search

phylum-dev / cli

Command line interface for the Phylum API
https://phylum.io
GNU General Public License v3.0
99 stars 10 forks source link

Odd format detection for csproj files #1436

Open kylewillmon opened 1 month ago

kylewillmon commented 1 month ago

The phylum command treats .csproj files differently when passed as arguments to the command line as opposed to when they are found by a directory search... Specifically, running phylum parse sample.csproj will detect the file as type msbuild, while running phylum parse with no files and letting the tool find it will detect the file as nugetlock.

(The specifics here will change after #1435 is merged, but this problem may extend to other formats, so I wanted to track it separately)

> phylum status
Project: null
Group: null
Project Root: null
Dependency Files:
 - path: ./sample.csproj
   type: nugetlock
> phylum analyze -p foo sample.csproj
✅ Successfully parsed dependency file "sample.csproj" as type "msbuild"
cd-work commented 1 month ago

What's your suggested resolution here? Do you want to verify that all parsers match the behavior with and without he file explicitly specified, or do you want to change the code so this is always guaranteed to be consistent?

While changing things to ensure consistency might make sense, I'm not too surprised that these behave differently considering they approach the problem from opposite ends.

kylewillmon commented 1 month ago

Do you want to verify that all parsers match the behavior with and without he file explicitly specified, or do you want to change the code so this is always guaranteed to be consistent?

I think either approach would be fine. I believe #1435 has fixed the issue for csproj files, but I'd still like to make sure this isn't happening with any other file types.