From 37fe48de424e967c1fbf3bdb2caa33fa8cf17796 Mon Sep 17 00:00:00 2001
From: Jiyeong Seok <50347670+dd-jy@users.noreply.github.com>
Date: Wed, 30 Oct 2024 22:20:14 +0900
Subject: [PATCH] Update 3_dependency.md
---
scanner/3_dependency.md | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/scanner/3_dependency.md b/scanner/3_dependency.md
index 18a6b37..e5b41df 100644
--- a/scanner/3_dependency.md
+++ b/scanner/3_dependency.md
@@ -23,6 +23,7 @@ title: FOSSLight Dependency Scanner
- [Nuget](https://www.nuget.org/) (.NET)
- [Helm](https://helm.sh/) (Kubernetes)
- [Unity](https://unity.com/) (Unity)
+- [Cargo](https://crates.io/) (Rust)
{::options parse_block_html="false" /}
@@ -250,6 +251,14 @@ Therefore, you can execute the 'fosslight_dependency' command directly without p
FOSSLight Dependency Scanner checks the package list and OSS information such as license and repository through the Library/PackageManager/ProjectCache file and each package directory within the Library/PackageCache directory. Therefore, you can execute the 'fosslight_dependency' command in an environment where the files exist.
```
+
+
+**Prerequisite for Cargo**
+```tip
+FOSSLight Dependency Scanner checks the package list and OSS information such as license and repository through the Cargo.toml and 'cargo metadata' command.
+Therefore, you can execute the 'fosslight_dependency' command directly without prerequisite step.
+```
+
{::options parse_block_html="false" /}
@@ -273,7 +282,7 @@ $ fosslight_dependency [option]
-h Print help message.
-v Print the version of the script.
-m Enter the package manager.
- (npm, maven, gradle, pypi, pub, cocoapods, android, swift, carthage, go, nuget, helm, unity)
+ (npm, maven, gradle, pypi, pub, cocoapods, android, swift, carthage, go, nuget, helm, unity, cargo)
-p Enter the path where the script will be run.
-o Output path
(If you want to generate the specific file name, add the output path with file name.)
@@ -318,6 +327,7 @@ The manifest file of each package manager is as follows:
- Nuget : packages.config / {project name}.csproj
- Helm : Chart.yaml
- Unity : Library/PackageManager/ProjectCache
+ - Cargo : Cargo.toml
```
- Android (gradle)
@@ -370,6 +380,7 @@ For a unique OSS name, OSS name is printed such as (package_manager):(oss name)
| Nuget | nuget:(oss name) | Priority1. repository in nuget.org/packages/(oss name)/(oss version)
Priority2. projectUrl in nuget.org/packages/(oss name)/(oss version)
Priority3. nuget.org/packages/(oss name)/(oss version) | nuget.org/packages/(oss name) |
| Helm | helm:(oss name) | first url of sources in (Chart.yaml) | home in (Chart.yaml) |
| Unity | (oss name) | url in repository in ProjectCache | url in repository in ProjectCache |
+| Cargo | cargo:(oss name) | repository of the package in the result file for 'cargo metadata' | crates.io/crates/(oss name) |
```warning
- The printed download location of npm, maven, gradle may be different from the url of actual package if installed through the local path or local repository (not distributed in npmjs.com or mvnrepository).
@@ -505,5 +516,13 @@ Because we utilizes the different open source software to analyze the dependenci
O |
X |
+
+ | Rust |
+ Cargo |
+ Cargo.toml |
+ O |
+ O |
+ O |
+