0c3e448850
Revert "remove variable and build arg paths"
...
This reverts commit 793e54db4d
2024-10-25 18:35:38 -07:00
793e54db4d
remove variable and build arg paths
2024-10-25 17:28:48 -07:00
af69fc4b7e
Introduce config as code support
2024-10-25 17:15:04 -07:00
402a932bc4
Bump Caching.Memory nupkg to fix Security alerts ( #1279 )
...
* Bump Caching.Memory nupkg to fix Security alerts
2024-10-17 22:38:09 -07:00
ae287518d4
Handle Go Replace Exceptions ( #1273 )
...
* handle version exceptions
* adding log warning
* adding module names
---------
Co-authored-by: Amitla Vannikumar <avannikumar@microsoft.com>
2024-10-14 15:40:48 -07:00
96cc922b48
Bump actions/checkout from 4.1.7 to 4.2.1 ( #1265 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.7 to 4.2.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](692973e3d9...eef61447b9
2024-10-14 12:40:57 -07:00
f47dbc0fb3
Bump actions/upload-artifact from 4.3.4 to 4.4.3 ( #1270 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.4 to 4.4.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](0b2256b8c0...b4b15b8c7c
2024-10-14 12:22:22 -07:00
319c39f739
Add Go Telemetry ( #1269 )
...
* add go telemetry exception message
* bumping text json version
---------
Co-authored-by: Amitla Vannikumar <avannikumar@microsoft.com>
2024-10-10 17:42:32 +00:00
950576a2ec
Move Go Replace Detector to Prod ( #1272 )
...
* move goreplace from experiments to prod
* json version
* go replace detector
* require string
---------
Co-authored-by: Amitla Vannikumar <avannikumar@microsoft.com>
2024-10-10 10:18:53 -07:00
ed4488a297
Add support for cleaning up files created by tool ( #1259 )
...
* add feature that removes some python files that are created during pip install report dry run
* move to more central file detector
* add tests and fix bugs
* remove extra dir
* fix dotnet 8 styling
* semaphore to only run a single cleanup process at a time for a given detector
* add test
* add test
* refactor to abstract file and directory operations out to allow for unit tests with a mocked file system
* break out the cleanup changes to its own abstract class
* pr feedback
* rename vars and fix tests
* torevert: quick console log for test
* revert log and add file to source control
* os agnostic test file paths
* update snapshot verify, and bump report version
* add python to verification pipeline
* adding back setup file
2024-10-03 16:49:36 -04:00
15c96f4776
Add ARM64 Runtimes ( #1255 )
...
* Add arm64 RIDs
* Simplify release YAML
* Update release.yml
* Update Microsoft.ComponentDetection.csproj
2024-10-01 09:09:11 -07:00
79ff9edf32
Adding Support for Relative Paths Go Replace Detector ( #1254 )
...
* adding go tests
* upgrade version
* unused using statement
* nit changes
* nit
* make tests more generic
* simplifying conditional statements
* simplifying
---------
Co-authored-by: Amitla Vannikumar <avannikumar@microsoft.com>
2024-09-30 15:55:47 -07:00
809f458c4a
Update Component Detection to .NET v8 ( #1249 )
...
* Initial NET 8 changes
* Resolve formatting errors, fix tests
* Fix debug log condition
* Rollback SDK version
* Update csproj refs
* Fix integration test build failures
* Potential test fix
* Set up .NET 6
* Update test csproj
2024-09-27 13:41:06 -07:00
836085312c
Add additional removal indicator ( #1245 )
...
* add additional removal indicator
* remove param
* pr feedback
2024-09-19 13:53:19 -04:00
7528c8f4fd
Revert non-PR .NET 8 commits
2024-09-16 09:27:20 -07:00
48299d735d
Fix debug log condition
2024-09-16 09:23:32 -07:00
bb9945e5ac
Resolve formatting errors, fix tests
2024-09-16 09:20:15 -07:00
7bb2afae00
Initial NET 8 changes
2024-09-10 12:57:23 -07:00
1d1e13bfa7
update packages to fix pack ( #1234 )
2024-08-23 15:27:44 -04:00
9297f055e6
Pauldorsch/fix invalid version bug ( #1232 )
...
