-
Notifications
You must be signed in to change notification settings - Fork 555
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add reachable vulnerabilities support for gradle #1422
feat: add reachable vulnerabilities support for gradle #1422
Conversation
6c1614d
to
7064c37
Compare
7205e76
to
3276847
Compare
test/reachable-vulns.test.ts
Outdated
const mavenIndex = pkgManagers.indexOf('maven'); | ||
pkgManagers.splice(mavenIndex, 1); // remove maven as it's supported | ||
const pkgManagers = Object.keys(SUPPORTED_PACKAGE_MANAGER_NAME).filter( | ||
(name: any) => !REACHABLE_VULNS_SUPPORTED_PACKAGE_MANAGERS.includes(name), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I suggest name: string
instead of name: any
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed to the right type!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@@ -79,7 +79,7 @@ | |||
"snyk-cpp-plugin": "2.0.0", | |||
"snyk-docker-plugin": "3.24.0", | |||
"snyk-go-plugin": "1.16.2", | |||
"snyk-gradle-plugin": "3.6.3", | |||
"snyk-gradle-plugin": "3.7.0", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
reviewed also changes introduced here
snyk/snyk-gradle-plugin@453a81e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My only concern is the type the rest is good to me
3276847
to
a0e7460
Compare
Expected release notes (by @darmalovan) features:
|
🎉 This PR is included in version 1.405.0 🎉 The release is available on: Your semantic-release bot 📦🚀 |
What does this PR do?
Adds reachable vulnerabilities feature support for Gradle projects.