The SCANOSS Code Scan task enhances your software development process by automatically scanning your code for security vulnerabilities and license compliance with configurable policies.
To install the SCANOSS Code Scan task, please consult the Visual Studio Marketplace guide here.
For more detailed usage instructions, please refer to the OVERVIEW.md document.
This guide provides step-by-step instructions for deploying a new package for your project. Ensure all steps are followed to maintain version consistency and successful deployment.
- Node.js: Ensure Node.js and npm are installed.
- Azure DevOps Extension Tool (tfx): Install the TFS cross-platform command-line interface (
tfx
). - jq: Install
jq
for JSON processing.
Run the following command to install the project dependencies:
make install
Before building the app, run test suites.
make test
To streamline the app versioning process for development:
-
Update the version in the package.json file.
-
Execute the following command to apply the version upgrade and build the app:
make upgrade_version_dev
To build the app for a development environment:
make package_dev
-
Generate a publishing token. For instructions on how to generate the token, refer to Publish from the Command Line.
-
Publish the app using the following command:
tfx extension publish --manifest-globs vss-extension-dev.json --publisher SCANOSS --token $MSFT_PERSONAL_ACCESS_TOKEN
-
Ensure that the version in the package.json file is updated.
-
Build the app with the following command:
make upgrade_version
To build the app for the production environment, run:
make package
-
Generate a publishing token. For instructions on how to generate the token, refer to Publish from the Command Line.
-
Publish the app using the following command:
tfx extension publish --manifest-globs vss-extension.json vss-extension-release.json --publisher SCANOSS --token $MSFT_PERSONAL_ACCESS_TOKEN