blackducksoftware / hub-detect

This is now deprecated. Please see synopsys-detect.
Apache License 2.0
38 stars 39 forks source link

IDETECT-1097: When scope applied, but in-scope components appear in an out-of-scope tree, add them to an orphans list at end of graph #378

Closed stevebillings closed 5 years ago

stevebillings commented 5 years ago

mvn dependency:tree can produce output that lists compile-scope dependencies underneath a top level test component. It happens under certain circumstances when the same component is a dependency of both the target tar and a test-scoped component. More information can be found here: https://cwiki.apache.org/confluence/display/MAVEN/Maven+3.x+Compatibility+Notes#Maven3.xCompatibilityNotes-DependencyResolution

The old behavior omits these compile-scoped dependencies when --detect.maven.scope=compile. This change adds these components to an orphans list (since there's no way to know where in the hierarchy they belong) at the end of the graph.

coveralls commented 5 years ago

Coverage Status

Coverage increased (+0.3%) to 30.775% when pulling 4d5d38c342ef42d5464cc46411bf6d31879bc233 on sb_mvnFilterTreeInDetect into 7a3243f0a15ca820c3a7570015295fb47424e56a on master.