Skip to content

Make all package managers use the new dependency graph format #3825

@sschuberth

Description

@sschuberth

Currently, only the Gradle analyzer uses the new dependency graph format introduced in #3502. We should take advantage of the new format for more (ultimately all) package manager implementations.

Package managers that still need to be migrated are unchecked in this list:

  • Bazel
  • Bower
  • Bundler
  • Cargo
  • Carthage
  • CocoaPods
  • Composer
  • Conan
  • GoMod
  • Gradle
  • GradleInspector
  • Maven
  • Npm
  • NuGet
  • Pnpm
  • Pip
  • Pipenv
  • Poetry
  • Pub
  • Sbt (not relevant itself, as it uses Maven)
  • SpdxDocumentFile
  • Stack
  • SwiftPm
  • Yarn
  • Yarn2

Metadata

Metadata

Assignees

No one assigned

    Labels

    analyzerAbout the analyzer toolepicA "parent" issue that refers to multiple other issues

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions