Yarn :: Analyzer is reading Packages package.json scopes wrongly

[porsche-rishisaxena]

We have a root level package.json and package directory have their respective package.json. When analyzer is executed on the root level, the scopes (devdependencies Vs dependencies) are written wrongly in the analyzer-result. A correctly defined dev-dependency package in package.json is marked in analyzer-result.yml under dependency.

[sschuberth]

Could be the related to https://github.com/oss-review-toolkit/ort/issues/6239.

[porsche-rishisaxena]

@sschuberth analyzer-result.txt Note: After download, change the file extension to .yml

[porsche-rishisaxena]

@sschuberth: Any update on this issue?

[sschuberth]

No, no one is actively working on it AFAICT.

[porsche-rishisaxena]

@sschuberth Any timeline to look into this issue by the community? Can we align if we can collectively look into this issue and be of some help here.

[sschuberth]

@porsche-rishisaxena, before anyone can look into this, I believe we first need to

1. verify that the issue is still reproducible with the latest version of ORT,
2. show that the issue is different from #6239 (i.e. show that it is not only a display issue in the web-app report, but that the scope is already wrong in the original ORT analyzer result),
3. provide steps to reproduce with public sources (i.e. a public Git repository to analyze where the issue appears).

[sschuberth]

To clean up stale issues, I'm closing this as an assumed duplicate of #6239. Feel free to reopen if you can prove it is not a duplicate, but a separate issue.