You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug #5025 added support for scanning poetry-style Python dependencies (thanks, by the way!). However, it looks like when running with --enableExperimental, you cannot disable the poetry scan.
Describe the bug
#5025 added support for scanning poetry-style Python dependencies (thanks, by the way!). However, it looks like when running with
--enableExperimental
, you cannot disable the poetry scan.It looks like a
--disablePoetry
flag was intended to be introduced in https://github.com/nerdinand/DependencyCheck/blob/afd165b02ad0bfa1e46845797f19c6bbeb058768/cli/src/main/java/org/owasp/dependencycheck/CliParser.java#L1249, but wasn't actually added to theaddAdvancedOptions
list in https://github.com/nerdinand/DependencyCheck/blob/afd165b02ad0bfa1e46845797f19c6bbeb058768/cli/src/main/java/org/owasp/dependencycheck/CliParser.java#L343. I think just adding that option there would fix the issue?Version of dependency-check used
7.4.1
Log file
No log file is generated when invalid command line options are provided, but the output looks like:
To Reproduce
Run dependency-check with the
--disablePoetry
flag.Eg.,
Expected behavior
All scans (including experimental) will be run, except for Poetry dependencies.
Additional context
None.
The text was updated successfully, but these errors were encountered: