Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make versions of local scanners configurable #4582

Closed
oheger-bosch opened this issue Oct 12, 2021 · 1 comment
Closed

Make versions of local scanners configurable #4582

oheger-bosch opened this issue Oct 12, 2021 · 1 comment
Labels
enhancement Issues that are considered to be enhancements scanner About the scanner tool

Comments

@oheger-bosch
Copy link
Member

So far, for local scanners, ORT has the specific version it supports hard-coded; if a different version of the scanner is installed on the system, it is not accepted, but ORT tries to bootstrap this exact version (see

getVersion(it) == expectedVersion
).

This behaviour is rather strict, and it complicates updates to newer scanner versions (e.g. refer to #4296). To be more flexible, ORT could support setting the accepted scanner version (or even a version range) in the scanner configuration. For instance, for ScanCode, this could look as follows:

  scanner {
     ...
      ScanCode {
        commandLine = "--copyright --license --info --strip-root --timeout 300 --max-in-memory 5000"
        parseLicenseExpressions = true
	minVersion = 3.2.1
	maxVersion = 22.1.1
     }
   ...
}

Note: The properties minVersion and maxVersion are currently already used to configure the accepted versions when loading results from the scan result storage; so they would have to be renamed.

The expectedVersion hard-coded in ORT could be kept and used as default value if no version is configured for a scanner; this would also be the version that gets bootstrapped.

@sschuberth
Copy link
Member

Closing this in favor of the even more relaxed approach in #4669, which accepts any scanner version already installed on the host, but informs about a version mismatch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement Issues that are considered to be enhancements scanner About the scanner tool
Projects
None yet
Development

No branches or pull requests

2 participants