# README
Why compaa (Component Activity Analyzer)?
compaa is simple component activity analyzer designed for secure software development.
You can find maintainance activities and EOLs of dependended modules.
It aims supporting your secure software component maintainance.
Install
go
go install github.com/izziiyt/compaa
mise
mise use --global go:github.com/izziiyt/compaa
Example
You can find your software depends on inactive OSS. (recommended to use your github token when running for sufficient github api rate limit.)
GITHUB_TOKEN=${YOUR_GITHUB_TOKEN} compaa ./target/path
./path/example0/Dockerfile
./path/example1/subpath/package.json
./path/example2/Dockerfile
├ WARN: docker.io/library/alpine:3.13 last update isnt recent (2022-11-10 20:55:35.397295 +0000 UTC)
./path/example2/subpath/Dockerfile
./path/example3/go.mod
├ WARN: go1.18 is EOL
├ WARN: github.com/pkg/errors is archived
├ WARN: github.com/jinzhu/gorm last push isnt recent (2023-09-11 08:16:54 +0000 UTC)
Supported File Format
compaa supports the following file formats:
- Dockerfile (Docker)
- Gemfile (Ruby)
- go.mod (Go)
- package.json (Javascript)
- requirements.txt (Python)
License
This project is licensed under the MIT License, see the LICENSE file for details.