Closed ilia-kebets-sonarsource closed 2 years ago
The API of yaml
v1.x is different from the v2.x, so it would require some refactor or impossible to make it work with Node 12.
Candidates for peach and ruling:
As the repositories where we found JS in YAML code are:
We will simply take the YAML file for the ruling. I propose to add them in its/sources/yaml/
, adding the source URL as a comment on the top of the file.
We will ignore the following formats because the parser handles spaces at the beginning of lines in a weird way:
Example:
single-quote: '
Several lines of text,
containing ''single quotes''. Escapes (like \n) don''t do anything.
'
Since the lib yaml
v1.x does not have the following features:
we estimate that refactoring this would be too much work, and we go towards the fork the lib and transpile it into Node12 path.
Elected for Peachees because from aws-samples
org which should be stable:
Lambda (block-literal formats and unsupported ones):
Serverless (plain double-quote format):
yaml
repository and transpile it into Node12 compatibleDecisions
We have decided to drop metrics and highlighting from this sprint as it is not necessary and requires coordination with SQ and other bubbles. Quickfixes are dropped from the scope as they will not be used as long as
sonar-iac
is not supported by SonarLint.In case of multiple JS snippets in a single YAML file, the API endpoint
/analyze-yaml
returns aparsingError
property if at least one of them has an error, we have chosen this "fail fast" approach for ease of implementation and so that the user can easily fix this issue and proceed with a well working analysis.