-
Notifications
You must be signed in to change notification settings - Fork 602
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add custom maven comparator #1571
Conversation
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
…ions Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
46ae774
to
4d54c0a
Compare
Putting this back in draft - I think it needs another look as I'm still getting the faulty match mentioned in the issue. While we're testing correctly against the comparator being used as intended in the unit tests, something is not hooked up correctly. The constraint is still behaving as a fuzzy constraint. |
Signed-off-by: Christopher Phillips <[email protected]>
ad906d4 updates the This has a minor downside. If the package being examined is not actually of the assumed type(from the verObj) , then the The trade off here is that we can now allow new comparators to be tried by trusting the versionObj knows what it's looking for without an update to the The best case here is that |
Blocked on anchore/yardstick#171 The following is being returned by the quality gate locally:
Exploring the labeled data for this image shows that a majority of the Labeled data that is categorized as |
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Alex Goodman <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Signed-off-by: Alex Goodman <[email protected]>
Signed-off-by: Alex Goodman <[email protected]>
Signed-off-by: Christopher Phillips <[email protected]>
Summary
Fix for #1526.
This PR takes the recommendation from #1526 and adapts the go-mvn-version to be used as a custom comparator for matching against packages that have the
JavaPkg
type. Packages of typeJavaPkg
will no longer use the stock matcher.The specific case mentioned in the issue has been included in both new test harnesses.
Here is a screenshot of the issues test case working as intended with the versions for
jenkins-core
being correctly compared. The FP is eliminated:Related Labeled PR for updating the quality gate:
Local Sample showing FP improvements with this change:
Todo