Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(test, monitor): use --strict-out-of-sync when set to false with pnpm for top level dependencies #5704

Merged
merged 1 commit into from
Feb 3, 2025
Merged

fix(test, monitor): use --strict-out-of-sync when set to false with pnpm for top level dependencies #5704

merged 1 commit into from
Feb 3, 2025

Conversation

gemaxim
Copy link
Contributor

@gemaxim gemaxim commented Feb 3, 2025
edited
Loading

Pull Request Submission Checklist

  • Follows CONTRIBUTING guidelines
  • Includes detailed description of changes
  • Contains risk assessment (Low | Medium | High)
  • Highlights breaking API changes (if applicable)
  • Links to automated tests covering new functionality
  • Includes manual testing instructions (if necessary)
  • Updates relevant GitBook documentation (PR link: ___)

What does this PR do?

Bumps nodejs-lockfile-parser and snyk-nodejs-plugin with a fix in pnpm for --strict-out-of-sync=false option. Previously, even though this option was set to false, we would still throw the error for top level dependencies.
Changes in this PR: snyk/nodejs-lockfile-parser#261.

Where should the reviewer start?

Tests in the lockfile parser are included in the above PR for all lockfile versions.
Updated acceptance test for pnpm in this cli PR.

How should this be manually tested?

Create a project with files included in the fixtures ( example ). Run snyk test --strict-out-of-sync=false succesfully. snyk test should fail with OutOfSync error.

@gemaxim gemaxim requested a review from a team as a code owner February 3, 2025 07:53
@gemaxim gemaxim self-assigned this Feb 3, 2025
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Feb 3, 2025
edited
Loading

Warnings
⚠️

"fix: use --strict-out-of-sync when set to false with pnpm for top level dependencies" is too long. Keep the first line of your commit message under 72 characters.

Generated by 🚫 dangerJS against 8d5b71a

@gemaxim gemaxim force-pushed the fix/OSM-2329/pnpm-fix-check-out-of-sync-option branch from 2fc9199 to a4cb019 Compare February 3, 2025 08:21
@thisislawatts
Copy link
Member

Issue(blocking): Could you reword the commit slightly, so it will be easier to read when compiled into our release notes. For example:
fix: use --strict-out-of-sync when set to false with pnpm for top level dependencies

@gemaxim gemaxim force-pushed the fix/OSM-2329/pnpm-fix-check-out-of-sync-option branch from a4cb019 to e7ea312 Compare February 3, 2025 08:51
@gemaxim gemaxim changed the title fix(test, monitor): fix --strict-out-of-sync set to false in pnpm for top level dependencies fix(test, monitor): use --strict-out-of-sync when set to false with pnpm for top level dependencies Feb 3, 2025
@gemaxim gemaxim force-pushed the fix/OSM-2329/pnpm-fix-check-out-of-sync-option branch from e7ea312 to 8d5b71a Compare February 3, 2025 11:12
@gemaxim gemaxim merged commit b03974d into main Feb 3, 2025
7 checks passed
@gemaxim gemaxim deleted the fix/OSM-2329/pnpm-fix-check-out-of-sync-option branch February 3, 2025 12:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thisislawatts thisislawatts thisislawatts approved these changes

Assignees

@gemaxim gemaxim

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gemaxim @thisislawatts