Project, Version, and Code Location Naming 6.4.0

Owned by Ray O'Meara (Unlicensed)
Aug 09, 2020
2 min read

The following sections describe the project, version, and code location naming in Synopsys Detect.

Project and version naming

By default, the project and version names of the project to which Synopsys Detect writes results are derived from the project on which Synopsys Detect is run.

The mechanism Synopsys Detect uses to determine the project and version names depends on project type. If Synopsys Detect cannot determine the project and version names, then Synopsys Detect uses the project directory name as the project name, and the value  Default Detect Version as the version name.

  • Use the following properties to override the project and version names:

    --detect.project.name=PROJECT-NAME --detect.project.version.name=VERSION-NAME

  • Use the following property to change the default version to a timestamp:

    --detect.default.project.version.scheme=timestamp

  • Use the following property to customize the timestamp format:

    --detect.default.project.version.timeformat='yyyy-MM-dd:HH:mm:ss.SSS'

Project and version naming for Git projects

If no package manager provides project and version names and you have not provided the project and version names through properties, then Synopsys Detect attempts to use Git to determine project information. Project information is extracted from the remote URL for the current branch. The version is the current branch name, or the commit hash if a detached head is checked out. This is performed by the Git detector. If you do not want Synopsys Detect to use Git data, you can omit the Git detector using the following property:

Example

To use a project with a remote URL of https://github.com/blackducksoftware/synopsys-detect and a checked-out branch of 5.5.0, by default, Synopsys Detect uses the project name blackducksoftware/synopsys-detect and project version 5.5.0.

Synopsys Detect attempts to derive project and version information by running the Git executable. If that is not successful, it attempts to derive project and version information by parsing Git files.

In Synopsys Detect versions 5.5.0 and later the Synopsys Detect property detect.git.path is used to provide the path to the Git executable.

Code location (scan) naming

By default, a code location (scan) name generated by a detector is constructed from information that it derives from the package manager, such as project name and version, sub-project, or module if applicable, and the detector type. Code location names generated by detectors end in bom.

A code location name generated by the Black Duck signature scanner is constructed from the source directory name, project name, and project version. Code location names generated by the Black Duck signature scanner end in scan.

Optionally, you can add a prefix to the automatically generated code location names, or provided a base name.

©2018 Synopsys, Inc. All Rights Reserved