Conversation
Signed-off-by: jase88 <[email protected]>
Signed-off-by: jase88 <[email protected]>
jkowalleck
left a comment
jkowalleck
left a comment
There was a problem hiding this comment.
Thank you for the contribution, @jase88 .
I had a quick review and found some remarks.
Signed-off-by: jase88 <[email protected]>
Signed-off-by: jase88 <[email protected]>
Signed-off-by: jase88 <[email protected]>
Signed-off-by: jase88 <[email protected]>
Thank you @jkowalleck. I have made some changes and am happy to receive further feedback |
| */ | ||
|
|
||
| import { existsSync } from 'node:fs' | ||
| import * as path from 'node:path' |
There was a problem hiding this comment.
the node: notation, this might not work on node14.0 -- which is a supported branch.
will add additional CI tests and have it tested
There was a problem hiding this comment.
test run including node 14.0.0
https://github.com/CycloneDX/cyclonedx-node-npm/actions/runs/7114640707/job/19369091011?pr=1129
There was a problem hiding this comment.
tests with node14.0.0 do not complete due to a transitive dependency that is not installable.
|
first of all, thanks you for the contribution. Some (transitive) dependencies are not available for node14.0.0. see https://github.com/CycloneDX/cyclonedx-node-npm/actions/runs/7114640707/job/19369116439?pr=1129#step:4:2384 I tried out your implementation, and here are the things i don't like:
|
Signed-off-by: jase88 <[email protected]>
Signed-off-by: jase88 <[email protected]>
so raising to node
should be fixed by now.
couldn't figure out why, will have a closer look at the docs next days.
you don't want to see any timestamp or you don't like the format of the timestamp? |
It is no bulk output at the end. You can test it with some deferral like |
Do not want to see any timestamps at all.
for my tests, it was. for a second of delay no output was sent at all, then all was sent as a bulk. sometimes right BEFORE the SBOM, sometimes right after the SBOM. $ ./bin/cyclonedx-npm-cli.js --verbosity debug
{
"$schema": "http://cyclonedx.org/schema/bom-1.4.schema.json",
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"version": 1,
....
"ref": "@oozcitak/[email protected]",
"dependsOn": [
"@oozcitak/[email protected]",
"@oozcitak/[email protected]"
]
},
{
"ref": "@oozcitak/[email protected]"
}
]
}[2023-12-07 12:02:20.950] DEBUG: options: {"verbosity":"debug","ignoreNpmErrors":false,"packageLockOnly":false,"omit":[],"flattenComponents":false,"shortPURLs":false,"specVersion":"1.4","outputFormat":"JSON","outputFile":"-","validate":true,"mcType":"application"}
[2023-12-07 12:02:20.951] DEBUG: packageFile: .../cyclonedx-node-npm/package.json
[2023-12-07 12:02:20.951] INFO: projectDir: .../cyclonedx-node-npm
[2023-12-07 12:02:20.951] DEBUG: detected a node_modules dir
[2023-12-07 12:02:20.953] DEBUG: BomBuilder > makeNpmRunner caused execSync "npm"
[2023-12-07 12:02:20.953] INFO: BomBuilder > detect NPM version ...
[2023-12-07 12:02:21.673] DEBUG: BomBuilder > detected NPM version '9.4.2'
[2023-12-07 12:02:21.673] INFO: BomBuilder > gather dependency tree ...
[2023-12-07 12:02:21.673] DEBUG: BomBuilder > npm-ls: run npm with ["ls","--json","--long","--all"] in '.../cyclonedx-node-npm'
[2023-12-07 12:02:23.267] INFO: BomBuilder > build BOM ... |
Signed-off-by: jase88 <[email protected]>
|
see #1131 |
2 participants
fixes: #158
pino. See GitHub or Docs--verbositylevel with optionsdebugerrorfatalwarn(default)infotracesilentSTDERR