Skip to content
  • Jamie Tanna's avatar
    Add `db generate missing-data` command · b0f322f0
    Jamie Tanna authored
    
    
    As part of #77, we proposed to add support for integration with
    `deps.dev` to look up package dependencies.
    
    To do this, we can add support for the `GetDependencies` endpoint on our
    `depsdev.Client`, and look up each dependency's dependency tree.
    
    This requires we introduce two new queries to Renovate + SBOMs to be
    able to query the existing data, including the full repo + ecosystem
    data.
    
    We can copy-paste the existing `Generate` functionality and tweak it to
    work for the dependency lookup.
    
    We make sure to trim down the requests we're sending with Renovate data
    as there's a lot of data that fails to be looked up without doing so.
    
    For now we can add support for the Maven ecosystem which appears to be
    the biggest concern, as Renovate nor SBOM exports we've got include the
    full dependency tree.
    
    Co-authored-by: default avatarJamie Tanna <jamie.tanna@elastic.co>
    b0f322f0
Loading