Status File for Detect 6.9.0
As of detect 6.2.0, an output status file is created in the run folder with the name status.json and is meant to summarize the detect run in a machine-readable format.
The file includes status codes, issues encountered and results produced. As additional processes consume this file, additional information will be added. The format is intended to evolve over time.
As Detect shuts down, by default, it performs cleanup operations, which include deleting the status file. You can disable clean up by setting --detect.cleanup=false.
Body
{
"formatVersion": The version of the status file format. Will change as new features are introduced.
"detectVersion": The version of Synopsys Detect that created the status file.
"projectName": The project name.
"projectVersion": The project version.
"detectors": [ List of Detectors, see details below. ]
"status": [ List of Status, see details below. ]
"issues": [ List of Issues, see details below. ]
"results": [ List of Results, see details below. ]
"unrecognizedPaths": [ List of Unrecognized Paths, see details below. ]
"codeLocations": [ List of code locations produced, see details below. ]
"propertyValues": { An object representing all provided properties, see details below. }
}
Detector
{
"folder": The folder the detector applied to.
"detectorType": The normalized detector type such as "GIT".
"detectorName": A shorthand name of the detector such as "Git Cli".
"descriptiveName": The long form name of the detector such as "GIT - Git Cli".
"discoverable": A boolean indicating whether or not the detector was able to discover project information.
"extracted": A boolean indicating whether or not the detector was able to extract dependencies.
"status": An enum indicating whether the detector was successful, failed, or deferred to another detector.
"statusCode": A code specifying the nature of the detector's failure, or PASSED if the detector was successful. See below for a complete list of possible status codes.
"statusReason": A human readable description of the status code.
"relevantFiles": [ A list of files relevant to the detector. ]
"discoveryReason": A human readable description of the discovery result.
"extractedReason": A human readable description of the extraction result.
"projectName": The project name this detectable found.
"projectVersion": The project version this detectable found.
"codeLocationCount": The number of code locations this detector produced.
"explanations": [ A human readable list of strings describing why this detector ran such as "Found file: <path>". ]
}
Detector status codes
Status Code | Description |
|---|---|
CARGO_LOCKFILE_NOT_FOUND | A Cargo.toml was located in the target project, but the Cargo.lock file was NOT located. |
EXCEPTION | An exception occured. |
EXCLUDED | Detector type was excluded. |
EXECUTABLE_FAILED | During extraction, one or more executables did not execute successfully. |
EXECUTABLE_NOT_FOUND | The necessary executable was not found. |
EXTRACTION_FAILED | During extraction, one or more exceptions were encountered. |
FAILED | Detector failed. |
FALLBACK_NOT_NEEDED | The fallback detector was not needed, as its preceding detector passed. |
FILES_NOT_FOUND | Necessary files were not found within the target project. |
FILE_NOT_FOUND | A file was not found within the target project. |
FORCED_NESTED_PASSED | Forced to pass because nested forced by user. |
GO_PKG_LOCKFILE_NOT_FOUND | A Gopkg.toml was located in the target project, but the Gopkg.lock file was NOT located. |
INSPECTOR_NOT_FOUND | The necessary inspector was not found |
MAX_DEPTH_EXCEEDED | Max depth was exceeded. |
NOT_NESTABLE | Not nestable and a detector already applied in parent directory. |
NOT_SELF_NESTABLE | Nestable but this detector already applied in a parent directory. |
NPM_NODE_MODULES_NOT_FOUND | A package.json was located in the target project, but the node_modules folder was NOT located. |
PASSED | Detector passed. |
POETRY_LOCKFILE_NOT_FOUND | A pyproject.toml was located in the target project, but the Poetry.lock file was NOT located. |
PROPERTY_INSUFFICIENT | The properties are insufficient to run. |
UNKNOWN_DETECTOR_RESULT | There was an unknown result. |
WRONG_OPERATING_SYSTEM_RESULT | Cannot run on the used operating system. |
YIELDED | Yielded to other detectors. |
Status
{
"key": The normalized key this status element describes such as "GIT".
"status": "SUCCESS" or "FAILURE"
}
Issues
Results
A result is a URL or file path to output produced by the Synopsys Detect run such as a Black Duck Bill Of Materials (BOM), risk report, notices report, or air-gap zip archive file.
Property Values
A map of every property key to it's string value that Detect finds. These are only properties to which Detect has a known key, so pass-through properties like docker and dynamic properties like custom fields are not included. Passwords and other sensitive fields are masked.
Unrecognized Paths
For those detectors that support it (currently, only CLANG), a list of file paths to dependencies that (a) were not recognized by the package manager, and (b) reside outside the source directory.
Code Locations
©2018 Synopsys, Inc. All Rights Reserved