-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added optional dependency detection for npm lockfiles (version 2 and 3) #1030
Added optional dependency detection for npm lockfiles (version 2 and 3) #1030
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1030 +/- ##
=====================================
Coverage 75.4% 75.4%
=====================================
Files 236 236
Lines 10408 10409 +1
Branches 1039 1040 +1
=====================================
+ Hits 7851 7852 +1
Misses 2267 2267
Partials 290 290 ☔ View full report in Codecov by Sentry. |
test/Microsoft.ComponentDetection.VerificationTests/resources/npm/lockfile3/package-lock.json
Outdated
Show resolved
Hide resolved
Verification test failures are expected due to addition of optional dependencies. |
src/Microsoft.ComponentDetection.Detectors/npm/NpmLockfileDetectorBase.cs
Show resolved
Hide resolved
👋 Hi! It looks like you modified some files in the
If none of the above scenarios apply, feel free to ignore this comment 🙂 |
Summary:
Currently
optionalDependencies
in npm lockfiles are not detected byNpmLockFile3Detector
andNpmDetectorWithRoots
. This is fixed by this PR.Details
optionalDependencies
are now registered same as the regular dependencies, "optional" status is not reflected in Detection.Testing
Related issue: #560