Software Components and Licenses


COMPONENT NAMEDESCRIPTIONLICENSESOURCE CODE 
Quality AnalyzerRAPID is the quality analysis application developed by SIG.Apache 2.0GitHub
Quality Analyzer metadataComponent that store in FASTEN metadata database quality metrics.Apache 2.0GitHub
Vulnerability ProducerGathers, enriches and publishes vulnerability information to a Kafka topic. May be used as a standalone toolApache 2.0GitHub
Canonical Call Graph GeneratorGenerate canonical FASTEN call graphs from diverse input formatsApache 2.0GitHub
Fasten Pypi PluginA Python plugin that can be used to analyze and report issues about a module dependencies at build time.Apache 2.0GitHub
Maven PluginThis plugin can be used to analyze and report issues about a module dependencies at build time.Apache 2.0GitHub
Java Call Graph OPALCall graph generator for Java packagesApache 2.0GitHub
REST APIREST API to query FASTEN knowledge base. Can trigger pipeline execution if component is unknown in knowledge base.Apache 2.0GitHub
Debian ScrapperCrawl information for a given Debian release looking for C packages.Apache 2.0GitHub
Kafka CScoutProduce call graph for Debian C packages.Apache 2.0GitHub
Metadata DBInsert revision call graphs in FASTEN metadata database.Apache 2.0GitHub
Callable indexInsert global identifier (GID) graphs in graph database (RocksDB).Apache 2.0GitHub
Debian license detectorProcess Debian package to find license information at file level.Apache 2.0GitHub
Debian license feederInsert license information in FASTEN metadata database.Apache 2.0GitHub
Vulnerability producerGathers information from different sources (NVD, GitHub advisories, etc.), enriches the data with patch details and then publishes it to a Kafka topic.Apache 2.0GitHub
Vulnerability statement processorListens to messages from the vulnerability producer and updates the FASTEN metadata database.Apache 2.0GitHub
Vulnerability packages listenerAdd new package version in FASTEN metadata database.Apache 2.0GitHub
Vulnerability cache invalidation Apache 2.0GitHub
Vulnerability chain finderFind vulnerability chain in callable index.Apache 2.0GitHub
Ingested artifact completionMark Maven package as fully ingested.Apache 2.0GitHub
Maven crawlerCrawl Maven Central repository.Apache 2.0GitHub
POM analyzerParse the Maven pom file and store analysis result in FASTEN metadata database.Apache 2.0GitHub
Repo clonerClone a repository (Git, Subversion, Mercurial) on the file system.Apache 2.0GitHub
Dependency graph resolverResolve pom dependencies.Apache 2.0GitHub
Kafka topics synchronizationSynchronize two Kafka topicsApache 2.0GitHub
Java license detectorRetrieve Java project license at project level (in pom.xml file or using GitHub as fallback) and at file level using ScanCode tool.Apache 2.0GitHub
Java license feederInsert license information in FASTEN metadata database.Apache 2.0GitHub
Kafka filter PyPIConsumes PyPI packaging information in the Warehouse format from a Kafka topic and produces unique package-version tuples.Apache 2.0GitHub
Python call graph generatorConsumes PyPI packaging information from a Kafka topic and produces call graphs into another Kafka topic.Apache 2.0GitHub
Python license detectorRetrieve Python project license at project level (using PyPI.org APIs or using GitHub as fallback) and at file level using ScanCode tool.Apache 2.0GitHub
Python license feederInsert license information in FASTEN metadata database.Apache 2.0GitHub