Skip to main content

Scanning Dependencies

Use DependencyScanner to detect open-source dependencies from manifest files such as package.json, pom.xml, and requirements.txt: 
import { DependencyScanner, DependencyScannerCfg } from "scanoss";

const cfg = new DependencyScannerCfg();

const depScanner = new DependencyScanner(cfg);

depScanner.scanFolder("/path/to/project").then((result) => {
  console.log(JSON.stringify(result, null, 2));
});

Scanning for Cryptography

Use CryptographyScanner to detect cryptographic algorithms and libraries in local source files. This scanner runs entirely locally and does not send any data to the API: 
import { CryptographyScanner, CryptoCfg } from "scanoss";

const cfg = new CryptoCfg();

const cryptoScanner = new CryptographyScanner(cfg);

cryptoScanner.scanFiles(["/path/to/file.js"]).then((result) => {
  console.log(JSON.stringify(result, null, 2));
});
Note: CryptoCfg follows a different naming convention to DependencyScannerCfg. Both are valid configuration classes; the naming difference reflects the underlying API design.

Generating Winnowing Fingerprints (WFP) Without Scanning

To generate Winnowing Fingerprints (WFP) locally without sending data to the API, use the Fingerprint class. Use setFingerprintPath to specify where the .wfp output file will be written: 
import { Fingerprint, ScannerEvents } from "scanoss";

const fingerprint = new Fingerprint();

fingerprint.setFingerprintPath("/path/to/output/fingerprints.wfp");

fingerprint.on(ScannerEvents.WINNOWING_FINISHED, () => {
  console.log("Fingerprinting complete");
});

fingerprint.start([
  {
    fileList: ["/path/to/file.js"],
  },
]);

Scanner Events Reference

The Scanner class (and Fingerprint, which shares the same event system) emits the following events, which can be subscribed to via .on():
EventDescription
SCAN_DONEScan completed; provides the path to the results file
SCANNER_LOGInternal log messages emitted by the scanner
DISPATCHER_NEW_DATANew results received from the server; not yet written to the output file
RESULTS_APPENDEDBuffered results written and appended to the output file
WINNOWING_STATUSProgress update during fingerprint generation
ERRORAn error occurred during scanning
For configuring a custom API endpoint or supplying an API key, see the Authentication page.