search

chocolatey-community / chocolatey-community-validation

Chocolatey CLI extension to bring community package validation rules to the console
Apache License 2.0
1 stars 4 forks source link

Allow CPMR0024 exemptions for packages that have a prerelease component in the software name #47

Closed TheCakeIsNaOH closed 1 day ago

TheCakeIsNaOH commented 1 month ago

Checklist

Is Your Feature Request Related To A Problem? Please describe.

There are a couple of packages that install software that has a prerelease component in the software name. Therefore, they have a package ID which contains a prerelease string. This causes problems for the package maintainers, and for people using these packages in internal repositories (e.g. when repacking after internalizing).

Examples: https://community.chocolatey.org/packages/betaflight-configurator https://community.chocolatey.org/packages/alphacloud.msbuild.xslt.portable

Describe The Solution. Why is it needed?

Allow some sort of way to still keep packing these packages without having to completely uninstall the validation extension.

This potentially could be implemented as an allow list (because the list of affected packages is very small), either hard-coded into the extension, or as a separate config value. Alternatively, the rule could be reduced in severity so as to still allow packing these packages.

Additional Context

No response

Related Issues

No response

pauby commented 1 month ago

Alternatively, the rule could be reduced in severity so as to still allow packing these packages.

The rules are intended to match the severity that Package Validator applies to them. If we change the severity in this extension, it means:

  1. Packages that go through the extension will fail Package Validator which means there is a mismatch in rules being applied, confusion for maintainers and I would suggest weakens the extension.
  2. We have to now contend with 1 rule and two different applied severities in two different places, making it a challenge to maintain.

Perhaps this is a change to the rule in CCR rather than here.

AdmiringWorm commented 1 day ago

As Paul said, this extension is for mimicking the rules already in place for Package Validator (as well as testing out new rules not yet implemented), so changing the severity or allowing a rule bypass will not be happening in this extension (if they ever get configurable, it will be in one of the main projects of Chocolatey, not this extension directly).

If a rule should change its severity and has been implemented in Package Validator, that is where it needs to be changed first before it is considered here.

For this reason, I will be closing this issue, if you still think it is best to change the severity, or something needs to change, the appropriate place would be to open an issue over at https://github.com/chocolatey/home where it can be discussed properly.