Define new sca_error intermediate type and sca_resolution_error and ScaParseError #350
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
test plan: see related PR in semgrep
aryx
requested review from
a team,
amchiclet,
bkettle and
mmcqd
and removed request for
a team
|
Backwards compatibility summary: |
aryx
changed the title
bkettle
reviewed
Feb 13, 2025
semgrep_output_v1.atd
Outdated
| | DependencyResolutionError of resolution_error | ||
| | DependencyResolutionError of resolution_error_kind | ||
| (* since semgrep 1.109.0 (to replace dependency_parser_error) *) | ||
| | ScaParseError of sca_parser_name |
There was a problem hiding this comment.
We could alternatively skip adding an extra variant here, and instead add a variant to resolution_error_kind. In my head "dependency resolution" refers to any way that we determine the dependencies for a project, so this could make sense. What do you think?
There was a problem hiding this comment.
Sounds good to me. That would maybe the need to have all those Union[out.DependencyParseError, out.ScaResolutionError] ? and we would have just out.ScaResolutionError or maybe just out.ScaError
There was a problem hiding this comment.
What would be the difference between this ScaParserError of sca_parser_name and the
ParseDependenciesFailed of string in resolution_error_kind?
There was a problem hiding this comment.
ParseDependenciesFailed was originally intended to be for when we produce some dependency list in lockfileless scanning (by talking to the package manager) but fail to parse it correctly, while ScaParserError would be that a lockfile parser failed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
test plan:
see related PR in semgrep
make setup && maketo update the generated code after editing a.atdfile (TODO: have a CI check)For example, the Semgrep backend need to still be able to consume data
generated by Semgrep 1.50.0.
See https://atd.readthedocs.io/en/latest/atdgen-tutorial.html#smooth-protocol-upgrades
Note that the types related to the semgrep-core JSON output or the
semgrep-core RPC do not need to be backward compatible!