<!--
Copyright (c) 2021 LG Electronics
SPDX-License-Identifier: Apache-2.0
-->
# FOSSLight Scanner
<strong>Analyze at once for Open Source Compliance.</strong><br>
<img src="https://img.shields.io/pypi/l/fosslight_scanner" alt="FOSSLight Scanner is released under the Apache-2.0." /> <img src="https://img.shields.io/pypi/v/fosslight_scanner" alt="Current python package version." /> <img src="https://img.shields.io/pypi/pyversions/fosslight_scanner" /> [](https://api.reuse.software/info/github.com/fosslight/fosslight_scanner)
**FOSSLight Scanner** performs open source analysis after downloading the source by passing a link that can be cloned by wget or git. Instead, open source analysis can be performed for the local source path. The output result is generated in [FOSSLight Report][or] format.
- **[FOSSLight Prechecker][re]** Check whether the [source code's copyright and license writing rules][rule] are complied with.
- **[FOSSLight Source Scanner][s]** Extract license and copyright in the source code using [ScanCode][sc].
- **[FOSSLight Dependency Scanner][d]** Extract dependency and OSS information from the package manager's manifest file.
- **[FOSSLight Binary Scanner][flbin]** Find binary and print OSS information.
[s]: https://github.com/fosslight/fosslight_source_scanner
[d]: https://github.com/fosslight/fosslight_dependency_scanner
[sc]: https://github.com/nexB/scancode-toolkit
[or]: https://fosslight.org/fosslight-guide-en/learn/2_fosslight_report.html
[flbin]: https://github.com/fosslight/fosslight_binary_scanner
[re]: https://github.com/fosslight/fosslight_prechecker
[rule]: https://oss.lge.com/guide/process/osc_process/1-identification/copyright_license_rule.html
## Contents
- [FOSSLight Scanner](#fosslight-scanner)
- [Contents](#contents)
- [📋 Prerequisite](#-prerequisite)
- [🎉 How to install](#-how-to-install)
- [🚀 How to run](#-how-to-run)
- [Parameters](#parameters)
- [Ex 1. Local Source Analysis](#ex-1-local-source-analysis)
- [Ex 2. Download Link and analyze](#ex-2-download-link-and-analyze)
- [📁 Result](#-result)
- [🐳 How to run using Docker](#-how-to-run-using-docker)
- [👏 How to report issue](#-how-to-report-issue)
- [📄 License](#-license)
## 📋 Prerequisite
FOSSLight Scanner needs a Python 3.10+.
## 🎉 How to install
It can be installed using pip3. It is recommended to install it in the [virtualenv]([etc/guide_virtualenv.md](https://fosslight.org/fosslight-guide-en/scanner/etc/guide_virtualenv.html)) environment.
```
$ pip3 install fosslight_scanner
```
## 🚀 How to run
FOSSLight Scanner is run with the **fosslight** command.
```
fosslight [Mode] [option1] <arg1> [option2] <arg2>...
```
### Parameters
Mode
```
all Run all scanners(Default)
source Run FOSSLight Source
dependency Run FOSSLight Dependency
binary Run FOSSLight Binary
prechecker Run FOSSLight Prechecker
compare Compare two FOSSLight reports
```
Options:
```
-h Print help message
-p <path> Path to analyze (ex, -p {input_path})
* Compare mode input file: Two FOSSLight reports (supports excel, yaml)
(ex, -p {before_name}.xlsx {after_name}.xlsx)
-w <link> Link to be analyzed can be downloaded by wget or git clone
-f <format> FOSSLight Report file format (excel, yaml)
* Compare mode result file: supports excel, json, yaml, html
-o <output> Output directory or file
-c <number> Number of processes to analyze source
-e <path> Path to exclude from analysis (ex, -e {dir} {file})
-r Keep raw data
-t Hide the progress bar
-v Print FOSSLight Scanner version
-s <path> Path to apply setting from json file (check format with 'setting.json' in this repository)
* Direct cli flags have higher priority than setting file
(ex, '-f yaml -s setting.json' - result file extension is .yaml)
```
- Refs.
- Additional arguments for running dependency analysis. See the [FOSSLight Dependency Guide][fd_guide] for instructions.
- In the case of DB URL, it is the [DB connection information to be used in FOSSLight Binary][flbindb].
