bmvermeer
commented
4 years ago Hi @bradennapier, I dont really understand the problem. Can you provide an example so I better understand the issue? Thanks :)
Closed bradennapier closed 4 years ago
bmvermeer
commented
4 years ago Hi @bradennapier, I dont really understand the problem. Can you provide an example so I better understand the issue? Thanks :)
akan01n
commented
4 years ago Nice extension, great work.
I think the problem @bradennapier is referring to is the relative path for own components. When you configure paths you do not need to do import X from '../../../file' and instead use import X from 'file'.
I have this same problem (I am not using typescript).. my folder is called views in 'src/views' so I use import X from 'views/message' for example and the plugin is scanning for views NPM package and saying that I have 1 vuln because NPM package views@1.0.2 has a vuln.
I am showing an image to make things clear.
If the extensions is able to know when you are importing a NPM package or your own component using relative path, it will be cool.
Thanks. :)
bradennapier
commented
4 years ago Yes sorry -- and great extension if we can fix that! I was half asleep so didn't mean to be so short but I would have forgotten to post otherwise!
Thanks for the assist @davirdasilva
Ideally you would scan the typescript paths to auto determine the right module names to potentially ignore but also provide a manner for providing a pattern to ignore -- like src/ where any folders in src folder are then known as user modules
bmvermeer
commented
4 years ago marketplace release contains this update
Snyx added warnins to every file in my project so i removed this a few seconds later because it kept saying add your project when i was just including my own files within the project using the tsconfig.json paths property.
You should add the ability to resolve paths to not flag those or provide templates to ignore on