From 61805d611cd621a51a052f9ef84232c0bed245e9 Mon Sep 17 00:00:00 2001 From: Dar Malovani Date: Thu, 10 Dec 2020 13:09:15 +0200 Subject: [PATCH] feat: pass gradle util to java call graph builder We want to make sure that the right gradle util is being used within the java call graph builder to allow gradle sub projects to use the correct gradlew, which can be found in the root of the project. For more context go to https://github.com/snyk/java-call-graph-builder/pull/42 --- lib/index.ts | 2 ++ package.json | 2 +- test/system/plugin.test.ts | 5 ++++- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/lib/index.ts b/lib/index.ts index bb37e2d..e56d6ca 100644 --- a/lib/index.ts +++ b/lib/index.ts @@ -113,9 +113,11 @@ export async function inspect( let callGraph: CallGraph | undefined; const targetPath = path.join(root, targetFile); if (options.reachableVulns) { + const command = getCommand(root, targetFile); debugLog(`getting call graph from path ${targetPath}`); callGraph = await javaCallGraphBuilder.getCallGraphGradle( path.dirname(targetPath), + command, ); debugLog('got call graph successfully'); } diff --git a/package.json b/package.json index 2b23687..bdf827a 100644 --- a/package.json +++ b/package.json @@ -47,7 +47,7 @@ "dependencies": { "@snyk/cli-interface": "2.9.1", "@snyk/dep-graph": "^1.19.4", - "@snyk/java-call-graph-builder": "1.16.2", + "@snyk/java-call-graph-builder": "1.18.0", "@types/debug": "^4.1.4", "chalk": "^3.0.0", "debug": "^4.1.1", diff --git a/test/system/plugin.test.ts b/test/system/plugin.test.ts index f77a04b..874b117 100644 --- a/test/system/plugin.test.ts +++ b/test/system/plugin.test.ts @@ -49,7 +49,10 @@ test('run inspect() with reachableVulns', async (t) => { ); t.ok(javaCallGraphBuilderStub.calledOnce, 'called to the call graph builder'); t.ok( - javaCallGraphBuilderStub.calledWith(path.join('.', rootNoWrapper)), + javaCallGraphBuilderStub.calledWith( + path.join('.', rootNoWrapper), + 'gradle', + ), 'call graph builder was called with the correct path', ); t.same(gradleCallGraph, result.callGraph, 'returns expected callgraph');