[K9VULN-14776] Emit pyproject manifest metadata#142
Conversation
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
from
ac79ebf to
08219ba
Compare
|
🎯 Code Coverage (details) 🔗 Commit SHA: 6e389ee | Docs | Datadog PR Page | Give us feedback! |
rjcoulter22
changed the title
rjcoulter22
changed the title
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
2 times, most recently
from
c343465 to
a77c687
Compare
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
from
a77c687 to
30e4a40
Compare
rjcoulter22
changed the title
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
2 times, most recently
from
f4cfddf to
19880cc
Compare
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 19880cccce
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
from
19880cc to
5462d7f
Compare
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
from
5462d7f to
fdb9736
Compare
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
2 times, most recently
from
9a394e4 to
274d613
Compare
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
from
274d613 to
aeb576d
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: aeb576df74
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: cf9dc46617
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3c3fb3fe8d
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 16135e5a4a
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
rjcoulter22
force-pushed
the
ryan.coulter/pyproject-version-ranges
branch
from
16135e5 to
4fb38d3
Compare
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 6e389ee0e2
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
|
Closing, going with a simpler version and this PR is too messy for my liking |
1 participant
Motivation
Manifest-only
pyproject.tomlscans need enough metadata for downstream SCA enrichment: ranged dependencies should keep their declared range, and manifest-only dependencies should be marked for transitive enrichment.Documentation
Summary
Adds manifest-only dependency metadata for
pyproject.tomlscans.Version.VersionRange, including wildcard ranges like1.*.datadog:version-rangeonly for ranged dependencies.datadog:requires-transitive-enrichment=truefor all emitted pyproject manifest dependencies.Testing
Recovery
Notes for on-call - select only one: