SAP
feat(detectExecuteScan): Add `useDetect9` for latest BlackDuck script
detect8.sh is no longer the most recent version of the BlackDuck runner. detect9.sh is now available and fixes some important bugs such as incorrect dependency reporting for package-lock.json's in version 2 and 3.
This commit adds detect9.sh support by adding a new detectExecuteScan option useDetect9, similar to the old option useDetect8.
See release notes of Synopsis Detect:
- https://sig-product-docs.synopsys.com/bundle/integrations-detect/page/currentreleasenotes.html
Changes
- [ ] Tests
- [ ] Documentation
@CCFenner Is there anything else I can do? Or do I need a review by someone else? If so, could you assign/ping them? :) I don't have permission to merge this, regardless of your approval and passed CI tests.
Regards, Andre
@dimaste Sure! Done. Btw: Isn't detect8 still the default? Or was the default: false change only for documentation? 😄
Kudos, SonarCloud Quality Gate passed! 
0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells
No Coverage information
No Duplication information
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}
This is the default value, but we don't use it actually. It works in any case where no other detect version parameter is provided.
@dimaste Sure! Done. Btw: Isn't detect8 still the default? Or was the
default: falsechange only for documentation? 😄
@bugwelle we discussed your PR with product management. We can merge it after the server upgrade which we should complete by the end of the year. The reason is that the current server version does not officially support it.
I'll merge it once the server is upgraded. For now, let's keep the PR.
The reason is that the current server version does not officially support it.
@dimaste Oh! 😄 We're already using detect9.sh for some projects and didn't notice anything off.
Thanks for reviewing it. :)
Sure I see your concern, you can try to pass this as a workaround in Piper config of detect step for your scenario
customEnvironmentVariables: - 'DETECT_LATEST_RELEASE_VERSION=9.1.0'
Sure I see your concern, you can try to pass this as a workaround in Piper config of detect step for your scenario
customEnvironmentVariables: - 'DETECT_LATEST_RELEASE_VERSION=9.1.0'
Awesome! I'll try it out. I didn't find that option myself. :)
Regards, Andre
Thank you for your contribution! This pull request is stale because it has been open 60 days with no activity. In order to keep it open, please remove stale label or add a comment within the next 10 days. If you need a Piper team member to remove the stale label make sure to add @SAP/jenkins-library-team to your comment.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
@dimaste I've updated the PR. It seems that useDetect7/8 was removed during the last 3 months. I've added useDetect9 again.
@SAP/jenkins-library-team can you remove the stale label?
Quality Gate passed
Issues
0 New issues
Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code
See analysis details on SonarCloud
Thank you for your contribution! This pull request is stale because it has been open 60 days with no activity. In order to keep it open, please remove stale label or add a comment within the next 10 days. If you need a Piper team member to remove the stale label make sure to add @SAP/jenkins-library-team to your comment.
@dimaste I've rebased the PR. It seems that useDetect7/8 was removed during the last 5 months. I've added useDetect9 again.
@SAP/jenkins-library-team can you remove the stale label?
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code
See analysis details on SonarCloud