Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skip Auto-installation in Audit Sca scan if requested by user #191

Open
wants to merge 16 commits into
base: dev
Choose a base branch
from
Open

Skip Auto-installation in Audit Sca scan if requested by user #191

wants to merge 16 commits into from
+237 −50

Conversation

eranturgeman
Copy link
Contributor

@eranturgeman eranturgeman commented Sep 25, 2024
edited
Loading

  • The pull request is targeting the dev branch.
  • The code has been validated to compile successfully by running go vet ./....
  • The code has been formatted properly using go fmt ./....
  • All static analysis checks passed.
  • All tests have passed. If this feature is not already covered by the tests, new tests have been added.
  • All changes are detailed at the description. if not already covered at JFrog Documentation, new documentation have been added.

This PR contain all changes and additions to enable a new ability that allows to request skipping auto install in a project that is not installed and not specifically forced to install (using provision of an install command)
This ability is available for Yarn and NPM only as for now.

Linked PR: jfrog/build-info-go#277

@eranturgeman eranturgeman added new feature Automatically generated release notes safe to test Approve running integration tests on a pull request labels Sep 25, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 25, 2024
@github-actions GitHub Actions
Copy link

👍 Frogbot scanned this pull request and did not find any new security issues.

@eranturgeman eranturgeman mentioned this pull request Sep 25, 2024
Open
4 tasks
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 25, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 25, 2024
attiasas
attiasas requested changes Sep 29, 2024
View reviewed changes
Copy link
Contributor

@attiasas attiasas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would also add it as a flag option to audit - --skip-install. we will need this in the future for the integrated tools

commands/audit/sca/npm/npm_test.go Outdated Show resolved Hide resolved
commands/audit/sca/npm/npm_test.go Show resolved Hide resolved
commands/audit/sca/yarn/yarn.go Show resolved Hide resolved
commands/audit/scarunner.go Outdated Show resolved Hide resolved
@eranturgeman
Copy link
Contributor Author

@attiasas Af for the comment you left - I will open a Jira ticket to add the flag, as this is not part of the current feature

@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@eranturgeman
Merge branch 'dev' of https://github.com/jfrog/jfrog-cli-security int…
6caa0bf 
…o skip-scan-if-auto-install-skipped-in-uninstalled-project
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Sep 30, 2024
@eranturgeman eranturgeman added the safe to test Approve running integration tests on a pull request label Oct 1, 2024
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Oct 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@attiasas attiasas attiasas requested changes

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
new feature Automatically generated release notes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@eranturgeman @attiasas