This is a minimal Java implementation of the OpenKarotz API which will be extended by generated code.
See:
Because this library is only useful for developers the installation depends on your build environment.
For example when using Apache Maven you could add the following dependency to your project:
<dependency>
<groupId>de.powerstat.openkarotz</groupId>
<artifactId>openkarotzapi</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
Please add the following entry to your maven settings.xml
:
<server>
<id>nvd</id>
<password>nvd api-key</password>
</server>
The API-Key could be requested here: National Vulnerability Database
Other build tools like gradle will work analogous.
To compile this project yourself you could use:
mvn clean install org.pitest:pitest-maven:mutationCoverage site
or simply:
mvn clean install
or for native image creation:
On windows Visual Studio 2022 is required and you have to call:
"C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Auxiliary\Build\vcvars64.bat" > nul
Compile and build image:
mvn clean -Pnative package
Run the image:
./target/[imagename]
To find newer dependencies:
mvn versions:display-dependency-updates
To find newer plugins:
mvn versions:display-plugin-updates
To make a new release:
mvn --batch-mode release:clean release:prepare release:perform
git push -–tags
git push origin main
To run checkstyle:
mvn checkstyle:check
To run pmd:
mvn pmd:check
To run spotbugs:
mvn spotbugs:check
To run arch-unit:
mvn arch-unit:arch-test
To run JDeprScan:
mvn jdeprscan:jdeprscan jdeprscan:test-jdeprscan
To run toolchain:
mvn toolchains:toolchain
If you use a sonar server:
mvn sonar:sonar -Dsonar.login=<username> -Dsonar.password=<password>
If you use [infer][https://fbinfer.com/]:
infer run -- mvn clean compile
To create a spdx:
mvn spdx:createSPDX
To create a cycloneDX:
mvn cyclonedx:makeBom
To upload bom to dependency-track:
mvn dependency-track:upload-bom
To look for dependency-track findings:
mvn dependency-track:findings
For usage in your own projects please read the Javadoc's and follow the examples in the unittests. Last but not least it would be better to use the full FB api that is based on this project and will be released separately.
If you would like to contribute to this project please read How to contribute.
This code is licensed under the Apache License Version 2.0.