Skip to content

Instantly share code, notes, and snippets.

@maoo
Last active August 28, 2019 13:24
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save maoo/40a4f7a9df8315290a1b0c347dd018da to your computer and use it in GitHub Desktop.
JSON license report with fossa-cli

Creating and running Docker image for fossa-cli

docker pull fossa/fossa-cli:buildtools
docker run -it fossa/fossa-cli:buildtools /bin/bash

Run commands within the container


# Installing JQ for JSON manipulation
sudo apt-get install -y jq

# Build fossa-cli from source (master branch)
# export GOPATH=${PWD}
# mkdir -p src/github.com/fossas
# cd src/github.com/fossas
# git clone https://github.com/fossas/fossa-cli.git
# cd fossa-cli/
# make
# cd ~

# Extract FOSSA API Key from https://app.fossa.com/account/settings/integrations/api_tokens
export FOSSA_API_KEY=...

# Install fossa-cli 1.0.3
curl -L -O https://github.com/fossas/fossa-cli/releases/download/v1.0.3/fossa-cli_1.0.3_linux_amd64.tar.gz
tar xvzf fossa-cli_1.0.3_linux_amd64.tar.gz

# Add fossa command to PATH
export PATH=$PWD:$PATH

# Checkout a github public project and run fossa report licenses
git clone https://github.com/symphonyoss/symphony-java-client.git
cd symphony-java-client
fossa init
# Init (of this repo) should take 2-3 minutes
fossa report licenses --json > licenses.json
# Report generation (of this repo) should take  minutes

# Simplify JSON structure
cat licenses.json | jq '[.[] |  {package: .loc.package, licenses: [.Licenses[].LicenseID]}]'
@maoo
Copy link
Author

maoo commented Dec 5, 2018

[
  {
    "package": "com.brsanthu:migbase64",
    "licenses": [
      "BSD-3-Clause"
    ]
  },
  {
    "package": "com.fasterxml.jackson.core:jackson-annotations",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.core:jackson-core",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.core:jackson-core",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.core:jackson-databind",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.core:jackson-databind",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.dataformat:jackson-dataformat-yaml",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.datatype:jackson-datatype-jsr310",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.jaxrs:jackson-jaxrs-base",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.jaxrs:jackson-jaxrs-json-provider",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.fasterxml.jackson.module:jackson-module-jaxb-annotations",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.google.code.gson:gson",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "com.google.guava:guava",
    "licenses": [
      "Apache-2.0",
      "Public-Domain"
    ]
  },
  {
    "package": "io.swagger:swagger-annotations",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "io.swagger:swagger-core",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "io.swagger:swagger-models",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "javax.annotation:javax.annotation-api",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "javax.validation:validation-api",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "javax.ws.rs:javax.ws.rs-api",
    "licenses": [
      "Apache-2.0",
      "CDDL-1.0",
      "CDDL-1.0",
      "CDDL-1.0",
      "GPL-2.0-with-classpath-exception",
      "GPL-2.0-with-classpath-exception",
      "GPL-2.0-with-classpath-exception",
      "GPL-2.0-only",
      "GPL-3.0-only",
      "GPL-2.0-only",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "junit:junit",
    "licenses": [
      "EPL-1.0"
    ]
  },
  {
    "package": "log4j:log4j",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "net.bytebuddy:byte-buddy",
    "licenses": [
      "Apache-2.0",
      "BSD-3-Clause"
    ]
  },
  {
    "package": "net.bytebuddy:byte-buddy-agent",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.apache.commons:commons-lang3",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.glassfish.hk2.external:aopalliance-repackaged",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.hk2.external:javax.inject",
    "licenses": [
      "Apache-2.0",
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.hk2:hk2-api",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.hk2:hk2-locator",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.hk2:hk2-utils",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.hk2:osgi-resource-locator",
    "licenses": [
      "CDDL-1.1",
      "GPL-2.0-only",
      "GPL-2.0-with-classpath-exception",
      "CDDL-1.1",
      "GPL-2.0-only",
      "GPL-2.0-with-classpath-exception",
      "GPL-3.0-only"
    ]
  },
  {
    "package": "org.glassfish.jersey.bundles.repackaged:jersey-guava",
    "licenses": [
      "Apache-2.0",
      "CDDL-1.0",
      "GPL-2.0-only",
      "Public-Domain"
    ]
  },
  {
    "package": "org.glassfish.jersey.core:jersey-client",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.jersey.core:jersey-common",
    "licenses": [
      "CDDL-1.0",
      "Public-Domain",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.jersey.ext:jersey-entity-filtering",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.jersey.media:jersey-media-json-jackson",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.glassfish.jersey.media:jersey-media-multipart",
    "licenses": [
      "CDDL-1.0",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.hamcrest:hamcrest-core",
    "licenses": [
      "Apache-2.0",
      "MIT",
      "BSD-2-Clause",
      "BSD-3-Clause",
      "CPL-1.0"
    ]
  },
  {
    "package": "org.javassist:javassist",
    "licenses": [
      "Apache-2.0",
      "MPL-2.0",
      "MPL-1.1",
      "LGPL-2.1-only"
    ]
  },
  {
    "package": "org.javassist:javassist",
    "licenses": [
      "Apache-2.0",
      "Apache-2.0",
      "LGPL-2.1-only",
      "LGPL-2.1-only",
      "MPL-1.1",
      "MPL-1.1",
      "MPL-2.0"
    ]
  },
  {
    "package": "org.jsoup:jsoup",
    "licenses": [
      "MIT"
    ]
  },
  {
    "package": "org.jvnet.mimepull:mimepull",
    "licenses": [
      "CDDL-1.0",
      "GPL-3.0-only",
      "GPL-2.0-only"
    ]
  },
  {
    "package": "org.mockito:mockito-core",
    "licenses": [
      "Apache-2.0",
      "Apache-2.0",
      "MIT",
      "MIT"
    ]
  },
  {
    "package": "org.objenesis:objenesis",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.powermock:powermock-api-mockito2",
    "licenses": [
      "Apache-2.0",
      "MIT",
      "BSD-3-Clause"
    ]
  },
  {
    "package": "org.powermock:powermock-api-mockito-common",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.powermock:powermock-api-support",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.powermock:powermock-core",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.powermock:powermock-module-junit4",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.powermock:powermock-module-junit4-common",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.powermock:powermock-reflect",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.slf4j:slf4j-api",
    "licenses": [
      "MIT"
    ]
  },
  {
    "package": "org.slf4j:slf4j-log4j12",
    "licenses": [
      "MIT"
    ]
  },
  {
    "package": "org.symphonyoss.symphony:symphony-agent-java-jersey2-client",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.symphonyoss.symphony:symphony-authenticator-java-jersey2-client",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.symphonyoss.symphony:symphony-pod-java-jersey2-client",
    "licenses": [
      "Apache-2.0"
    ]
  },
  {
    "package": "org.yaml:snakeyaml",
    "licenses": [
      "Apache-2.0",
      "Apache-2.0",
      "LGPL-2.1-only",
      "EPL-1.0",
      "BSD-3-Clause",
      "GPL-2.0-only"
    ]
  }
]

@maoo
Copy link
Author

maoo commented Jun 14, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment