Flip Dependency Scanning analyzer git repo check flag to on
Problem to solve
The DS_FF_LINK_COMPONENTS_TO_GIT_FILES flag was added as part of Link to correct input file when analyzed artifa... (#537716 - closed) • Igor Frenkel • 18.3. It defaulted to off for testing and a soft release and was not meant to be part of the analyzer long term.
Proposal
In order to make this behaviour part of the analyzer by default, the flag should be flipped to "on" in %18.5 by default and removed in a subsequent release.
Implementation plan
- Change flag to default to "on"
- Update
README.mdto remove mention of this flag
Subsequent release
- Remove flag from the analyzer.
Intended users
General analyzer users.
Workarounds and issues
Because Dependency Scanning v2 template does not support this flag, if users need to flip it to off, they would have to override the dependency-scanning job to set this flag's value.
Implementation plan
- Change inputfile/flags.go default value to
true - Update README.md with new default value
- Announce
Edited by Igor Frenkel