Example Scan
In this example, we are scanning a file with a small section that has been copied from an open source project. In the shell output below, we are scanning with the sensitivity setting of 10. The copied snippet is smaller than that.
Please note that host and token are configured in fossid.conf and therefore does not need to be supplied as part of the command.
$ ./fossid-cli --sensitivity 10 --limit 1 --pretty /fossid/demo/ofp_uma.c
{
"local_path": "/fossid/demo/ofp_uma.c",
"type": "none"
}
In the shell output below, we have lowered the sensitivity setting to 8, which allows us to detect the copied section. Here we can see the details about matched component, file, and snippet information.
$ ./fossid-cli --sensitivity 8 --limit 1 --pretty /fossid/demo/ofp_uma.c
{
"component": {
"artifact": "ofp",
"author": "OpenFastPath",
"copyright": [
{
"default": "(c) 2014, OpenFP",
"length": 16,
"name": "OpenFP",
"offset": 10,
"year_last_revision": "2014",
"year_publication": "2014"
}
],
"id": "d40a2f0b98981387d984d67e00000000",
"license_file_id": "fbe4957c430eed6cc20521d400000000",
"license_file_path": "LICENSE",
"licenses": [
{
"id": "BSD-3-Clause",
"length": 1454,
"modification": 0.013157895,
"name": "BSD 3-Clause \"New\" or \"Revised\" License",
"offset": 27,
"probability": 0.975404,
"reference": "fossid_BSD-3-Clause.json",
"score": 373.25446,
"segments": [
{
"length": 26,
"markerDLen": -1,
"markerDX": 0,
"offset": 27,
"text": "Copyright (c) year owner. "
},
{
"length": 12,
"markerDLen": 0,
"markerDX": 0,
"offset": 586
},
{
"length": 17,
"markerDLen": -1,
"markerDX": 1,
"offset": 598,
"text": " copyright holder"
}
],
"source": "Thunder2",
"type": "LICENSE"
}
],
"purl": "pkg:github/OpenFastPath/ofp@3.0.0-rc.1",
"release_date": "2018-11-29",
"url": "https://github.com/OpenFastPath/ofp/archive/3.0.0-rc.1.tar.gz",
"version": "3.0.0-rc.1",
"version_raw": "3.0.0-rc.1"
},
"file": {
"available": true,
"copyright": [
{
"default": "(c) 2014 Nokia",
"length": 14,
"name": "Nokia",
"offset": 17,
"year_last_revision": "2014",
"year_publication": "2014"
},
{
"default": "(c) 2014 ENEA Software AB",
"length": 25,
"name": "ENEA Software AB",
"offset": 45,
"year_last_revision": "2014",
"year_publication": "2014"
}
],
"encoding": "UTF-8",
"id": "eeecdaa608e1df2450b1846c00000000",
"licenses": [
{
"id": "BSD-3-Clause",
"length": 41,
"name": "BSD 3-Clause \"New\" or \"Revised\" License",
"offset": 77,
"probability": 1.0,
"reference": "BSD-3-Clause.json",
"score": 100.0,
"segments": [
{
"length": 23,
"markerDLen": 0,
"markerDX": 0,
"offset": 77
},
{
"length": 3,
"markerDLen": 0,
"markerDX": 0,
"offset": 106
},
{
"length": 1,
"markerDLen": 0,
"markerDX": 0,
"offset": 110
},
{
"length": 6,
"markerDLen": 0,
"markerDX": 0,
"offset": 112
}
],
"source": "Pattern",
"type": "REFERENCE"
}
],
"path": "src/ofp_uma.c",
"size": 3654
},
"gid": "snp:4d77cba7",
"local_path": "/fossid/uploads/files/scans/3/ofp_uma.c",
"score": 1.0,
"snippet": {
"id": "332d1b1e939070d7a8d3c3992eac2c70",
"local_coverage": 1.0,
"local_highlight": {
"blocks": [
{
"byte_range": {
"begin": 0,
"end": 343
},
"char_range": {
"begin": 0,
"end": 343
},
"hash_range": {
"begin": 0,
"end": 8
},
"id": "725692aaa8619c652f08133092a5c3d0"
}
],
"encoding": "UTF-8",
"id": "332d1b1e939070d7a8d3c3992eac2c70",
"pfm_format": 2
},
"local_size": 9,
"remote_coverage": 0.0804,
"remote_highlight": {
"blocks": [
{
"byte_range": {
"begin": 531,
"end": 874
},
"char_range": {
"begin": 531,
"end": 874
},
"hash_range": {
"begin": 19,
"end": 27
},
"id": "725692aaa8619c652f08133092a5c3d0"
}
],
"encoding": "UTF-8",
"id": "332d1b1e939070d7a8d3c3992eac2c70",
"pfm_format": 2
},
"remote_size": 9
},
"type": "partial"
}
Highlighting the Snippet
Prerequisites
For some commands, you may need to run an additional set of tools to parse JSON output. In this document, we use jq.
To install jq on a Debian-based system, run
sudo apt install jq
To install jq on RedHat, run
sudo yum install jq
Snippet Highligting
To highlight the snippet, extract the highlight information from the output above:
$ ./fossid-cli --sensitivity 8 --limit 1 /fossid/demo/ofp_uma.c | head -1 | jq .snippet.local_highlight -rc
{"blocks":[{"byte_range":{"begin":0,"end":343},"char_range":{"begin":0,"end":343},"hash_range":{"begin":0,"end":8},"id":"725692aaa8619c652f08133092a5c3d0"}],"encoding":"UTF-8","id":"332d1b1e939070d7a8d3c3992eac2c70","pfm_format":2}
Use the highlight information (the output above) as an input to fossid-cli using the --highlight-input command line argument:
$ ./fossid-cli --highlight '/fossid/demo/ofp_uma.c' --highlight-input '{"blocks":[{"byte_range":{"begin":0,"end":343},"char_range":{"begin":0,"end":343},"hash_range":{"begin":0,"end":8},"id":"725692aaa8619c652f08133092a5c3d0"}],"encoding":"UTF-8","id":"332d1b1e939070d7a8d3c3992eac2c70","pfm_format":2}'
[===]print "demo";
[===]
[===]uma_zone_t ofp_uma_pool_create(const char *name, int nitems, int size)
[===]{
[===] odp_pool_param_t pool_params;
[===] odp_pool_t pool;
[===] uma_zone_t zone;
[===]
[===] odp_pool_param_init(&pool_params);
[===] pool_params.buf.size = size + sizeof(struct uma_pool_metadata);
[===] pool_params.buf.align = 0;
[===] pool_params.buf.num = nitems;
[===] pool_params.type = ODP_POOL_BUFFER;
[ ]
[ ]print "demo";
To learn more about how to interpret the results, see Interpreting the scanning response in the Introduction page.