Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Settings gradle detection #785

Merged
merged 9 commits into from
Jan 28, 2022
Merged

Settings gradle detection #785

merged 9 commits into from
Jan 28, 2022

Conversation

csasarak
Copy link
Contributor

@csasarak csasarak commented Jan 27, 2022
edited

Overview

In newer versions of gradle, there may only be a settings.gradle file in a project root directory. We would not be able to discover subprojects in this case and would report no dependencies.

Acceptance criteria

Detect when a project has a top-level file starting with settings.gradle without a build.gradle and also run discovery.

Testing plan

I tested with some sample repositories that had settings.gradle only in their root directories. These included projects in Java/Kotlin. I also wrote an integration test which tests both a real repository (spring-boot) with both files in its root and one of the samples with only settings.gradle.

This project will fail currently on master. On this branch it succeeds and reports dependencies.

Risks

Highlight any areas that you're unsure of, or want reviewers to pay particular attention to.

As part of the integration testing I extended some code in TestFixtureUtils.hs to support more archive formats than just .tar.gz. Please look at how it detects which extraction function to use and also how it reports errors.

References

Closes fossas/team-analysis#846

Checklist

  • I added tests for this PR's change (or confirmed tests are not viable).
  • If this PR introduced a user-visible change, I added documentation into docs/.
  • I updated Changelog.md if this change is externally facing. If this PR did not mark a release, I added my changes into an # Unreleased section at the top.
  • I updated *schema.json if I have made changes for .fossa.yml, fossa-deps.{json, yaml, yml}. You may also need to update these if you have added/removed new dependency (e.g. pip) or analysis target type (e.g. poetry).
  • I linked this PR to any referenced GitHub issues, if they exist.

@csasarak csasarak marked this pull request as ready for review January 27, 2022 21:48
@skilly-lily
Copy link
Contributor

Looks like the dep-scan job is stuck. Cancelling doesn't work. Can you push a new commit so that it resubmits?

skilly-lily
skilly-lily approved these changes Jan 27, 2022
View reviewed changes
Copy link
Contributor

@skilly-lily skilly-lily left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can probably mark a release here, go ahead and update the changelog with 3.0.17 and ping me for details on releasing if you need to.

integration-test/Analysis/GradleSpec.hs Outdated Show resolved Hide resolved
integration-test/Analysis/GradleSpec.hs Outdated Show resolved Hide resolved
@csasarak csasarak merged commit c0eada6 into master Jan 28, 2022
@csasarak csasarak deleted the settings-gradle-detection branch January 28, 2022 21:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@skilly-lily skilly-lily skilly-lily approved these changes

@meghfossa meghfossa Awaiting requested review from meghfossa

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@csasarak @skilly-lily