer.md b/docs/integrations/composer.md new file mode 100644 index 0000000000..6a7dd3bc33 --- /dev/null +++ b/docs/integrations/composer.md @@ -0,0 +1,28 @@ +# Composer Support + +Composer support in FOSSA CLI depends on the following tools existing in your environment: + +- PHP +- Composer + +## Configuration + +Add a `composer` module with the path to the `composer.json` in your project. + +```yaml +analyze: + modules: + - name: your-composer-project + path: composer.json + type: composer +``` + +If you have an existing passing production build, you can run `fossa` from within the build environment and it should succeed. + +Otherwise, you can run `fossa build` to execute the default build command `composer install --no-dev --prefer-dist`. + +## Troubleshooting + +FOSSA CLI runs and parses the output of `composer show -f json` to generate dependency IDs. If FOSSA fails, your build or `composer show -f json` might be failing. + +Run `composer show -f json` and check the output to diagnose what went wrong. \ No newline at end of file diff --git a/docs/integrations/maven.md b/docs/integrations/maven.md index 6610965b02..7ddeafbf1f 100644 --- a/docs/integrations/maven.md +++ b/docs/integrations/maven.md @@ -1,6 +1,6 @@ # Maven Support -Maven support in Fossa CLI depends on the following tools existing in your environment: +Maven support in FOSSA CLI depends on the following tools existing in your environment: - Java - Maven @@ -8,22 +8,22 @@ Maven support in Fossa CLI depends on the following tools existing in your envir ## Configuration -Add a `MavenArtifact` module with the **relative** path to the `pom.xml` in your root directory. +Add a `maven` module with the **relative** path to the `pom.xml` in your root directory. ```yaml analyze: modules: - - name: yourmavenpackage + - name: your-maven-project path: pom.xml - type: MavenArtifact + type: maven ``` -If you have an existing passing production build, you can run `fossa` in your existing environment and it should succeed. +If you have an existing passing production build, you can run `fossa` from within the build environment and it should succeed. -Otherwise, you can run `fossa build` to execute with a default build command `mvn clean install -DskipTests -Drat.skip=true -f $PATH_TO_POM`. +Otherwise, you can run `fossa build` to execute the default build command `mvn clean install -DskipTests -Drat.skip=true -f $PATH_TO_POM`. ## Troubleshooting -Fossa CLI runs and parses the output of the `mvn:dependencyList` plugin to generate dependency IDs. If FOSSA fails, chances are your build or the `mvn:dependencyList` plugin is failing. +FOSSA CLI runs and parses the output of the `mvn:dependencyList` plugin to generate dependency IDs. If FOSSA fails, your build or the `mvn:dependencyList` plugin might be failing. Run `mvn:dependencyList -f $PATH_TO_POM` and check the output to diagnose what went wrong. \ No newline at end of file diff --git a/docs/integrations/nodejs.md b/docs/integrations/nodejs.md new file mode 100644 index 0000000000..b948eac33e --- /dev/null +++ b/docs/integrations/nodejs.md @@ -0,0 +1,26 @@ +# Node.js Support + +Node.js support in FOSSA CLI depends on the following tools existing in your environment: + +- Node.js +- Either Yarn or NPM + +## Configuration + +Add a `nodejs` module with the path to the `package.json` in your project. + +```yaml +analyze: + modules: + - name: your-nodejs-project + path: package.json + type: nodejs +``` + +If you have an existing passing production build, you can run `fossa` from within the build environment and it should succeed. + +Otherwise, you can run `fossa build` to execute the default build command. If a Yarn lockfile is detected, FOSSA will run `yarn install --production --frozen-lockfile`. Otherwise, it will run `npm install --production`. + +## Troubleshooting + +FOSSA CLI parses the package manifests in `node_modules` to generate dependency IDs. If FOSSA fails, your build might be failing. \ No newline at end of file diff --git a/docs/integrations/php.md b/docs/integrations/php.md deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/docs/integrations/javascript.md b/docs/integrations/sbt.md similarity index 100% rename from docs/integrations/javascript.md rename to docs/integrations/sbt.md diff --git a/docs/integrations/scala.md b/docs/integrations/scala.md deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/test/fixtures/composer/.gitignore b/test/fixtures/composer/.gitignore index cc74855aa3..550c215c72 100644 --- a/test/fixtures/composer/.gitignore +++ b/test/fixtures/composer/.gitignore @@ -1,2 +1,4 @@ +# This is from Sylius + vendor bin \ No newline at end of file