Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: use classifier in package name #108

Merged
merged 1 commit into from
Jun 10, 2021
Merged

fix: use classifier in package name #108

merged 1 commit into from
Jun 10, 2021

Conversation

gitphill
Copy link
Contributor

@gitphill gitphill commented Jun 9, 2021
edited

  • Ready for review
  • Follows CONTRIBUTING rules
  • Reviewed by Snyk internal team

What does this PR do?

When two dependencies with the same groupId and artifiactId appear in the dep tree, but they have a different classifier we should treat them as different nodes in the tree. At the moment we overwrite these nodes, which can lead to incorrect results form snyk test.

@dtrunley-snyk dtrunley-snyk requested review from dtrunley-snyk and removed request for dtrunley-snyk June 9, 2021 16:50
@gitphill gitphill force-pushed the fix/use-classifier-in-pkg-name branch from 5058272 to 4082c5d Compare June 10, 2021 11:00
@gitphill gitphill self-assigned this Jun 10, 2021
@gitphill gitphill marked this pull request as ready for review June 10, 2021 11:01
@gitphill gitphill requested a review from a team as a code owner June 10, 2021 11:01
@gitphill
fix: use classifier in package name
77bca8e 
When two dependencies with the same groupId and artifiactId appear in the
dep tree, but they have a different classifier we should treat them as
different nodes in the tree. At the moment we overwrite these nodes,
which can lead to incorrect results form snyk test.

Adding new test for duplicate dep with classifier.
Fixing parse-mvn to correctly identify each part of a dependency.
@gitphill gitphill force-pushed the fix/use-classifier-in-pkg-name branch from 4082c5d to 77bca8e Compare June 10, 2021 11:18
@mika-bar mika-bar merged commit b391bc5 into master Jun 10, 2021
@mika-bar mika-bar deleted the fix/use-classifier-in-pkg-name branch June 10, 2021 11:50
@snyksec
Copy link

snyksec commented Jun 10, 2021

🎉 This PR is included in version 2.26.1 🎉

The release is available on:

Your semantic-release bot 📦🚀

mika-bar added a commit to snyk/cli that referenced this pull request Jun 10, 2021
@mika-bar
fix: use classifier in maven package name
acfc9b2 
see snyk/snyk-mvn-plugin#108
@mika-bar mika-bar mentioned this pull request Jun 10, 2021
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dtrunley-snyk dtrunley-snyk dtrunley-snyk approved these changes

Assignees

@gitphill gitphill

Labels
released Tardis
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@gitphill @snyksec @dtrunley-snyk @mika-bar