[flbindb]: https://fosslight.org/fosslight-guide-en/scanner/etc/binary_db.html
[fd_guide]: https://fosslight.org/fosslight-guide-en/scanner/2_dependency.html
### Ex 1. Local Source Analysis
```
$ fosslight all -p /home/source_path -d "-a 'source /test/Projects/venv/bin/activate' -d 'deactivate'"
```
### Ex 2. Local Source Analysis with Path to Exclude
```
$ fosslight all -p /home/source_path -e temp_dir src/temp.py
```
### Ex 3. Download Link and analyze
```
$ fosslight all -o test_result_wget -w "https://github.com/LGE-OSS/example.git"
```
If you want to analyze private repository, set your github token like below.
```
$ fosslight all -w "https://my_github_token@github.com/Foo/private_repo
```
### Ex 4. Compare the BOM of two FOSSLight reports with yaml or excel format and check the oss status (change/add/delete)
```
$ fosslight compare -p FOSSLight_before_proj.yaml FOSSLight_after_proj.yaml -f excel
```
## 📁 Result
```
$ tree
.
├── fosslight_log
│ ├── fosslight_log_20210924_022422.txt
└── FOSSLight-Report_20210924_022422.xlsx
```
- FOSSLight_Report-[datetime].xlsx : OSS Report format file that outputs source code analysis, binary analysis, and dependency analysis results.
- fosslight_raw_data_[datetime] directory: Directory in which raw data files are created as a result of analysis
## 🐳 How to run using Docker
1. Build image using Dockerfile.
```
$docker build -t fosslight .
```
2. Run with the image you built.
ex. Output: /Users/fosslight_source_scanner/test_output, Path to be analyzed: tests/test_files
```
$docker run -it -v /Users/fosslight_source_scanner/test_output:/app/output fosslight -p tests/test_files -o output
```
## 👏 How to report issue
Please report any ideas or bugs to improve by creating an issue in [fosslight_scanner repository][cl].
Then there will be quick bug fixes and upgrades. Ideas to improve are always welcome.
[cl]: https://github.com/fosslight/fosslight_scanner/issues
## 📄 License
FOSSLight Scanner is released under [Apache-2.0][l].
[l]: https://github.com/fosslight/fosslight_scanner/blob/main/LICENSE
Raw data
{
"_id": null,
"home_page": "https://github.com/fosslight/fosslight_scanner",
"name": "fosslight-scanner",
"maintainer": null,
"docs_url": null,
"requires_python": "<3.13,>=3.10",
"maintainer_email": null,
"keywords": null,
"author": "LG Electronics",
"author_email": null,
"download_url": "https://files.pythonhosted.org/packages/9d/f4/f46fd7d70ba4aef4486b3f78bd00132ce6c9b86908b3ca3fd976e40809b2/fosslight_scanner-2.1.8.tar.gz",
"platform": null,
"description": "<!--\nCopyright (c) 2021 LG Electronics\nSPDX-License-Identifier: Apache-2.0\n -->\n\n# FOSSLight Scanner\n<strong>Analyze at once for Open Source Compliance.</strong><br>\n\n<img src=\"https://img.shields.io/pypi/l/fosslight_scanner\" alt=\"FOSSLight Scanner is released under the Apache-2.0.\" /> <img src=\"https://img.shields.io/pypi/v/fosslight_scanner\" alt=\"Current python package version.\" /> <img src=\"https://img.shields.io/pypi/pyversions/fosslight_scanner\" /> [](https://api.reuse.software/info/github.com/fosslight/fosslight_scanner)\n\n\n**FOSSLight Scanner** performs open source analysis after downloading the source by passing a link that can be cloned by wget or git. Instead, open source analysis can be performed for the local source path. The output result is generated in [FOSSLight Report][or] format.\n\n- **[FOSSLight Prechecker][re]** Check whether the [source code's copyright and license writing rules][rule] are complied with.\n- **[FOSSLight Source Scanner][s]** Extract license and copyright in the source code using [ScanCode][sc].\n- **[FOSSLight Dependency Scanner][d]** Extract dependency and OSS information from the package manager's manifest file.\n- **[FOSSLight Binary Scanner][flbin]** Find binary and print OSS information.