Fast, portable and reliable dependency analysis for any codebase. Supports license & vulnerability scanning for large monoliths. Language-agnostic; integrates with 20+ build systems.
Downgrades version mismatch in the Package.resolved file to a warning, if parsing otherwise succeeds. If parsing fails because the actual shape of the data changes in a backwards-incompatible way, that will still be an error.
[x] I added tests for this PR's change (or explained in the PR description why tests don't make sense).
[x] If this PR introduced a user-visible change, I added documentation into docs/.
[x] If this PR added docs, I added links as appropriate to the user manual's ToC in docs/README.ms and gave consideration to how discoverable or not my documentation is.
[x] If this change is externally visible, I updated Changelog.md. If this PR did not mark a release, I added my changes into an # Unreleased section at the top.
[x] If I made changes to .fossa.yml or fossa-deps.{json.yml}, I updated docs/references/files/*.schema.json AND I have updated example files used by fossa init command. You may also need to update these if you have added/removed new dependency type (e.g. pip) or analysis target type (e.g. poetry).
[x] If I made changes to a subcommand's options, I updated docs/references/subcommands/<subcommand>.md.
Overview
Resolves ANE-1739:
Package.resolved
file to a warning, if parsing otherwise succeeds. If parsing fails because the actual shape of the data changes in a backwards-incompatible way, that will still be an error.Acceptance criteria
SwiftPM v3 files can be parsed.
Testing plan
I added an automated test for this and I am relying on that.
Risks
None
Metrics
None
References
Resolves: https://fossa.atlassian.net/browse/ANE-1739
Checklist
docs/
.docs/README.ms
and gave consideration to how discoverable or not my documentation is.Changelog.md
. If this PR did not mark a release, I added my changes into an# Unreleased
section at the top..fossa.yml
orfossa-deps.{json.yml}
, I updateddocs/references/files/*.schema.json
AND I have updated example files used byfossa init
command. You may also need to update these if you have added/removed new dependency type (e.g.pip
) or analysis target type (e.g.poetry
).docs/references/subcommands/<subcommand>.md
.