-
Notifications
You must be signed in to change notification settings - Fork 54
OSS Find Source
Gabe Stocco edited this page Jun 4, 2021
·
1 revision
It's often useful to locate the source code to a given package. OSS Find Source works by searching through package metadata (obtained by querying an API or scraping relevant web pages) for GitHub URLs. It then outputs that list of URLs.
Currently, OSS Find Source is only aware of GitHub. Support for Bitbucket, GitLab, and other sources may be added in the future.
Usage information from --help
USAGE:
Find the source code repository for the given package:
oss-find-source --format text [options] package-url...
-f, --format (Default: text) selct the output format(text|sarifv1|sarifv2)
-o, --output-file (Default: ) send the command output to a file instead of stdout
-S, --single (Default: false) Show only top possibility of the package source repositories. When using text
format the *only* output will be the URL or empty string if error or not found.
--help Display this help screen.
--version Display version information.
The package-url specifier is described at https://github.com/package-url/purl-spec:
pkg:cargo/rand The latest version of Rand (via crates.io)
pkg:cocoapods/AFNetworking The latest version of AFNetworking (via cocoapods.org)
pkg:composer/Smarty/Smarty The latest version of Smarty (via Composer/ Packagist)
pkg:cpan/Apache-ACEProxy The latest version of Apache::ACEProxy (via cpan.org)
pkg:cran/ACNE@0.8.0 Version 0.8.0 of ACNE (via cran.r-project.org)
pkg:gem/rubytree@* All versions of RubyTree (via rubygems.org)
pkg:golang/sigs.k8s.io/yaml The latest version of sigs.k8s.io/yaml (via proxy.golang.org)
pkg:github/Microsoft/DevSkim The latest release of DevSkim (via GitHub)
pkg:hackage/a50@* All versions of a50 (via hackage.haskell.org)
pkg:maven/org.apdplat/deep-qa The latest version of org.apdplat.deep-qa (via repo1.maven.org)
pkg:npm/express The latest version of Express (via npm.org)
pkg:nuget/Newtonsoft.JSON The latest version of Newtonsoft.JSON (via nuget.org)
pkg:pypi/django@1.11.1 Version 1.11.1 fo Django (via pypi.org)
pkg:ubuntu/zerofree The latest version of zerofree from Ubuntu (via packages.ubuntu.com)
pkg:vsm/MLNET/07 The latest version of MLNET.07 (from marketplace.visualstudio.com)
pkg:url/foo@1.0?url=<URL> The direct URL <URL>