Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add option to exclude dependency files #462

Merged
merged 9 commits into from
Aug 21, 2024
Merged

feat: add option to exclude dependency files #462

merged 9 commits into from
Aug 21, 2024

Conversation

maxrake
Copy link
Contributor

@maxrake maxrake commented Aug 19, 2024
edited
Loading

This PR adds a new feature to specify exclusions to the dependency
files found/detected when not explicitly specified by argument. The
new option accepts gitignore-style patterns, using the pathspec
third-party library.

Closes phylum-dev/roadmap#462

Testing

The changes in this PR are available for testing with the maxrake/phylum-ci:exclusions Docker image found on Docker Hub.

The changes were tested explicitly for each of the following environments:

  • Locally
  • pre-commit
  • GitHub Actions
  • Jenkins

The changes were not tested in the following environments since the syntax for pipeline specification is the same (YAML) as for GitHub Actions:

  • Azure
  • Bitbucket
  • GitLab

Output

Specifying bad patterns results in a warning:

❯ poetry run phylum-ci -vvafe '!'
---TRIMMED---
DEBUG    Exclusion patterns provided as arguments: ['!']
WARNING  Could not parse provided gitignore-style exclusion pattern!
         Invalid git pattern: '!'
         For more info, see: https://git-scm.com/docs/gitignore#_pattern_format
         Continuing without exclusions ...
---TRIMMED---

Related

phylum-dev/phylum-analyze-pr-action#39 was created to apply the same documentation updates for the GitHub Action. That one will not be merged until after the changes from this PR have been approved, merged, and a release created from it.

@maxrake maxrake self-assigned this Aug 19, 2024
@maxrake maxrake requested a review from a team as a code owner August 19, 2024 16:00
@maxrake maxrake requested a review from mathew-horner August 19, 2024 16:00
@maxrake maxrake mentioned this pull request Aug 19, 2024
Merged
cd-work
cd-work requested changes Aug 19, 2024
View reviewed changes
src/phylum/ci/ci_base.py Outdated Show resolved Hide resolved
src/phylum/ci/cli.py Outdated Show resolved Hide resolved
kylewillmon
kylewillmon reviewed Aug 19, 2024
View reviewed changes
src/phylum/ci/ci_base.py Outdated Show resolved Hide resolved
src/phylum/ci/ci_base.py Outdated Show resolved Hide resolved
@maxrake maxrake requested review from cd-work and kylewillmon August 19, 2024 20:47
@mathew-horner mathew-horner removed their request for review August 20, 2024 13:22
cd-work
cd-work previously approved these changes Aug 20, 2024
View reviewed changes
@github-actions GitHub Actions
Copy link

Phylum OSS Supply Chain Risk Analysis - SUCCESS

The Phylum risk analysis is complete and has passed the active policy.

View this project in the Phylum UI

@maxrake maxrake requested review from kylewillmon and cd-work August 21, 2024 01:15
cd-work
cd-work previously approved these changes Aug 21, 2024
View reviewed changes
@maxrake maxrake requested a review from kylewillmon August 21, 2024 17:14
@maxrake maxrake merged commit 258709b into main Aug 21, 2024
13 checks passed
@maxrake maxrake deleted the exclusions branch August 21, 2024 17:35
maxrake added a commit to phylum-dev/phylum-analyze-pr-action that referenced this pull request Aug 21, 2024
@maxrake
docs: add exclusion examples (#39)
00cc4af 
This PR updates the documentation for the GitHub Action to
match the examples provided in phylum-dev/phylum-ci#462.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cd-work cd-work cd-work approved these changes

@kylewillmon kylewillmon Awaiting requested review from kylewillmon

Assignees

@maxrake maxrake

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@maxrake @kylewillmon @cd-work