Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add skip auto-install capability in ScanRepo and ScanPR for Yarn and NPM projects #758

Open
wants to merge 8 commits into
base: dev
Choose a base branch
from
Open

Add skip auto-install capability in ScanRepo and ScanPR for Yarn and NPM projects #758

wants to merge 8 commits into from

Conversation

eranturgeman
Copy link
Contributor

@eranturgeman eranturgeman commented Sep 25, 2024
edited
Loading

  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • This pull request is on the dev branch.
  • I used gofmt for formatting the code before submitting the pull request.
  • Update documentation about new features / new supported technologies

This PR enables new ability to ScanRepository and ScanPr flows.
This new ability allows to the user to provide a new env var: JF_SKIP_AUTO_INSTALL
This env var forces the scanning process (and hence the fixing process) to skip un-installed directories and to exclude them from SCA scans.
This ability is currently supported only for Yarn and NPM projects.
Linked PRs:
jfrog/build-info-go#277
jfrog/jfrog-cli-security#191

@eranturgeman eranturgeman added safe to test Approve running integration tests on a pull request new feature Automatically generated release notes labels Sep 25, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 25, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 25, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 25, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 25, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 25, 2024
attiasas
attiasas approved these changes Sep 29, 2024
View reviewed changes
Copy link
Contributor

@attiasas attiasas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@github-actions GitHub Actions
Copy link
Contributor

👍 Frogbot scanned this pull request and did not find any new security issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@attiasas attiasas attiasas approved these changes

Assignees
No one assigned
Labels
new feature Automatically generated release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@eranturgeman @attiasas