Include option to exclude some maven test dependencies from the build-info

jfrog / jfrog-cli

JFrog CLI is a client that provides a simple interface that automates access to the JFrog products.

https://www.jfrog.com/confluence/display/CLI/JFrog+CLI

Apache License 2.0

520 stars 223 forks source link

Include option to exclude some maven test dependencies from the build-info #1893

Open shashwathrai opened 1 year ago

shashwathrai commented 1 year ago

Is your feature request related to a problem? Please describe. Include an option to exclude some maven dependencies based on scope(Eg: test) from the build-info being pushed to Artifactory.

Describe the solution you'd like to see We would like to have an option in jfrog-cli to exclude maven test dependencies from the build-info.

Describe alternatives you've considered NA

Additional context NA

yahavi commented 1 year ago

Hi @shashwathrai, Thanks for using the JFrog CLI.

The build-info represents the actual status of the build and therefore excluding information from it would impact its reliability. What is the reason you'd like to achieve this goal?

wilvdb commented 3 months ago

We have the same need. Our customers don't want to get security violations from xray scanning (jfrog build-scan) on test dependencies.