Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for skipping Dependency-Check Yarn analysis #145

Closed
2 tasks done
Windos opened this issue Apr 19, 2024 · 1 comment · Fixed by #146
Closed
2 tasks done

Add support for skipping Dependency-Check Yarn analysis #145

Windos opened this issue Apr 19, 2024 · 1 comment · Fixed by #146
Assignees
@Windos
Labels
5 - Released The issue has been resolved, and released to the public for consumption Feature Issues that introduce new functionality to the project, instead of updating existing functionality
Milestone
0.27.0

Comments

@Windos
Copy link
Member

Windos commented Apr 19, 2024
edited by gep13
Loading

Checklist

  • I have verified this is the correct repository for opening this issue.
  • I have verified no other issues exist related to my request.

Is Your Feature Request Related To A Problem? Please describe.

Dependency-Check occasionally triggers Yarn analysis when it isn't needed and results in the Dependency-Check failing.

Describe The Solution. Why is it needed?

Based on setting a relevant parameter (--dependencyCheckDisableYarnAudit=true), inject the switch --disableYarnAudit into the dependency-check.bat file allowing the Yarn analysis to get toggled off when needed.

Additional Context

The Dependency-Check Cake addin is currently out of date and does not expose the ability the skip Yarn analysis via the DependencyCheckSettings.

Related Issues

N/A
@Windos Windos changed the title Add support to skip Dependency-Check Yarn analysis Add support for skipping Dependency-Check Yarn analysis Apr 19, 2024
Windos added a commit to Windos/Chocolatey.Cake.Recipe that referenced this issue Apr 19, 2024
@Windos
(chocolatey#145) Enable skipping of Yarn analysis
8322650 
During the Dependency-Check task, the Yarn Audit analysis can be
triggered even when it is not needed. This results in the task, and
build, failing.

By adding a new parameter, ShouldRunDependencyCheckYarnAnalysis,
the Yarn Audit analysis can be explicitly disabled when required.
This new parameter defaults to `true`.

This change should be revisited when Cake.DependencyCheck and
DependencyCheckTool are updated.
@Windos Windos mentioned this issue Apr 19, 2024
Merged
10 tasks
Windos added a commit to Windos/Chocolatey.Cake.Recipe that referenced this issue Apr 22, 2024
@Windos
(chocolatey#145) Enable skipping of Yarn analysis
8ef9fec 
During the Dependency-Check task, the Yarn Audit analysis can be
triggered even when it is not needed. This results in the task, and
build, failing.

By adding a new tool setting, DependencyCheckDisableYarnAudit,
the Yarn Audit analysis can be explicitly disabled when required.
This new parameter defaults to `false`.

This change should be revisited when Cake.DependencyCheck and
DependencyCheckTool are updated.
Windos added a commit to Windos/Chocolatey.Cake.Recipe that referenced this issue Apr 23, 2024
@Windos
(chocolatey#145) Enable skipping of Yarn analysis
3ca5aec 
During the Dependency-Check task, the Yarn Audit analysis can be
triggered even when it is not needed. This results in the task, and
build, failing.

By adding a new tool setting, DependencyCheckDisableYarnAudit,
the Yarn Audit analysis can be explicitly disabled when required.
This new parameter defaults to `false`.

This change should be revisited when Cake.DependencyCheck and
DependencyCheckTool are updated.
@gep13 gep13 added this to the 0.27.0 milestone Apr 26, 2024
@gep13 gep13 added Feature Issues that introduce new functionality to the project, instead of updating existing functionality 3 - Review Code has been added, and is available for review as a pull request labels Apr 26, 2024
gep13 added a commit that referenced this issue Apr 26, 2024
@gep13
Merge pull request #146 from Windos/GH-145/skip-dependencycheck-yarn-…
ba471f2 
…analysis

(#145) Enable skipping of Yarn analysis
@gep13 gep13 added 4 - Done Code has been added to the repository, and has been reviewed by a team member and removed 3 - Review Code has been added, and is available for review as a pull request labels Apr 26, 2024
gep13 added a commit that referenced this issue Apr 26, 2024
@gep13
Merge branch 'release/0.27.0'
8ed343d 
* release/0.27.0:
  (#145) Enable skipping of Yarn analysis
  (maint) synced local '.templates/' with remote '.github/GitReleaseManager/.templates/'
  (maint) Remove unnecessary comma from output
  (build) Switch to deleting old labels
  (maint) created local '.github/workflows/label-sync.yml' from remote '.github/workflows/label-sync.yml'
@gep13 gep13 added 5 - Released The issue has been resolved, and released to the public for consumption and removed 4 - Done Code has been added to the repository, and has been reviewed by a team member labels Apr 26, 2024
@choco-bot
Copy link

🎉 This issue has been resolved in version 0.27.0 🎉

The release is available on:

Your GitReleaseManager bot 📦 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Windos Windos

Labels
5 - Released The issue has been resolved, and released to the public for consumption Feature Issues that introduce new functionality to the project, instead of updating existing functionality
Projects
None yet
Milestone
0.27.0
Development

Successfully merging a pull request may close this issue.

(#145) Enable skipping of Yarn analysis Windos/Chocolatey.Cake.Recipe
3 participants
@gep13 @choco-bot @Windos