| COMPONENT NAME |
DESCRIPTION |
LICENSE |
SOURCE CODE |
|
| Quality Analyzer |
RAPID is the quality analysis application developed by SIG. |
Apache 2.0 |
GitHub |
| Quality Analyzer metadata |
Component that store in FASTEN metadata database quality metrics. |
Apache 2.0 |
GitHub |
| Vulnerability Producer |
Gathers, enriches and publishes vulnerability information to a Kafka topic. May be used as a standalone tool |
Apache 2.0 |
GitHub |
| Canonical Call Graph Generator |
Generate canonical FASTEN call graphs from diverse input formats |
Apache 2.0 |
GitHub |
| Fasten Pypi Plugin |
A Python plugin that can be used to analyze and report issues about a module dependencies at build time. |
Apache 2.0 |
GitHub |
| Maven Plugin |
This plugin can be used to analyze and report issues about a module dependencies at build time. |
Apache 2.0 |
GitHub |
| Java Call Graph OPAL |
Call graph generator for Java packages |
Apache 2.0 |
GitHub |
| REST API |
REST API to query FASTEN knowledge base. Can trigger pipeline execution if component is unknown in knowledge base. |
Apache 2.0 |
GitHub |
| Debian Scrapper |
Crawl information for a given Debian release looking for C packages. |
Apache 2.0 |
GitHub |
| Kafka CScout |
Produce call graph for Debian C packages. |
Apache 2.0 |
GitHub |
| Metadata DB |
Insert revision call graphs in FASTEN metadata database. |
Apache 2.0 |
GitHub |
| Callable index |
Insert global identifier (GID) graphs in graph database (RocksDB). |
Apache 2.0 |
GitHub |
| Debian license detector |
Process Debian package to find license information at file level. |
Apache 2.0 |
GitHub |
| Debian license feeder |
Insert license information in FASTEN metadata database. |
Apache 2.0 |
GitHub |
| Vulnerability producer |
Gathers information from different sources (NVD, GitHub advisories, etc.), enriches the data with patch details and then publishes it to a Kafka topic. |
Apache 2.0 |
GitHub |
| Vulnerability statement processor |
Listens to messages from the vulnerability producer and updates the FASTEN metadata database. |
Apache 2.0 |
GitHub |
| Vulnerability packages listener |
Add new package version in FASTEN metadata database. |
Apache 2.0 |
GitHub |
| Vulnerability cache invalidation |
|
Apache 2.0 |
GitHub |
| Vulnerability chain finder |
Find vulnerability chain in callable index. |
Apache 2.0 |
GitHub |
| Ingested artifact completion |
Mark Maven package as fully ingested. |
Apache 2.0 |
GitHub |
| Maven crawler |
Crawl Maven Central repository. |
Apache 2.0 |
GitHub |
| POM analyzer |
Parse the Maven pom file and store analysis result in FASTEN metadata database. |
Apache 2.0 |
GitHub |
| Repo cloner |
Clone a repository (Git, Subversion, Mercurial) on the file system. |
Apache 2.0 |
GitHub |
| Dependency graph resolver |
Resolve pom dependencies. |
Apache 2.0 |
GitHub |
| Kafka topics synchronization |
Synchronize two Kafka topics |
Apache 2.0 |
GitHub |
| Java license detector |
Retrieve Java project license at project level (in pom.xml file or using GitHub as fallback) and at file level using ScanCode tool. |
Apache 2.0 |
GitHub |
| Java license feeder |
Insert license information in FASTEN metadata database. |
Apache 2.0 |
GitHub |
| Kafka filter PyPI |
Consumes PyPI packaging information in the Warehouse format from a Kafka topic and produces unique package-version tuples. |
Apache 2.0 |
GitHub |
| Python call graph generator |
Consumes PyPI packaging information from a Kafka topic and produces call graphs into another Kafka topic. |
Apache 2.0 |
GitHub |
| Python license detector |
Retrieve Python project license at project level (using PyPI.org APIs or using GitHub as fallback) and at file level using ScanCode tool. |
Apache 2.0 |
GitHub |
| Python license feeder |
Insert license information in FASTEN metadata database. |
Apache 2.0 |
GitHub |
