Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restructure inspect_packages pipeline #1419

Open
AyanSinhaMahapatra opened this issue Oct 29, 2024 · 0 comments
Open

Restructure inspect_packages pipeline #1419

AyanSinhaMahapatra opened this issue Oct 29, 2024 · 0 comments
Assignees
@AyanSinhaMahapatra
Labels
high priority

Comments

@AyanSinhaMahapatra
Copy link
Member

There are two conflicting use cases that needs to be addressed:

  1. Running a fast package scan to only get package information from manifests and lockfiles
  2. Running a more detailed package scan with package assembly and resolving dependencies (but still faster as this is a package-only scan without license/copyrights)

2 was needed for #1244 and is what we have now with package assembly and resolving dependencies through the StaticResolver group, but note that we have the same functionality with the ResolveDependencies pipeline, so it be better perhaps to:

  • Have the inspect_packages pipeline only do 1.
  • Have the resolve_dependencies pipeline do 2.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AyanSinhaMahapatra AyanSinhaMahapatra

Labels
high priority
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@AyanSinhaMahapatra