jenkins/sap-jenkins-library
1
0
Fork 0
mirror of https://github.com/SAP/jenkins-library.git synced 2025-09-16 09:26:22 +02:00
Code Issues Releases Activity

fix (npmExecuteScripts) pinning @cyclonedx/bom to major version 3 (#4081)

Browse Source 
* pinning cyclone dx to major version 3

* fxing unit test

Co-authored-by: anilkeshav27 <you@example.com>
This commit is contained in:
Anil Keshav
2022-10-24 13:42:11 +02:00
committed by GitHub
parent 48e959b4a9
commit 2d56e3f4dc
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/npm/npm.go
View File

@@ -355,7 +355,7 @@ func (exec *Execute) checkIfLockFilesExist() (bool, bool, error) {
func (exec *Execute) CreateBOM(packageJSONFiles []string) error {
execRunner := exec.Utils.GetExecRunner()
// Install CycloneDX Node.js module locally without saving in package.json
err := execRunner.RunExecutable("npm", "install", "@cyclonedx/bom", "--no-save")
err := execRunner.RunExecutable("npm", "install", "@cyclonedx/bom@^3.10.6", "--no-save")
if err != nil {
return err
}

2
pkg/npm/npm_test.go
View File

@@ -357,7 +357,7 @@ func TestNpm(t *testing.T) {
if assert.NoError(t, err) {
if assert.Equal(t, 3, len(utils.execRunner.Calls)) {
assert.Equal(t, mock.ExecCall{Exec: "npm", Params: []string{"install", "@cyclonedx/bom", "--no-save"}}, utils.execRunner.Calls[0])
assert.Equal(t, mock.ExecCall{Exec: "npm", Params: []string{"install", "@cyclonedx/bom@^3.10.6", "--no-save"}}, utils.execRunner.Calls[0])
assert.Equal(t, mock.ExecCall{Exec: "npx", Params: []string{"cyclonedx-bom", ".",
"--output", "bom-npm.xml"}}, utils.execRunner.Calls[1])
assert.Equal(t, mock.ExecCall{Exec: "npx", Params: []string{"cyclonedx-bom", "src",