github.com/joey-fossa/fossa-cli@v0.7.34-0.20190708193710-569f1e8679f0/docs/integrations/debian.md

github.com/joey-fossa/fossa-cli@v0.7.34-0.20190708193710-569f1e8679f0/docs/integrations/debian.md (about)

     1  # Debian
     2  
     3  ## Support
     4  
     5  Debian package scanning is supported provided that the following are met:
     6  1. Running on a Debian operating system.
     7  2. `apt-cache` is available.
     8  3. Premium fossa subscription to leverage the [archive uploader](#./archive.md).
     9  
    10  ## Configuration
    11  
    12  > Note: There is no automatic discovery for Debian packages as this would cause unexpected behavior for users not interested in Debian scanning and too much information for those who are.
    13  
    14  ### Manual
    15  
    16  Add a module with `type: debian` `target` set to the name of the debian dependency that is to be analyzed, and `path` is optional.
    17  
    18  ```yaml
    19  analyze:
    20    modules:
    21    - name: fossa
    22      type: debian
    23      target: apt
    24  *   path: .
    25  ```
    26  
    27  ## Analysis
    28  
    29  Analyzing a debian package is straightforward and leverages the archive uploader in order to fully scan all licenses. Determining a dependency graph happens in these steps:
    30  1. Find all transitive dependencies for the `target` package by running `apt-cache depends --recurse <target>`.
    31  2. Upload all dependencies that are found to exist and store their locator information.
    32  3. Construct a dependency graph by running `apt-cache depends <target>` on each dependency found in the previous step.