feat: enable cocoapods for --all-projects scanning #965
Conversation
ghost
requested review from
lili2311
force-pushed
the
feat/cocopoads-all-projects
branch
2 times, most recently
from
9a31bab to
3190f26
Compare
| } else if (options.docker) { | ||
| analysisType = 'docker'; | ||
| } else { | ||
| packageManager = detect.detectPackageManager(path, options); |
There was a problem hiding this comment.
only run this check if we are not in Docker or all-projects mode as it will fail when no supported manifests are found
lili2311
force-pushed
the
feat/cocopoads-all-projects
branch
4 times, most recently
from
a111b99 to
5432468
Compare
|
Includes the PR #966 |
lili2311
force-pushed
the
feat/cocopoads-all-projects
branch
3 times, most recently
from
187b2b1 to
740236d
Compare
src/lib/snyk-test/run-test.ts
Outdated
| @@ -159,8 +159,10 @@ async function runTest( | |||
| res.filesystemPolicy = !!payloadPolicy; | |||
| if (!options['ignore-policy']) { | |||
| res.policy = res.policy || (payloadPolicy as string); | |||
| console.log('***** res.policy', res.policy); | |||
There was a problem hiding this comment.
It this a left over?
src/lib/snyk-test/run-test.ts
Outdated
| const policy = await snyk.policy.loadFromText(res.policy); | ||
| res = policy.filter(res, root); | ||
| console.log('***** ', policy); |
There was a problem hiding this comment.
It this a left over?
When running `snyk test --all-projects` by default pick up also `Podfile` and `Podfile.lock` Supported for `test` and `monitor`
lili2311
force-pushed
the
feat/cocopoads-all-projects
branch
from
740236d to
5851a7f
Compare
| @@ -193,6 +193,12 @@ function chooseBestManifest( | |||
| )[0]; | |||
| return defaultManifest.path; | |||
| } | |||
| case 'cocoapods': { | |||
| const defaultManifest = files.filter((path) => | |||
| ['Podfile'].includes(path.base), | |||
There was a problem hiding this comment.
Not a blocker, just a question why not 'Podfile' === path.base?
There was a problem hiding this comment.
no reason copy + 🍝, will update in the next PR
There was a problem hiding this comment.
Because it's only relevant for npm and yarn and we bring it for all of others. We will have refactor after we release everything I think. I bet we could simplify when more ecosystems will be supported with --all-projects
There was a problem hiding this comment.
It is relevant for any ecosystem where more than 1 manifest file can be detected in the same folder and we need to choose. Example: requiremens.txt or Pipfile yarn.lock or package-lock.json.
Technically we could only look for Podfile here and remove this entry, but there are other cocopoads manifests we may auto detect later on which are currently supported via --file
|
🎉 This PR is included in version 1.282.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
What does this PR do?
Enable Cocoapods
PodfileandPodfile.lockto be picked up when runningtestormonitorwith--all-projectsflag