Table of Contents |
---|
...
For information on configuration parameters, refer to Configuration File & Parameters.
Examples
Go Modules Example
As a user, I want to scan a Go project using Go 1.11 or above without the need for any package manager, while still being able to obtain all relevant dependencies used in my project. The project contains a 'go.mod' or 'modules.txt' file as well as a 'vendor' folder. The following are the relevant 'Go' configuration settings:
...
As user, I want to scan a Go project with the 'godep' package manager in order to obtain all relevant dependencies. The project already contains a 'Gopkg.lock' file. The following are the relevant 'Go' configuration settings:
Code Block |
---|
go.resolveDependencies=true go.collectDependenciesAtRuntime=false go.dependencyManager=godep |
Glide Example
As a user, I want to scan a Go project with the 'glide' package manager in order to obtain all relevant dependencies. The project does not contain a 'Gopkg.lock' file, and the user would also like to scan test packages defined in the 'glide.yaml' file. The following are the relevant 'Go' configuration settings:
Code Block |
---|
go.resolveDependencies=true
go.collectDependenciesAtRuntime=true
go.dependencyManager=glide
go.glide.ignoreTestPackages=false |
...
The Unified Agent provides support for a hierarchy tree for the following packages: glide, gopm, godep, dep, govendor, vndr and modules (Go Modules).
For the other package managers (gogradle,vgo), the Unified Agent will show both direct and transitive dependencies as a flat structure.
In general - for all package managers, both direct and transitive dependencies are retrieved as part of a scan.
In order to support retrieval of a project's full hierarchy tree, one of the following requirements needs to be valid:
- The dependency file and 'vendor' folder are available in the project
- The go.collectDependenciesAtRuntime configuration parameter is set to 'true' and the relevant dependency manager is installed (except for Go Modules which doesn't require a dependency manager).