feat: [OSM-801] Rewrite of dependency graph generation for `v2` parser

snyk / snyk-nuget-plugin

Basic Snyk CLI plugin for .NET support.

Other

5 stars 14 forks source link

feat: [OSM-801] Rewrite of dependency graph generation for `v2` parser #196

Closed dotkas closed 9 months ago

dotkas commented 9 months ago

Thanks to the wonders of beta testing, we've found a much cleaner way to generate the same dependency graph with much less code and more accurate results. Long story short, we were relying way too much on the assets.json file over the deps.json file.

It was disclosed by a bug that introduced the wrong transitive dependency version.

There is a ton of depGraph tests, and they're all still passing. 🟢 ... except for that one which turned out to be wrong. 😑

snyksec commented 9 months ago

:tada: This PR is included in version 2.3.0 :tada:

The release is available on:

npm package (@latest dist-tag)
GitHub release

Your semantic-release bot :package::rocket: