Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Language-agnostic; integrates with 20+ build systems.
It was discovered that jar-callgraph-1.0.0.jar was not producing results for some jars. The issue has been identified and fixed in this pr .
Acceptance criteria
Use the newest implementation of jar-callgraph i.e. jar-callgraph-1.0.1.jar
Testing plan
You can test the changes by executing the old and new jar-callgraph against this scala library jar . You will find that the old implementation doesn't produce any results while the updated jar does.
Manual testing plan
cd to the /scripts directory
java -jar jar-callgraph-1.0.0.jar /path/to/scala/jar (download the scala library jar mentioned above)
[x] I added tests for this PR's change (or explained in the PR description why tests don't make sense).
[x] If this PR introduced a user-visible change, I added documentation into docs/.
[x] If this PR added docs, I added links as appropriate to the user manual's ToC in docs/README.ms and gave consideration to how discoverable or not my documentation is.
[x] If this change is externally visible, I updated Changelog.md. If this PR did not mark a release, I added my changes into an # Unreleased section at the top.
[x] If I made changes to .fossa.yml or fossa-deps.{json.yml}, I updated docs/references/files/*.schema.json AND I have updated example files used by fossa init command. You may also need to update these if you have added/removed new dependency type (e.g. pip) or analysis target type (e.g. poetry).
[x] If I made changes to a subcommand's options, I updated docs/references/subcommands/<subcommand>.md.
Overview
It was discovered that jar-callgraph-1.0.0.jar was not producing results for some jars. The issue has been identified and fixed in this pr .
Acceptance criteria
Use the newest implementation of jar-callgraph i.e. jar-callgraph-1.0.1.jar
Testing plan
You can test the changes by executing the old and new jar-callgraph against this scala library jar . You will find that the old implementation doesn't produce any results while the updated jar does.
Manual testing plan
java -jar jar-callgraph-1.0.0.jar /path/to/scala/jar(download the scala library jar mentioned above)Testing the new changes
git checkout jar-call-graphjava -jar jar-callgraph-1.0.1.jar /path/to/scala/jarRisks
No notable risks
Metrics
References
Checklist
docs/.docs/README.msand gave consideration to how discoverable or not my documentation is.Changelog.md. If this PR did not mark a release, I added my changes into an# Unreleasedsection at the top..fossa.ymlorfossa-deps.{json.yml}, I updateddocs/references/files/*.schema.jsonAND I have updated example files used byfossa initcommand. You may also need to update these if you have added/removed new dependency type (e.g.pip) or analysis target type (e.g.poetry).docs/references/subcommands/<subcommand>.md.