Spectrometer is a minimal-configuration dependency analysis tool. It supports a wide array of languages and buildtools.
Spectrometer extracts dependency graphs from your projects and reports them to FOSSA for license scanning, vulnerability scanning, and more.
curl -H 'Cache-Control: no-cache' https://raw.githubusercontent.com/fossas/spectrometer/master/install.sh | bash
Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://raw.githubusercontent.com/fossas/spectrometer/master/install.ps1'))
NOTE: You may need to add the executable to your PATH. The installer reports the installation path of the executable.
See the User Guide for detailed instructions.
Usually, this is sufficient:
# configure api key
export FOSSA_API_KEY=your-api-key-goes-here
# run dependency analysis in the current
# directory, uploading results to FOSSA
fossa analyze
# check for FOSSA license- and vulnerability-scan results
fossa test
Our dev setup and recommendations can be found in HACKING.md.
If you are experiencing an issue related to the results on the FOSSA website/dashboard, please contact [email protected]
Issues specific to Spectrometer should be filed through the Github issues page.
Please include the following in your bug report:
- Steps to reproduce your issue
- Relevant project manifest files (e.g.,
pom.xml
orpackage.json
)