-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Settings gradle detection #785
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
csasarak
force-pushed
the
settings-gradle-detection
branch
from
January 27, 2022 21:44
6594be7
to
c2404f1
Compare
Looks like the dep-scan job is stuck. Cancelling doesn't work. Can you push a new commit so that it resubmits? |
skilly-lily
approved these changes
Jan 27, 2022
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We can probably mark a release here, go ahead and update the changelog with 3.0.17
and ping me for details on releasing if you need to.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
In newer versions of gradle, there may only be a
settings.gradle
file in a project root directory. We would not be able to discover subprojects in this case and would report no dependencies.Acceptance criteria
Detect when a project has a top-level file starting with
settings.gradle
without abuild.gradle
and also run discovery.Testing plan
I tested with some sample repositories that had
settings.gradle
only in their root directories. These included projects in Java/Kotlin. I also wrote an integration test which tests both a real repository (spring-boot) with both files in its root and one of the samples with onlysettings.gradle
.This project will fail currently on master. On this branch it succeeds and reports dependencies.
Risks
Highlight any areas that you're unsure of, or want reviewers to pay particular attention to.
As part of the integration testing I extended some code in
TestFixtureUtils.hs
to support more archive formats than just.tar.gz
. Please look at how it detects which extraction function to use and also how it reports errors.References
Closes fossas/team-analysis#846
Checklist
docs/
.Changelog.md
if this change is externally facing. If this PR did not mark a release, I added my changes into an# Unreleased
section at the top.*schema.json
if I have made changes for.fossa.yml
,fossa-deps.{json, yaml, yml}
. You may also need to update these if you have added/removed new dependency (e.g. pip) or analysis target type (e.g. poetry).