fossa-cli icon indicating copy to clipboard operation
fossa-cli copied to clipboard

Published 20 hours ago verified publisher icon fossas

Add limitation to pipenv.md

Open ryanlink opened this issue 1 year ago • 3 comments

Overview

Small addition to pipenv tactic documentation (we don't report transitive deps, everything shows up as direct).

Risks

Highlight any areas that you're unsure of, want feedback on, or want reviewers to pay particular attention to.

Example: I'm not sure I did X correctly, can reviewers please double-check that for me?

Metrics

Is this change something that can or should be tracked? If so, can we do it today? And how? If its easy, do it

References

Add links to any referenced GitHub issues, Zendesk tickets, Jira tickets, Slack threads, etc.

Example:

Checklist

  • [ ] I added tests for this PR's change (or explained in the PR description why tests don't make sense).
  • [ ] If this PR introduced a user-visible change, I added documentation into docs/.
  • [ ] If this PR added docs, I added links as appropriate to the user manual's ToC in docs/README.ms and gave consideration to how discoverable or not my documentation is.
  • [ ] If this change is externally visible, I updated Changelog.md. If this PR did not mark a release, I added my changes into an # Unreleased section at the top.
  • [ ] If I made changes to .fossa.yml or fossa-deps.{json.yml}, I updated docs/references/files/*.schema.json AND I have updated example files used by fossa init command. You may also need to update these if you have added/removed new dependency type (e.g. pip) or analysis target type (e.g. poetry).
  • [ ] If I made changes to a subcommand's options, I updated docs/references/subcommands/<subcommand>.md.

ryanlink avatar Jan 23 '24 15:01 ryanlink

If we're making this change to documentation until support for it is fixed, should we also update https://github.com/fossas/fossa-cli/blob/master/docs/references/strategies/languages/python/python.md ?

saramaebee avatar Jan 23 '24 16:01 saramaebee

@saramaebee 100%, thank you

although we do technically detect the transitive deps -- we just report them as direct. @jssblck what do you think? I've added ❌ to the matrix for transitive deps but can revert that.

ryanlink avatar Jan 23 '24 16:01 ryanlink

pffft, the link check is failing bc https://cocoapods.org/ is giving a 500 right now 😆

ryanlink avatar Jan 25 '24 22:01 ryanlink