\n\n[s]: https://github.com/fosslight/fosslight_source_scanner\n[d]: https://github.com/fosslight/fosslight_dependency_scanner\n[sc]: https://github.com/nexB/scancode-toolkit\n[or]: https://fosslight.org/fosslight-guide-en/learn/2_fosslight_report.html\n[flbin]: https://github.com/fosslight/fosslight_binary_scanner\n[re]: https://github.com/fosslight/fosslight_prechecker\n[rule]: https://oss.lge.com/guide/process/osc_process/1-identification/copyright_license_rule.html\n\n## Contents\n\n- [FOSSLight Scanner](#fosslight-scanner)\n - [Contents](#contents)\n - [\ud83d\udccb Prerequisite](#-prerequisite)\n - [\ud83c\udf89 How to install](#-how-to-install)\n - [\ud83d\ude80 How to run](#-how-to-run)\n - [Parameters](#parameters)\n - [Ex 1. Local Source Analysis](#ex-1-local-source-analysis)\n - [Ex 2. Download Link and analyze](#ex-2-download-link-and-analyze)\n - [\ud83d\udcc1 Result](#-result)\n - [\ud83d\udc33 How to run using Docker](#-how-to-run-using-docker)\n - [\ud83d\udc4f How to report issue](#-how-to-report-issue)\n - [\ud83d\udcc4 License](#-license)\n\n\n## \ud83d\udccb Prerequisite\n\nFOSSLight Scanner needs a Python 3.10+.\n\n## \ud83c\udf89 How to install\n\n\nIt can be installed using pip3. It is recommended to install it in the [virtualenv]([etc/guide_virtualenv.md](https://fosslight.org/fosslight-guide-en/scanner/etc/guide_virtualenv.html)) environment.\n\n```\n$ pip3 install fosslight_scanner\n```\n\n## \ud83d\ude80 How to run\n\nFOSSLight Scanner is run with the **fosslight** command.\n``` \nfosslight [Mode] [option1] <arg1> [option2] <arg2>...\n``` \n### Parameters \nMode\n``` \n all Run all scanners(Default)\n source Run FOSSLight Source\n dependency Run FOSSLight Dependency\n binary Run FOSSLight Binary\n prechecker Run FOSSLight Prechecker\n compare Compare two FOSSLight reports\n``` \nOptions:\n``` \n -h Print help message\n -p <path> Path to analyze (ex, -p {input_path})\n * Compare mode input file: Two FOSSLight reports (supports excel, yaml)\n (ex, -p {before_name}.xlsx {after_name}.xlsx)\n -w <link> Link to be analyzed can be downloaded by wget or git clone\n -f <format> FOSSLight Report file format (excel, yaml)\n * Compare mode result file: supports excel, json, yaml, html\n -o <output> Output directory or file\n -c <number> Number of processes to analyze source\n -e <path> Path to exclude from analysis (ex, -e {dir} {file})\n -r Keep raw data\n -t Hide the progress bar\n -v Print FOSSLight Scanner version\n -s <path> Path to apply setting from json file (check format with 'setting.json' in this repository)\n * Direct cli flags have higher priority than setting file\n (ex, '-f yaml -s setting.json' - result file extension is .yaml)\n```\n- Refs. \n - Additional arguments for running dependency analysis. See the [FOSSLight Dependency Guide][fd_guide] for instructions.\n - In the case of DB URL, it is the [DB connection information to be used in FOSSLight Binary][flbindb].\n\n[flbindb]: https://fosslight.org/fosslight-guide-en/scanner/etc/binary_db.html\n[fd_guide]: https://fosslight.org/fosslight-guide-en/scanner/2_dependency.html\n\n### Ex 1. Local Source Analysis\n```\n$ fosslight all -p /home/source_path -d \"-a 'source /test/Projects/venv/bin/activate' -d 'deactivate'\"\n```\n\n### Ex 2. Local Source Analysis with Path to Exclude\n```\n$ fosslight all -p /home/source_path -e temp_dir src/temp.py\n```\n\n### Ex 3. Download Link and analyze\n```\n$ fosslight all -o test_result_wget -w \"https://github.com/LGE-OSS/example.git\"\n```\nIf you want to analyze private repository, set your github token like below.\n```\n$ fosslight all -w \"https://my_github_token@github.com/Foo/private_repo\n```\n\n### Ex 4. Compare the BOM of two FOSSLight reports with yaml or excel format and check the oss status (change/add/delete)\n```\n$ fosslight compare -p FOSSLight_before_proj.yaml FOSSLight_after_proj.yaml -f excel\n```\n\n## \ud83d\udcc1 Result\n\n```\n$ tree\n.