Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Difference between a Library and Dependency #140

Open
ShubhamPalriwala opened this issue Oct 6, 2022 · 0 comments
Open

Difference between a Library and Dependency #140

ShubhamPalriwala opened this issue Oct 6, 2022 · 0 comments

Comments

@ShubhamPalriwala
Copy link

I resumed back my work on adding the feature for --include-dev-dependencies for Trivy and have decided that this will be the place to start as to enable the Dev bool for each depndency that is parsed.

However, I'm currently confused a bit with the difference between a Library and a Dependency in context to this package.

My interpretation till now is:
A library is the current library we are parsing and a dependency is all the external libraries that this library is dependent upon.

Another confusion that I'm having is, inside any language/framework directory, there's another type definition for a Dependency as for example here in nodejs/npm/parse.go

Would like to know if I am correct/ and if not would kindly request help here. Also, it would be really helpful if I could get some feedback if I'm on the correct place for adding a Dev bool flag in the Library type in the same file as hyperlinked above as.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ShubhamPalriwala