Support multiple "package file" types in a single run #142
Comments
I'd love to be able to pass Snyk a (list of) project files using a glob. Or even a list of full paths and then I can do the globbing myself. Being able to pass in a Visual Studio Solution file would also work ;). Then have them all be tested, monitored in a single run. That way I can test a complete Visual Studio solution, which, in the end, delivers a single packaged application. It makes more sense to be able to monitor the whole, instead of each individual sub-project. |
With our .NET support released in December 2017 we made some decisions and improvements on our CLI. Namely:
Hope this helps, let me know how you get along! |
Absolutely. I'll see if I can add this behavior to the VSTS tasks.
I'd love it if the commandline help would show [path] [path...] or similar
to make this more configurable.
Similar for snyk help files, which doesn't list the solution option.
On 30 Mar 2018 12:44, "Anton Drukh" <notifications@github.com> wrote:
@jessehouwing <https://github.com/jessehouwing>
|
I'd be forever grateful if you could suggest a PR to our CLI help - https://github.com/snyk/snyk/tree/master/help |
I've built this functionality for the azure pipeline task: https://github.com/jessehouwing/azure-pipelines-snyk-task/tree/features/multi |
@jessehouwing we have just released in Beta It at the moment support |
Does that auto-exclude |
It auto excludes |
@jessehouwing .Net support v1 is now out too https://github.com/snyk/snyk/releases/tag/v1.278.0 please give this a try and share any feedback you have :) |
@jessehouwing please confirm if this issue can now be closed and the feature above meets your needs? |
Woot! I'll play with it tomorrow.
…On Tue, Jan 14, 2020 at 8:53 AM Lili Kastilio ***@***.***> wrote:
@jessehouwing <https://github.com/jessehouwing> please confirm if this
issue can now be closed and the feature above meets your needs?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#142?email_source=notifications&email_token=AA724SZTC2VQZTBU3J62QMTQ5VVOTA5CNFSM4EYF2MYKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEI3UY7I#issuecomment-574049405>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AA724S2MFX2TLRDQYZFCWR3Q5VVOTANCNFSM4EYF2MYA>
.
|
I tried and ran into a few issues. Due to the project structure, I need to set the depth quite deep to have it detect everything from the project root. Our project creates a dist folder in a weird place and copies the lock files along, this seems to cause issues:
Removing our |
It looks like |
@jessehouwing could you please share an example of the manifest with declared dependencies for Dotnet Core? |
If you need a higher fidelity way to chat, I'm available on Teams, Slack, Skype, Zoom, Hangouts, you name it. |
The solution has 2 custom nuget packages, added those too should you need them. |
PS: It would be handy if this error would tell which directory it was expecting packages to be restored in.
|
Would love to arrange a chat with you regarding the .Net support for .Net core, please could you ping your email to support@snyk.io and mention this issue and myself and I will be in touch :) |
Woot. Will have a go. Teaching the rest of next week, to it may take a little to truly play with it. |
This seems to work! We need to exclude
|
Thanks @jessehouwing for testing this, can I close this issue now? |
Should I file a new issue for the logspam? |
@jessehouwing what is your expected behaviour here if some projects fail? (New ticket is good yep :)) |
Fail = Fail. Haven't looked at a parsable return value, but streaming json to the output stream would make it easier to act in whichever way we want. |
@jessehouwing you can pass |
Closing this, thanks I saw the new issues :) |
In .NET projects it's common to have both a packages.config and a project.json. It would be nice if we could specify multiple "files to scan" when running snyk or snyk automatically detecting all applicable files in the current directory.
These two dependency files are generally used to:
The text was updated successfully, but these errors were encountered: