trivy icon indicating copy to clipboard operation
trivy copied to clipboard
Published 3 weeks ago verified publisher icon aquasecurity

feat(yarn): add workspace as dependencies and use `workspace` relationship for them

Open DmitriyLewen opened this issue 1 year ago • 1 comments

Description

We currently don't expose workspace as separate packages (only define direct and indirect dependencies on them).

After #7889 we can add them with the workspace relationship.

Required changes:

  • detect workspace packages from path/to/workspace/package.json files.
  • use workspace relationship for these packages
  • add relationships between workspaces and direct packages of workspaces.
  • ??? detect project id from root package.json file to add root package (@knqyf263 wdyt?) and add workspaces as dependencies of root package

DmitriyLewen avatar Nov 29 '24 05:11 DmitriyLewen

??? detect project id from root package.json file to add root package (@knqyf263 wdyt?) and add workspaces as dependencies of root package

Yes, we should do that.

knqyf263 avatar Nov 29 '24 07:11 knqyf263