843 scope property is always being set to required#844
Conversation
Signed-off-by: MTsfoni <mibau89@gmail.com>
Signed-off-by: MTsfoni <mibau89@gmail.com>
Signed-off-by: MTsfoni <mibau89@gmail.com>
|
@mtsfoni will this fix also result in dependencies of the dev dependency also having their scope classified as excluded as I am needing that fixed as part of this. |
|
You are right, it doesn't. That also seems a little trickier as the asset file, doesn't give the information directly. Looks like I'd have to check the dependency graph and can mark one of those a dev dependency if every path towards the root include at least one dev dependency in-between. Here D would be a dev dependency: Here D cannot be a dev dependency: Here, however, D would be a dev dependency again (all paths to A have a dev dependency on the way): @thompson-tomo do you happen to know a package in the gallery that will automatically be added as development dependency and has dependencies by itself? Most of those package have no dependencies by themselves. |
|
I agree, it isn't as easy as would be hoped. So the main dev dependency package i am looking for a solution for would be Microsoft.VisualStudio.Web.CodeGeneration.Design & Microsoft.EntityFrameworkCore.Tools i am fairely sure atleast one of them is automatically added as a dev dependency, |
Signed-off-by: MTsfoni <mibau89@gmail.com>
|
I will certainly solve this, as I consider it a bug. But I need to shift some things around in the process to make it work, so this is bigger task. |
Question: Do you need them specifically to be |
I don't specificially need the scope to be set to excluded and my comment was in response to the changes you had pushed. Happy for them to simply not appear in the SBOM especially if it makes things easier to fix. |
|
Superseded by #1044 |
2 participants
No description provided.