* catch exceptions thrown from manual dependency scanning
* handle argument exceptions thrown, skipping those packages
* whitespace
* pr feedback
2024-08-22 10:07:36 -04:00
2dcd512bfa
Use MSTest meta package ( #1215 )
...
* Use MSTest meta package
This enables running MSTest Analyzers on test code to help avoid common test problems.
* Fix code coverage
* Fixes
Upgrade to latest and fix unnecessary type param
* Fix tests
* PR feedback
* Fix CC
2024-08-22 08:03:39 -04:00
00edc78bf5
Pauldorsch/pipreport version fix ( #1229 )
...
* check for valid python versions before adding to the dependency graph
* bump version
* compiled regex
2024-08-19 12:49:12 -04:00
edf0c8dc6e
Fix bug where pipreport used index-urls from requirements.txt ( #1227 )
...
* fix bug where pipreport used index urls in requirements.txt
* update tests
* docs
* add --no-input to pip install, so we do not hang waiting for user input
* pr feedback: performance and cleanup
* bump version
2024-08-19 14:28:52 +00:00
f27fe8e98e
Add support to persist pip reports ( #1224 )
...
* add support to persist pip report
* pr feedback
2024-08-12 21:22:00 +00:00
924c4ea498
Pauldorsch/fix support python m pip (unit tests) ( #1223 )
...
* add support for python -m pip
* update pip command service to accept python exe
* swap so we use pip as default
* fixing remote build
* fix tests
* add unit tests
2024-08-08 17:06:32 -04:00
84e9308790
Pauldorsch/fix support python m pip ( #1222 )
...
* add support for python -m pip
* update pip command service to accept python exe
* swap so we use pip as default
* fixing remote build
* fix tests
2024-08-08 16:30:12 -04:00
3d161b08b2
graduate pipreport ( #1219 )
2024-08-06 16:44:26 -04:00
80146ce1b9
Add logs to MvnCLI and use dictionaries to improve perf on large repos ( #1213 )
...
* Add logs to MvnCLI and use dictionaries to improve perf on large repos
* Add cancellation token to MvnCLI command
2024-07-30 15:56:59 -07:00
80cff26bd7
Fix security alert ( #1208 )
...
* Fix security alert
2024-07-22 09:01:08 -07:00
f0f16b4643
remove azure artifacts publish step ( #1206 )
2024-07-19 19:56:55 -04:00
f4d84a84e8
Pauldorsch/bugfix invalid pipreport files ( #1205 )
...
* ignore pregenerated pipreports that don't cover the correct set of dependencies
* add validation to the pre-generated pipreport to prevent underdetection for overridden reports
* dispose of telemetry object
* move re-used code to a common utility method
2024-07-19 16:09:52 -04:00
13744eeec1
Promote VCPKG detector to enabled by default ( #1203 )
2024-07-17 10:50:26 -07:00
024e2a57ce
PipReport back to experimental, add pre-generated PipReport parsing ( #1201 )
...
* revert experiment graduation, bump threads, and enable fast deps
* put reqs back
* add ability for pip to detect pregenerated reports with a specific naming scheme
* better directory handling
* improve logging
2024-07-16 15:49:35 -04:00
dd3f531747
Bump github/codeql-action from 3.25.11 to 3.25.12 ( #1202 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.11 to 3.25.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b611370bb5...4fa2a79536
2024-07-16 09:31:43 -07:00
3f18b478eb
Bump actions/setup-dotnet from 4.0.0 to 4.0.1 ( #1197 )
...
