Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Test the top X packages w/ sbom-tool support #13755

Open
JonDouglas opened this issue Aug 30, 2024 · 1 comment
Open

Test the top X packages w/ sbom-tool support #13755

JonDouglas opened this issue Aug 30, 2024 · 1 comment
Assignees
Labels
Priority:3 Issues under consideration. With enough upvotes, will be reconsidered to be added to the backlog. Type:Tracking This issue is tracking the completion of other related issues.

Comments

@JonDouglas
Copy link
Contributor

JonDouglas commented Aug 30, 2024

We should test the top X packages to see how well the sbom-tool performs when functionality is available in the .NET SDK for .NET 9.

Query

Top 1000 packages, taking at most 3 packages per unique set of owners (Microsoft packages don't overwhelm the list).

let IdDownloads = NiPackageDownloads | distinct LowerId, TotalDownloads;
let OwnerDownloads = NiPackageOwners
| join kind=inner IdDownloads on LowerId
| extend Owners = tostring(Owners)
| summarize OwnerDownloads = sum(TotalDownloads) by Owners;
NiPackageOwners
| extend Owners = tostring(Owners)
| join kind=inner OwnerDownloads on Owners
| project-away Owners1
| join kind=inner IdDownloads on LowerId
| project-away LowerId1
| order by OwnerDownloads desc, Owners desc, TotalDownloads desc
| where row_number(1, Owners != prev(Owners)) <= 3
| join kind=inner (NiPackageVersions | where IsLatestSemVer2 | project Identity, LowerId, Id, Version, Created) on LowerId
| extend NupkgUrl = strcat("https://api.nuget.org/v3-flatcontainer/", Identity, "/", LowerId, ".", tolower(Version), ".nupkg")
| project Id, Version, Created, TotalDownloads, NupkgUrl
| order by TotalDownloads desc
| take 1000
Copy link
Contributor

@JonDouglas Issue is missing Type label, remember to add a Type label

@dotnet-policy-service dotnet-policy-service bot added the missing-required-type The required type label is missing. label Aug 30, 2024
@nkolev92 nkolev92 added Type:Tracking This issue is tracking the completion of other related issues. Priority:3 Issues under consideration. With enough upvotes, will be reconsidered to be added to the backlog. and removed missing-required-type The required type label is missing. labels Sep 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Priority:3 Issues under consideration. With enough upvotes, will be reconsidered to be added to the backlog. Type:Tracking This issue is tracking the completion of other related issues.
Projects
None yet
Development

No branches or pull requests

2 participants