Skip to content

fix(model): Skip excluded projects in getDependencies when omitExcluded is true#11926

Merged
sschuberth merged 1 commit into
oss-review-toolkit:mainfrom
voidpetal:fix-spdx-subprojects-regression
Jun 3, 2026
Merged

fix(model): Skip excluded projects in getDependencies when omitExcluded is true#11926
sschuberth merged 1 commit into
oss-review-toolkit:mainfrom
voidpetal:fix-spdx-subprojects-regression

Conversation

@voidpetal
Copy link
Copy Markdown
Contributor

@voidpetal voidpetal commented Jun 2, 2026
edited by sschuberth
Loading

Previously, getDependencies(omitExcluded=true) only filtered excluded packages
from results but still traversed all projects. This caused inconsistencies when
dependency edges only exist in excluded projects (e.g., test-only submodules).

Now excluded projects are also skipped during traversal, ensuring dependencies
only reachable through excluded projects are not discovered.

@voidpetal voidpetal requested a review from a team as a code owner June 2, 2026 07:51
sschuberth
sschuberth reviewed Jun 2, 2026
View reviewed changes
Comment thread plugins/reporters/spdx/src/main/kotlin/SpdxDocumentModelMapper.kt Outdated
@codecov
Copy link
Copy Markdown

codecov Bot commented Jun 2, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 58.43%. Comparing base (1d8bd43) to head (2c80503).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff            @@
##               main   #11926   +/-   ##
=========================================
  Coverage     58.43%   58.43%           
+ Complexity     1809     1807    -2     
=========================================
  Files           361      361           
  Lines         13499    13499           
  Branches       1383     1383           
=========================================
  Hits           7888     7888           
  Misses         5115     5115           
  Partials        496      496
Flag Coverage Δ
funTest-external-tools 14.64% <ø> (ø)
funTest-no-external-tools 30.29% <ø> (-0.12%) ⬇️
test-ubuntu-24.04 41.78% <ø> (ø)
test-windows-2025 41.76% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@voidpetal voidpetal force-pushed the fix-spdx-subprojects-regression branch from 3cb7615 to 34175bd Compare June 2, 2026 09:28
@sschuberth sschuberth changed the title fix(spdx): Include subprojects when building the linkage type map fix(spdx): Handle missing linkage types for orphaned graph fragments Jun 2, 2026
@sschuberth
Copy link
Copy Markdown
Member

sschuberth commented Jun 2, 2026

Use safe lookup for dependency edges that may not be in the linkage map.

The point is (@fviernau may correct me if I'm wrong): It should never happen that we miss entries in the linkage map, due to the way that map is populated. That's why getValue() is used here in the first place, we want to fail in such a case (that should never occur) to be able to investigate and fix the root cause.

@voidpetal voidpetal force-pushed the fix-spdx-subprojects-regression branch from 34175bd to 57d7300 Compare June 2, 2026 10:30
sschuberth
sschuberth requested changes Jun 2, 2026
View reviewed changes
Comment thread model/src/main/kotlin/OrtResult.kt Outdated
getProjects().forEach { project ->
val projects = if (omitExcluded) getProjects().filter { !isExcluded(it.id) } else getProjects()

projects.forEach { project ->
Copy link
Copy Markdown
Member

@sschuberth sschuberth Jun 2, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just pass on omitExcluded to getProjects() in the original code: getProjects(omitExcluded)

Copy link
Copy Markdown
Member

@sschuberth sschuberth Jun 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'll do this quickly myself to ensure the change makes it into tomorrow's release.

Copy link
Copy Markdown
Contributor Author

@voidpetal voidpetal Jun 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @sschuberth!

@sschuberth sschuberth mentioned this pull request Jun 3, 2026
Open
@sschuberth sschuberth changed the title fix(spdx): Handle missing linkage types for orphaned graph fragments fix(model): Skip excluded projects in getDependencies when omitExcluded is true Jun 3, 2026
@sschuberth sschuberth force-pushed the fix-spdx-subprojects-regression branch from 57d7300 to af31633 Compare June 3, 2026 07:32
@sschuberth sschuberth enabled auto-merge (rebase) June 3, 2026 07:33
@voidpetal
fix(model): Adhere to omitExcluded for projects in getDependencies()
2c80503 
Previously, `getDependencies(omitExcluded = true)` only filtered excluded
packages from results but still traversed all projects. This caused
inconsistencies when dependency edges only exist in excluded projects (e.g.
test-only submodules).

Now excluded projects are also skipped during traversal, ensuring that
dependencies which are only reachable through excluded projects are not
discovered.

Signed-off-by: Kai Hodžić <hodzic.e.k@outlook.com>
auto-merge was automatically disabled June 3, 2026 08:12

Head branch was pushed to by a user without write access

@voidpetal voidpetal force-pushed the fix-spdx-subprojects-regression branch from af31633 to 2c80503 Compare June 3, 2026 08:12
@sschuberth sschuberth enabled auto-merge (rebase) June 3, 2026 08:32
@sschuberth sschuberth merged commit 2adf5e4 into oss-review-toolkit:main Jun 3, 2026
54 of 57 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sschuberth sschuberth sschuberth approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@voidpetal @sschuberth