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/actions/setup-dotnet/releases )
- [Commits](4d6c8fcf3c...6bd8b7f777
2024-07-16 09:31:18 -07:00
99e6d43884
Create vcpkg.md ( #1195 )
...
* Create vcpkg.md
---------
Co-authored-by: Greg Villicana <58237075+grvillic@users.noreply.github.com>
2024-07-15 16:29:15 -07:00
0707d99b36
Revert "Move Go With Replace Detector to the Standard Go Detector" ( #1198 )
...
* Revert "go detector (#1194 )"
This reverts commit 39058c5561
2024-07-10 14:18:24 -07:00
683f30ee44
Graduate pipreport ( #1199 )
...
* graduate pipreport
* bump versions
2024-07-10 16:24:06 -04:00
a2fbc9adeb
Bump actions/upload-artifact from 4.3.3 to 4.3.4 ( #1192 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.3 to 4.3.4.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](65462800fd...0b2256b8c0
2024-07-08 14:24:26 -07:00
09a7b85dd9
Bump github/codeql-action from 3.25.10 to 3.25.11 ( #1189 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.10 to 3.25.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](23acc5c183...b611370bb5
2024-07-08 14:24:06 -07:00
39058c5561
go detector ( #1194 )
...
Co-authored-by: Amitla Vannikumar <avannikumar@microsoft.com>
2024-07-08 12:54:11 -07:00
fb9423e93c
PipReport option to fallback and parse roots from source ( #1190 )
...
* add fallback logic to pipreport for cases where we shouldn't reach out to remote feed, and should parse source instead
* add the manual detection as fallback if pip report fails
* add option to skip or fallback to a source code scan
* add docs and fix tests
* remove fallback
* add fallback back, and env var to allow for skipping fallback
2024-07-08 12:39:27 -04:00
52daf67864
Add ADO package release pipeline ( #1187 )
...
* initial commit to add ado release pipeline
* remove nuget auth task that was not used
* use internal feed for pulling
2024-06-25 12:53:48 -04:00
cf13ef1b10
fix timeout lower bound ( #1186 )
2024-06-24 14:27:37 -04:00
c20c3b0f56
Pauldorsch/reconcile dependency graph logic ( #1183 )
...
* reconcile dependency graph logic
* handle null / empty conditional vars
* remove files
* current pip detector case insensitive metadata file match
* some cleanup
* fix tests
* test with reverted reqs
* Revert "test with reverted reqs"
This reverts commit 293a4b53cc
2024-06-21 13:25:42 -07:00
2284e06a29
Go With Replace Detector no File Parsing ( #1181 )
...
* not parsing for replace module
* require
---------
Co-authored-by: Amitla Vannikumar <avannikumar@microsoft.com>
2024-06-19 15:11:43 -07:00
dafe52772a
optimize regular expression creation in NpmComponentDetector ( #1177 )
...
* optimize regular expression creation in NpmComponentDetector
* optimize regular expression creation in NpmComponentDetector
* Update src/Microsoft.ComponentDetection.Detectors/npm/NpmComponentDetector.cs
Co-authored-by: Coby Allred <cobyallred@gmail.com>
---------
Co-authored-by: Coby Allred <cobyallred@gmail.com>
2024-06-19 09:38:39 -07:00
155b742e08
Bump github/codeql-action from 3.25.9 to 3.25.10 ( #1173 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.9 to 3.25.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](530d4feaa9...23acc5c183
2024-06-17 09:59:31 -07:00
e21ed2268c
Bump codecov/codecov-action from 4.4.1 to 4.5.0 ( #1174 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 4.4.1 to 4.5.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](125fc84a9a...e28ff129e5
2024-06-17 09:59:13 -07:00
b635ce6a43
bump pip detector version ( #1175 )
2024-06-14 14:30:24 -07:00
Fernando Rojo
Greg Villicana
Amitla Vannikumar
dependabot[bot]
Paul Dorsch
Coby Allred
cobya
stan-sz
Robert Schumacher
Meir Blachman