Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve pnpm support #1752

Merged
merged 1 commit into from
Apr 21, 2023
Merged

Improve pnpm support #1752

merged 1 commit into from
Apr 21, 2023

Conversation

shanedell
Copy link
Contributor

Improve pnpm support

  • Parse packages section from pnpm-lock.yaml to get transitive dependencies.
  • Should add support for getting dependencies from pnpm-lock.yaml files that use workspaces.
    • This is due to the fact all dependencies should get listed under the packages section.

Closes #1535

@shanedell shanedell force-pushed the improve-pnpm-support branch from 02578af to 99353cb Compare April 20, 2023 11:59
@shanedell
Copy link
Contributor Author

Wasn't sure if its better to only parse the packages section as that will list all dependencies so I left the parsing of the main dependencies section and then added parsing the packages section. Would it be preferred to only parse only packages instead of both dependencies and packages? This would require an update to pnpm-lock.yaml used for testing so it would list all items under packages.

@shanedell
Improve pnpm support
60cd03f 
- Parse packages section from pnpm-lock.yaml to get transitive dependencies.
- Should add support for getting dependencies from pnpm-lock.yaml files that use workspaces.
  - This is due to the fact all dependencies should get listed under the packages section.

Closes anchore#1535

Signed-off-by: Shane Dell <shanedell100@gmail.com>
@shanedell shanedell force-pushed the improve-pnpm-support branch from 99353cb to 60cd03f Compare April 21, 2023 17:42
@shanedell shanedell requested a review from kzantow April 21, 2023 17:42
kzantow
kzantow approved these changes Apr 21, 2023
View reviewed changes
Copy link
Contributor

@kzantow kzantow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@kzantow kzantow enabled auto-merge (squash) April 21, 2023 17:55
@kzantow kzantow merged commit 13485ca into anchore:main Apr 21, 2023
@kzantow kzantow mentioned this pull request Apr 26, 2023
Closed
spiffcs added a commit that referenced this pull request Apr 26, 2023
@spiffcs
Merge branch 'main' into 1577-license-revamp
67def34 
* main:
  chore(deps): bump modernc.org/sqlite from 1.21.2 to 1.22.0 (#1758)
  chore: go-rpmdb update (#1757)
  chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.1-0.20221222100750-41a1ac565cce to 0.7.1 (#1706)
  fix: Improve pnpm support (#1752)
  feat: Add template func `hasField` (#1754)
  fix: only cache java packages and not source content (#1750)

Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
@shanedell shanedell deleted the improve-pnpm-support branch May 3, 2023 00:29
@kzantow kzantow mentioned this pull request May 3, 2023
Merged
This was referenced May 8, 2023
Closed
Merged
Closed
Merged
Closed
Closed
Closed
Closed
This was referenced May 22, 2023
Merged
Closed
Closed
Closed
GijsCalis pushed a commit to GijsCalis/syft that referenced this pull request Feb 19, 2024
@shanedell
fix: Improve pnpm support (anchore#1752)
e28781a 
Signed-off-by: Shane Dell <shanedell100@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kzantow kzantow kzantow approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve pnpm support
2 participants
@shanedell @kzantow