\n\u251c\u2500\u2500 fosslight_log\n\u2502\u00a0\u00a0 \u251c\u2500\u2500 fosslight_log_20210924_022422.txt\n\u2514\u2500\u2500 FOSSLight-Report_20210924_022422.xlsx\n```\n\n- FOSSLight_Report-[datetime].xlsx : OSS Report format file that outputs source code analysis, binary analysis, and dependency analysis results.\n- fosslight_raw_data_[datetime] directory: Directory in which raw data files are created as a result of analysis\n\n## \ud83d\udc33 How to run using Docker\n1. Build image using Dockerfile.\n```\n$docker build -t fosslight .\n```\n2. Run with the image you built. \nex. Output: /Users/fosslight_source_scanner/test_output, Path to be analyzed: tests/test_files\n```\n$docker run -it -v /Users/fosslight_source_scanner/test_output:/app/output fosslight -p tests/test_files -o output\n```\n\n## \ud83d\udc4f How to report issue\n\nPlease report any ideas or bugs to improve by creating an issue in [fosslight_scanner repository][cl]. \nThen there will be quick bug fixes and upgrades. Ideas to improve are always welcome.\n\n[cl]: https://github.com/fosslight/fosslight_scanner/issues\n\n## \ud83d\udcc4 License\n\nFOSSLight Scanner is released under [Apache-2.0][l].\n\n[l]: https://github.com/fosslight/fosslight_scanner/blob/main/LICENSE\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "FOSSLight Scanner",
"version": "2.1.8",
"project_urls": {
"Download": "https://github.com/fosslight/fosslight_scanner",
"Homepage": "https://github.com/fosslight/fosslight_scanner"
},
"split_keywords": [],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "a2a8a80ecf23131789bb7156c616a07766902857d1492c4d5a679f8cf5d20fed",
"md5": "f8c4153345092c03849e31db580a53f2",
"sha256": "5a4672a0de4e5ec53fe37e9a475c3eef0cd71f28a563817d54d96f62b26a3ab3"
},
"downloads": -1,
"filename": "fosslight_scanner-2.1.8-py3-none-any.whl",
"has_sig": false,
"md5_digest": "f8c4153345092c03849e31db580a53f2",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<3.13,>=3.10",
"size": 25079,
"upload_time": "2025-07-17T09:49:00",
"upload_time_iso_8601": "2025-07-17T09:49:00.014188Z",
"url": "https://files.pythonhosted.org/packages/a2/a8/a80ecf23131789bb7156c616a07766902857d1492c4d5a679f8cf5d20fed/fosslight_scanner-2.1.8-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "9df4f46fd7d70ba4aef4486b3f78bd00132ce6c9b86908b3ca3fd976e40809b2",
"md5": "6a9a50f285ace5dc557d555578aaa1f5",
"sha256": "2a034809f93eb083d6b5275b1f087a8cd434b2fbf9b135b565d5cf461555efe5"
},
"downloads": -1,
"filename": "fosslight_scanner-2.1.8.tar.gz",
"has_sig": false,
"md5_digest": "6a9a50f285ace5dc557d555578aaa1f5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<3.13,>=3.10",
"size": 23720,
"upload_time": "2025-07-17T09:49:00",
"upload_time_iso_8601": "2025-07-17T09:49:00.978960Z",
"url": "https://files.pythonhosted.org/packages/9d/f4/f46fd7d70ba4aef4486b3f78bd00132ce6c9b86908b3ca3fd976e40809b2/fosslight_scanner-2.1.8.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-17 09:49:00",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "fosslight",
"github_project": "fosslight_scanner",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"requirements": [
{
"name": "future",
"specs": []
},
{
"name": "pandas",
"specs": []
},
{
"name": "openpyxl",
"specs": []
},
{
"name": "progress",
"specs": []
},
{
"name": "pyyaml",
"specs": []
},
{
"name": "beautifulsoup4",
"specs": []
},
{
"name": "fosslight_util",
"specs": [
[
">=",
"2.1.12"
],
[
"<",
"3.0.0"
]
]
},
{
"name": "fosslight_source",
"specs": [
[
">=",
"2.1.4"
],
[
"<",
"3.0.0"
]
]
},
{
"name": "fosslight_dependency",
"specs": [
[
"<",
"5.0.0"
],
[
">=",
"4.1.3"
]
]
},
{
"name": "fosslight_binary",
"specs": [
[
"<",
"6.0.0"
],
[
">=",
"5.1.2"
]
]
},
{
"name": "fosslight_prechecker",
"specs": [
[
"<",
"5.0.0"
],
[
">=",
"4.0.0"
]
]
}
],
"tox": true,
"lcname": "fosslight-scanner"
}
JSON
