(chocolatey#145) Enable skipping of Yarn analysis

During the Dependency-Check task, the Yarn Audit analysis can be triggered even when it is not needed. This results in the task, and build, failing. By adding a new tool setting, DependencyCheckDisableYarnAudit, the Yarn Audit analysis can be explicitly disabled when required. This new parameter defaults to `false`. This change should be revisited when Cake.DependencyCheck and DependencyCheckTool are updated.
Windos · Apr 23, 2024 · 3ca5aec · 3ca5aec
1 parent 869ae83
commit 3ca5aec
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 1 deletion.
diff --git a/Chocolatey.Cake.Recipe/Content/dependencyCheck.cake b/Chocolatey.Cake.Recipe/Content/dependencyCheck.cake
@@ -46,6 +46,15 @@ BuildParameters.Tasks.DependencyCheckTask = Task("Dependency-Check")
 
     DeleteFile(BuildParameters.RootDirectoryPath.CombineWithFilePath("dependency-check.zip"));
 
+    if (ToolSettings.DependencyCheckDisableYarnAudit)
+    {
+        ReplaceTextInFiles(
+            BuildParameters.RootDirectoryPath.Combine("tools/DependencyCheck.Runner.Tool.3.2.1/tools/bin").CombineWithFilePath("dependency-check.bat").ToString(), 
+            "org.owasp.dependencycheck.App %CMD_LINE_ARGS%",
+            "org.owasp.dependencycheck.App --disableYarnAudit %CMD_LINE_ARGS%"
+        );
+    };
+
     var DependencyCheckSettings = new DependencyCheckSettings {
         Project = BuildParameters.ProductName,
         Scan    = BuildParameters.SourceDirectoryPath.FullPath,

diff --git a/Chocolatey.Cake.Recipe/Content/toolsettings.cake b/Chocolatey.Cake.Recipe/Content/toolsettings.cake
@@ -27,6 +27,7 @@ public static class ToolSettings
     public static FilePath EazfuscatorToolLocation { get; private set; }
     public static string AmazonLambdaGlobalTool { get; private set; }
     public static string DependencyCheckTool { get; private set; }
+    public static bool DependencyCheckDisableYarnAudit { get; private set; }
     public static string DotNetFormatGlobalTool { get; private set; }
     public static string GitVersionGlobalTool { get; private set; }
     public static string GitVersionTool { get; private set; }
@@ -109,7 +110,8 @@ public static class ToolSettings
         List<string> scriptAnalyzerExcludePaths = null,
         string testCoverageExcludeByAttribute = null,
         string testCoverageExcludeByFile = null,
-        string testCoverageFilter = null
+        string testCoverageFilter = null,
+        bool dependencyCheckDisableYarnAudit = false
     )
     {
         context.Information("Setting up tools...");
@@ -125,6 +127,13 @@ public static class ToolSettings
         TestCoverageExcludeByFile = testCoverageExcludeByFile ?? "*/*Designer.cs;*/*.g.cs;*/*.g.i.cs";
         TestCoverageFilter = testCoverageFilter ?? string.Format("+[{0}*]* +[{1}*]* -[*.tests]* -[*.Tests]*", BuildParameters.Title, BuildParameters.Title.ToLowerInvariant());
 
+        DependencyCheckDisableYarnAudit = dependencyCheckDisableYarnAudit;
+
+        if (context.HasArgument("dependencyCheckDisableYarnAudit"))
+        {
+            DependencyCheckDisableYarnAudit = context.Argument<bool>("dependencyCheckDisableYarnAudit");
+        }
+
         // We only use MSBuild when running on Windows. Elsewhere, we use XBuild when required. As a result,
         // we only need to detect the correct version of MSBuild when running on WIndows, and when it hasn't
         // been explicitly set.