feat: add rootComponentVCS configuration#1350
Conversation
resolves CycloneDX#1344 Signed-off-by: Jeremy Long <jeremy.long@gmail.com>
Signed-off-by: Jeremy Long <jeremy.long@gmail.com>
| "comment": "as detected from PackageJson property \\"bugs.url\\"" | ||
| }, | ||
| { | ||
| "url": "git+https://github.com/CycloneDX/cyclonedx-webpack-plugin.git#tests/integration/feature-issue1344-no-detect", |
There was a problem hiding this comment.
is this not expected to be overridden via config, right?
There was a problem hiding this comment.
We do not override based on the config. I specifically stated in the documentation that it would only be set if autodetect was disabled or a VCS was not defined in the package.json. I'm okay if we change this behavior.
This comment was marked as resolved.
This comment was marked as resolved.
jkowalleck
left a comment
jkowalleck
left a comment
There was a problem hiding this comment.
some smaller nitpicks here and there but overall,
this feature seams to be good to go.
Co-authored-by: Jan Kowalleck <jan.kowalleck@gmail.com> Signed-off-by: Jeremy Long <jeremy.long@gmail.com>
Signed-off-by: Jeremy Long <jeremy.long@gmail.com>
Signed-off-by: Jeremy Long <jeremy.long@gmail.com>
Signed-off-by: Jeremy Long <jeremy.long@gmail.com>
src/plugin.ts
Outdated
| } | ||
| if (typeof this.rootComponentVCS === 'string' && | ||
| this.rootComponentVCS.length > 0 && | ||
| !component.externalReferences.values().some(ref => ref.type === CDX.Enums.ExternalReferenceType.VCS)) { |
There was a problem hiding this comment.
sorry, i proposed an invalid optimization here.
TIL Iterator.prototype.some() is not available on platforms this tool intends to support.
node 14.0.0 to node 21.0.0
(new Set([1,2,3])).values().some(i => i === 1)
Uncaught TypeError: (new Set([1,2,3])).values(...).some is not a function
added a polyfill for this purpose: 7ce6946
Signed-off-by: Jan Kowalleck <jan.kowalleck@gmail.com>
|
Thank you for donating this feature, @jeremylong |
|
this feature was released via https://github.com/CycloneDX/cyclonedx-webpack-plugin/releases/tag/v3.17.0 |
|
@jkowalleck thank you! |
2 participants
@jkowalleck I know you indicated you would not accept adding the configuration for
rootComponentVCS. However, becauseauto-detectcan be disabled or the VCS may not be defined in thepackage.json- this feature is important. This feature is essential for me as the pipeline I am using injects several configurations on the fly; I may not have control over what a developer does with the package.json - but I can ensure the pipeline correctly adds the VCS if it is not defined.In the spirit of the open-source license, I'm providing the code changes to implement the feature. I'm hoping you will accept this PR so that I do not have to maintain an internal fork of your project.
resolves #1344