Skip to main content

Using opOSSum with ScanCode Output - How to Convert ScanCode Output JSON to Opossum JSON

 opOSSum is a nice Open Source compliance tool which can be found on GitHub. ScanCode is another nice Open Source compliance tool which can be found on GitHub, too. While the latter provides extensive code scanning functionality, the former can create comprehensive reports and visualize scan results. One just has to figure out how to get opOSSum to read ScanCode output. 

This is not really an issue, but - as far as I can tell - has not yet been documented anywhere on the internet. opOSSum does read ScanCode json output, but it reqires some transformation beforehand. Good news: opOSSum also provides the tool to perform said transformation. 

As usual, this is more of a step-by-step-guide for noobs such as myself for future reference, but I figured maybe this can be of use for the community as well. 

Prerequisites: 

1. Get ScanCode

Just get it from https://github.com/nexB/scancode-toolkit/releases, I chose scancode-toolkit-XX.X.X_sources.tar.xz, and unpack it

2. Get opOSSum

Download recent version from https://github.com/opossum-tool/OpossumUI/releases/ - if you're on linux like me, choose OpossumUI-for-linux.AppImage. If this is your first time using the AppImage format (it was for me) note that in order to use the file you need to make it executable (right click, properties, permissions, allow executing file as program). 

3. Get opOSSum tool to transform json

As I mentioned before we need to transform ScanCode output JSON to opOSSum JSON. Thererfore, head over to https://github.com/opossum-tool/opossum.lib.hs and download the sources. 

Now at some point - I don't quite remember when - either scanning or transforming failed because zlib was missing. So just to make sure you don't run into these troubles, check if it does exist on your system:

Bash:     whereis zlib 

If no results (i.e. zlib locations) show up, get zlib. For ubuntu, zlib can be installed through your package manager, the package is zlib1g-dev. 

4. Scan the code with ScanCode

Assuming you came here for a reason, you probably already know what you want to scan. If you're just trying out things, just use one of the downloads above. 

To produce a ScanCode.json, use the following command: 

Bash:    /path/to/ScanCode/scancode -clpieu --json-pp /path/to/output.json /path/to/codeyouwanttoscan/

What's clpieu? These are the options scanning the input for copyright, licenses, packages, other info, emails and URLs. Other info includes size, type, date, programming language, hashes etc. (see https://scancode-toolkit.readthedocs.io/en/latest/cli-reference/list-options.html)  

5. Convert to opOSSum-json

Bash:     /path/to/oppossum-lib-hs/opossum-lib-exe.sh --scancode /path/to/output.json > /path/to/output_converted.json 

where output.json is the file from step 4

6. Use output in opOSSum

Run file from step 2 (e.g. by just double-clicking), open output_converted.json - done. 

From here on, consider visiting the opOSSum user guide.

Labels:

Comments

Post a Comment

Popular posts from this blog

Joomla! 2.5: Multiple views, one model

Here goes MVC again: I was a bit confused that every time I created a second or third view for a component, I had to create a separate model for it. Did not make sense to me - I had the necessary algorithms in the model for the first view, did I really need to do copy & paste? I hate it! Redundancy, redundancy, redundancy. That case occurred in my current project - I created user profiles and needed an "edit" view. The data is the same, but I need to have the data in editable text fields instead of fixed labels, and maybe some other buttons here and there...  Well, some time later I realized that I just did not quite understand what Joomla! acutally means by "view".  And that there is something called "layout". Long story short: If you have a model that provides all necessary information and you just want to have a different presentation of it, just add a new .php file to your views/<yourviewname>/tmpl folder - let's call it "layo
1 comment
Read more

Eureka! Intel N 7260 Issue Appears To Be Solved

For a while now I've been having annoying trouble with my wireless adapter (Intel N 7260 - yes, I know it is known to cause trouble...). Not only did it not connect properly, it broke the wifi and the internet connection of the router in a way that no other device in the network could access the internet any more. I might just have discovered another possible cause: And guess what, Windows took me there. I know, right? So, this is what I did (I am on Win 10 right now): - It did not connect properly, as usual (for me this only happens when at home, where I am using a Speedport W 504V router) - so I ran Windows "troubleshooting" (right-click on the wifi icon in the task bar to get there) - It told me that there was an issue with a network protocol missing on my machine (which is rather ridiculous) - BUT at the bottom of the window it offered me a link to detailed information about the issue, which took me to a quite detailed troubleshooting report - This report lists
Post a Comment
Read more

Joomla! 2.5: Menu Items

Some time ago, I started to create my own components. Everything was working fine, but there was one thing that bugged me (even though it is not really necessary... it just looked strange): When I create a link to my component, I always ended up with something like this in my menu manager: Similar thing for the menu item type: I felt like I somehow missed something, but the tutorials did not say anything about it. After playing around for a little while, I found out that the solution actually is pretty simple: The site > views > viewname > tmpl > default.xml file specifies these texts. Joomla! will look for these keys in the language files. Thus, you just need to add some entries to the language files and voila - everything looks nice and clean, just like this: Step-By-Step: Let's assume you already created the default.xml file with contents similar to these: <?xml version="1.0" encoding="utf-8"?> <metadata>    
2 comments
Read more