phylum-dev / cli

Command line interface for the Phylum API
https://phylum.io
GNU General Public License v3.0
103 stars 11 forks source link

Switch to dependency file terminology #1310

Closed cd-work closed 10 months ago

cd-work commented 11 months ago

This patch makes sweeping breaking changes to change the internal and public terminology to refer to a manifest or lockfile as "dependency file".

This change should also clarify some CLI interfaces where the previous terminology was asking for a lockfile, but a manifest file was accepted without clearly stating it.

Closes https://github.com/phylum-dev/cli/issues/1271.


Currently there's two major unsolved things I'm aware of:

kylewillmon commented 11 months ago

Types in phylum_types are not changed, this might be a good opportunity to get rid of it where possible since deprecation is planned?

I agree. Any types needed for CLI can (and should) be moved to this repo. If we find that they still need to be shared (which I doubt in most cases), they can be exported from the appropriate crate (e.g., phylum_lockfile)

kylewillmon commented 11 months ago

LockfileFormat enum is unchanged, this makes some sense to me since the format is still about one specific lockfile type, but I did change the public CLI interface and some internal code to refer to it as \"dependency file type\"

This seems reasonable and matches with our system of matching all manifest formats to a single associated lockfile format.

cd-work commented 10 months ago

Do we want to rename the phylum_lockfile package now?

I definitely do not want to do this. It also doesn't seem necessary because its purpose is still to parse or generate lockfiles.