Skip to content

tpflueger/CSCI4900

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
scripts
scripts
 
 
tests
tests
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
CC-BY-SA-4.0
CC-BY-SA-4.0
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
setup.py
setup.py
 
 
tox.ini
tox.ini
 
 

Repository files navigation

CSCI4900 Build Status

To install

pip install . within top-level of project

Note - Current setup doesn't install branch of DoSOCSv2/feature/relationships that domaven relies on. You will need to follow the instructions first before trying to install current project for it to work.

Usage

Pass pom.xml to be parsed, domaven will then pass all the parsed dependencies to DoSOCSv2 with relationship info:

$ domaven scan ./path/to/pom.xml

Pass jar file that has already been scanned and displays dependency tree:

$ domaven dependencies ./path/to/file.jar

System Description

Python script that connects Maven to DoSOCS. Uses Maven to find out project-level dependencies based on passed pom.xml. A tree is constructed of the hierarchy from parent package downward. All the packages are then given to DoSOCSv2 to be stored into the the database along with the relationship info information which pertains to the SPDX schema.

Development Environment

  • UBUNTU 14.04
  • Python 2.7
  • DoSOCSv2

Communication Management Plan

  • Email
  • Github
  • 2 meetings a week (Tuesdays/Thursdays)

Dataflow diagram of the system

dataflow-diagram

SPDX diagram of database

SPDX-diagram

USE CASE

Title: Dependency relationship creation in SPDX Primary Actor: Developer Goal in context: Discover dependencies for a prject and store relationship in an SPDX schema Stakeholders and Interests: Developers Preconditions: Maven, DOSOCS, environment setup Main success scenario: Created dependency tree and stored relationships in the SPDX schema Failed end conditions: unsuitable POM xml file Trigger: "domaven", pom file

TEST CASES

scan

  1. Does scan accept a pom file?
  2. Is scan able to grab all dependencies from Maven with pom file?
  3. After grabbing all dependencies, is it able to create the tree?
  4. Does it send each package to be scanned and related and stored in the database?
  5. Does it get tgf output from DoSOCS2 of dependencies?
  6. Does it show a tree view of all the dependencies?

dependencies

  1. Does dependencies accept a jar file?
  2. Is it able to connect to DoSOCS2 by passing the jar file to it?
  3. Does it return tgf output from DoSOCS2 of child dependencies?
  4. Does it show a tree view of current and child dependencies based on jar file given?

Contributions

domaven

  • plugin to interact with DoSOCS for handling java based projects
  • creates dependency tree to pass to DoSOCS
  • displays hierarchy of relationships for a given package

DoSOCS modifications

  • allows for creation of relationships between package to package
  • displays relationships of a given package in tree graph format

License

MIT © Aarjav Chauhan, Tyler Pflueger

CC-BY-SA-4.0 © Aarjav Chauhan, Tyler Pflueger

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages