Skip to content

🚢 Ship composer and package lock files #40072

New issue
New issue
Closed
Closed
🚢 Ship composer and package lock files#40072
Assignees
blizzz
Labels
0. Needs triagePending check for reproducibility or if it fits our roadmapenhancement
Milestone
Nextcloud 27.1.0
@AndyScherzinger

Description

@AndyScherzinger
AndyScherzinger
opened on Aug 28, 2023

How to use GitHub

  • Please use the 👍 reaction to show that you are interested into the same feature.
  • Please don't comment if you have no relevant information to add. It's just extra noise for everyone subscribed to this issue.
  • Subscribe to receive notifications on status change and new comments.

Is your feature request related to a problem? Please describe.
Currently it is not possible to run a license scan on a package/build since we do not ship composer.lock and package-lock.json.

Describe the solution you'd like
Ship composer and package lock-files in our release archives for server and the apps in the release archive(s)

Describe alternatives you've considered
Currently none. A scan would be possible based on the release tags while that is not the same source as being able to do this based on the content of a release tar-ball.

Metadata

Metadata

Assignees

Labels

0. Needs triagePending check for reproducibility or if it fits our roadmapenhancement

Type

No type

Projects

📝 Office team

Status

☑️ Done
📁 Files team

Status

☑️ Done

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions