snyksec
commented
4 years ago :tada: This PR is included in version 3.3.1 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
Closed anthogez closed 4 years ago
snyksec
commented
4 years ago :tada: This PR is included in version 3.3.1 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
What does this PR do?
This PR, brings the initial support of graphs to this snyk-cli plugin. At the moment with the change of data structure from Tree to Graph on the gradle task, we are avoiding OOM on java heap while executing it to load a huge amount of projects, but while we do not change snyk-cli contract rules to allow it of receives Acyclic depGraphs from plugins, we are converting processed graphs back to depTree out of the gradle task. Once the contract rules of cli changes, the convertDepGraphToDepTree method will be deleted.
I would like to point out that at the moment only Gradle v3+ will be using the initial new graph support, we kept for now v2 with the previously gradle task that we had and it's now considered as legacy.
With gradual steps, tests will be rewritten more concise with Jest and with new purposes too.