Ignore pre-defined filenames when PIP_REQUIREMENTS_FILE is set
What does this MR do?
This fixes a bug where gemnasium-python scans a dependency file other than the one specified in PIP_REQUIREMENTS_FILE
.
- When
PIP_REQUIREMENTS_FILE
is set,- Use it as the only supported filename for pip.
- Ignore dependency files handled by package managers other than pip.
- Show a warning if has a directory component.
What are the relevant issue numbers?
PIP_REQUIREMENTS_FILE variable is ignored by py... (gitlab-org/gitlab#350949 - closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer
Edited by Fabien Catteau