New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support multiple "package file" types in a single run #142

Open
jessehouwing opened this Issue Mar 30, 2018 · 4 comments

Comments

Projects
None yet
2 participants
@jessehouwing
Contributor

jessehouwing commented Mar 30, 2018

In .NET projects it's common to have both a packages.config and a project.json. It would be nice if we could specify multiple "files to scan" when running snyk or snyk automatically detecting all applicable files in the current directory.

These two dependency files are generally used to:

  • Bring in front-end javascript dependencies through npm
  • Bring in back-end and rendering extensions to ASP.NET MVC through NuGet
@jessehouwing

This comment has been minimized.

Contributor

jessehouwing commented Mar 30, 2018

I'd love to be able to pass Snyk a (list of) project files using a glob. Or even a list of full paths and then I can do the globbing myself. Being able to pass in a Visual Studio Solution file would also work ;).

Then have them all be tested, monitored in a single run. That way I can test a complete Visual Studio solution, which, in the end, delivers a single packaged application.

It makes more sense to be able to monitor the whole, instead of each individual sub-project.

@adrukh

This comment has been minimized.

Member

adrukh commented Mar 30, 2018

@jessehouwing 👋

With our .NET support released in December 2017 we made some decisions and improvements on our CLI. Namely:

  • Solution scanning & snapshotting is available with snyk test --file=Solution.sln or snyk monitor --file=Solution.sln. This runs a separate test for each project path mentioned in the solution file.
  • Better support for multiple paths scanning in one go: snyk test path1 path2 path3, where pathN is a path to a project folder (not a manifest file). Each path's manifest file will be auto-detected (doesn't have to be the same across all paths).
  • To force the CLI to a specific manifest file in all paths: snyk test --file=packages.config path1 path2 path3
  • What we still don't have is the ability to test explicit different manifest files in a single command. Not seeing a reason not to support this, but cannot promise a specific timeline yet.

Hope this helps, let me know how you get along!

@jessehouwing

This comment has been minimized.

Contributor

jessehouwing commented Mar 30, 2018

@adrukh

This comment has been minimized.

Member

adrukh commented Mar 30, 2018

I'd be forever grateful if you could suggest a PR to our CLI help - https://github.com/snyk/snyk/tree/master/help

🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment