crda-javascript-api 0.0.2-ea.5
Install from the command line:
Learn more about npm packages
$ npm install @rhecosystemappeng/crda-javascript-api@0.0.2-ea.5
Install via package.json:
"@rhecosystemappeng/crda-javascript-api": "0.0.2-ea.5"
About this version
This project is still a WIP. Currently, only Java's Maven ecosystem is implemented.
The Crda JavaScript API module is deployed to GitHub Package Registry.
- Looking for our Java API? Try Crda Java API.
- Looking for our Backend implementation? Try Crda Backend.
Click here for configuring GHPR and gaining access to the crda-javascript-api module.
Create a
token
with the read:packages scope
Based on GitHub documentation, In Actions you can use GITHUB_TOKEN
Add the following line to the .npmrc file in your user home ( See GH Docs):
//npm.pkg.github.com/:_authToken=<your-ghp-token-goes-here>
Instruct NPM to look in GHPR for the RHEcosystemAppEng namespace.
Add @RHEcosystemAppEng:registry=https://npm.pkg.github.com to .npmrc in the project root or user home:
echo "@RHEcosystemAppEng:registry=https://npm.pkg.github.com" >> .npmrc- Use as ESM Module
npm install @RHEcosystemAppEng/crda-javascript-apiimport crda from '@RHEcosystemAppEng/crda-javascript-api'
import fs from 'node:fs'
// Get stack analysis in JSON format
let jsonStackAnalysis = await crda.stackAnalysis('/path/to/pom.xml')
// Get stack analysis in HTML format (string)
let htmlStackAnalysis = await crda.stackAnalysis('/path/to/pom.xml', true)
// Get component analysis in JSON format
let buffer = fs.readFileSync('/path/to/pom.xml')
let jsonComponentAnalysis = await crda.componentAnalysis('pom.xml', buffer.toString())
$ npx @RHEcosystemAppEng/crda-javascript-api help
Usage: crda-javascript-api {component|stack}
Commands:
crda-javascript-api stack </path/to/manifest> [--html|--summary] produce stack report for manifest path
crda-javascript-api component <manifest-name> <manifest-content> [--summary] produce component report for a manifest type and content
Options:
--help Show help [boolean]# get stack analysis in json format
$ npx @RHEcosystemAppEng/crda-javascript-api stack /path/to/pom.xml
# get stack analysis in json format (summary only)
$ npx @RHEcosystemAppEng/crda-javascript-api stack /path/to/pom.xml --summary
# get stack analysis in html format format
$ npx @RHEcosystemAppEng/crda-javascript-api stack /path/to/pom.xml --html
# get component analysis
$ npx @RHEcosystemAppEng/crda-javascript-api component pom.xml "$(</path/to/pom.xml)"
npm install --global @RHEcosystemAppEng/crda-javascript-api# get stack analysis in json format
$ crda-javascript-api stack /path/to/pom.xml
# get stack analysis in json format (summary only)
$ crda-javascript-api stack /path/to/pom.xml --summary
# get stack analysis in html format format
$ crda-javascript-api stack /path/to/pom.xml --html
# get component analysis
$ crda-javascript-api component pom.xml "$(</path/to/pom.xml)"Excluding a package from any analysis can be achieved by marking the package for exclusion.
- Java Maven (pom.xml)
<dependency> <!--crdaignore-->
<groupId>...</groupId>
<artifactId>...</artifactId>
<version>...</version>
</dependency>For including extra vulnerability data and resolutions, otherwise only available to vendor registered users. You can set the various vendor tokens as environment variables.
Available token environment variables:
| Vendor | Token Environment Variable |
|---|---|
| Snyk | CRDA_SNYK_TOKEN |
This project uses each ecosystem's executable for creating dependency trees. These executables are expected to be present on the system PATH. If they are not, or perhaps you want to use custom ones. Use can use the following environment variables for setting custom paths for the said executables.
| Ecosystem | Default | Environment Variable |
|---|---|---|
| Maven | mvn | CRDA_MVN_PATH |
Details
- crda-javascript-api
-
RHEcosystemAppEng
- over 1 year ago
- Apache-2.0
- 13 dependencies
Assets
- crda-javascript-api-0.0.2-ea.5.tgz
Download activity
- Total downloads 2
- Last 30 days 0
- Last week 0
- Today 0