CycloneDX / cyclonedx-webpack-plugin

Generate CycloneDX Software Bill of Materials (SBOM) from webpack bundles at compile time.

https://cyclonedx.org/

Apache License 2.0

24 stars 8 forks source link

feat: enhance `package.json` finder #1284

Closed jkowalleck closed 4 months ago

jkowalleck commented 6 months ago

in case the found package.json was invalid/insufficient, the process should traverse up and find the next one. this upwards traversal is to be stopped as soon as one of the following occurs:

the base name of the search path is node_modules
the search pat s the detected project root path

jkowalleck commented 6 months ago

closes #1237 #778

jkowalleck commented 5 months ago

oh, i have an addition, regarding yarn/pnp installs: we need also to stop traversing up, as soon as the base name ends with .zip

jkowalleck commented 4 months ago

1286 should have addressed and fixed all issues.

Thanks to @reey :+1: