Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SCIO: Detect frozen .NuGet dependencies locked with deplock #1263

Closed
pombredanne opened this issue Jun 10, 2024 · 3 comments
Closed

SCIO: Detect frozen .NuGet dependencies locked with deplock #1263

pombredanne opened this issue Jun 10, 2024 · 3 comments
Assignees
@AyanSinhaMahapatra @TG1999

Comments

@pombredanne
Copy link
Contributor

pombredanne commented Jun 10, 2024
edited by mjherzog
Loading

We need to collect frozen .NuGet dependencies locked with the deplock command that will be created with:

This should use the NuGet inspector that need to be bundled in the ScanCode.io Docker image and should run as part of the inspect package pipeline
@mjherzog mjherzog changed the title Detect frozen .NuGet dependencies locked with the deplock SCIO: Detect frozen .NuGet dependencies locked with the deplock Jun 11, 2024
@pombredanne pombredanne changed the title SCIO: Detect frozen .NuGet dependencies locked with the deplock SCIO: Detect frozen .NuGet dependencies locked with deplock Jun 20, 2024
@pombredanne
Copy link
Contributor Author

There are two ways to approach this:

@pombredanne pombredanne mentioned this issue Jun 21, 2024
Closed
16 tasks
@AyanSinhaMahapatra AyanSinhaMahapatra mentioned this issue Jun 26, 2024
Merged
6 tasks
AyanSinhaMahapatra added a commit to aboutcode-org/scancode-toolkit that referenced this issue Jun 26, 2024
@TG1999 @AyanSinhaMahapatra
Add handler for packages.lock.json in nuget (#3825)
e4f6267 
Add handler for packages.lock.json in nuget

Adds support for parsing resolved packages and dependency
relationships from nuget lockfile `packages.lock.json`.

Reference: aboutcode-org/scancode.io#1263
Signed-off-by: Tushar Goel <[email protected]>
Signed-off-by: Ayan Sinha Mahapatra <[email protected]>
Co-authored-by: Ayan Sinha Mahapatra <[email protected]>
@pombredanne
Copy link
Contributor Author

@TG1999 any update? Is this completed in ScanCode.io?

@pombredanne pombredanne mentioned this issue Jun 27, 2024
Merged
AyanSinhaMahapatra added a commit that referenced this issue Jul 1, 2024
@AyanSinhaMahapatra
Add tests for static dependency resolution
6641c2a 
Reference: #1262
Reference: #1263
Reference: #1278
Reference: #1279
Signed-off-by: Ayan Sinha Mahapatra <[email protected]>
AyanSinhaMahapatra added a commit that referenced this issue Jul 1, 2024
@AyanSinhaMahapatra
Add tests for static dependency resolution
332cea8 
Reference: #1262
Reference: #1263
Reference: #1278
Reference: #1279
Signed-off-by: Ayan Sinha Mahapatra <[email protected]>
@AyanSinhaMahapatra AyanSinhaMahapatra mentioned this issue Jul 1, 2024
Merged
tdruez pushed a commit that referenced this issue Jul 2, 2024
@AyanSinhaMahapatra
Update scancode-toolkit to v32.2.1 (#1305)
af15beb 
* Bump scancode-toolkit version to v32.2.1

Signed-off-by: Ayan Sinha Mahapatra <[email protected]>

* Add tests for static dependency resolution

Reference: #1262
Reference: #1263
Reference: #1278
Reference: #1279
Signed-off-by: Ayan Sinha Mahapatra <[email protected]>

---------

Signed-off-by: Ayan Sinha Mahapatra <[email protected]>
@AyanSinhaMahapatra
Copy link
Contributor

AyanSinhaMahapatra commented Jul 2, 2024
edited
Loading

This is done with:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AyanSinhaMahapatra AyanSinhaMahapatra

@TG1999 TG1999

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pombredanne @AyanSinhaMahapatra @TG1999