jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-21 02:46:50 -05:00
Code Issues Projects Releases Wiki Activity
Files
011819cda93079979a08596d0b540d25456de560
docs/content/code-security/codeql-cli/codeql-cli-manual/pack-resolve-dependencies.md
Grace Park 4545543862 Fix for md049 consistent emphasis (#38201) 
Co-authored-by: Jess Hosman <1183847+jhosman@users.noreply.github.com>
2023-06-21 18:10:23 +00:00

207 lines
6.2 KiB
Markdown
Raw Blame History

---
title: pack resolve-dependencies
versions:
fpt: '*'
ghae: '*'
ghec: '*'
ghes: '*'
topics:
- Advanced Security
- Code scanning
- CodeQL
type: reference
product: '{% data reusables.gated-features.codeql %}'
autogenerated: codeql-cli
intro: |-
[Experimental] [Plumbing] Compute the set of required dependencies
for this QL pack.
redirect_from:
- /code-security/codeql-cli/manual/pack-resolve-dependencies
---
<!-- Content after this section is automatically generated -->
{% data reusables.codeql-cli.man-pages-version-note %}
## Synopsis
```shell copy
codeql pack resolve-dependencies <options>... -- <dir>
```
## Description
\[Experimental] \[Plumbing] Compute the set of required dependencies
for this QL pack.
This command searches the configured registries for required
dependencies and returns the list of resolved dependencies.
Available since `v2.6.0`.
## Primary options
#### `<dir>`
The root directory of the package.
#### `--format=<fmt>`
Select output format, either `text` _(default)_ or `json`.
#### `--mode=<mode>`
Specifies how to resolve dependencies:
`minimal-update` _(default)_: Update or create the codeql-pack.lock.yml
based on the existing contents of the qlpack.yml file. If any existing
codeql-pack.lock.yml does not satisfy the current dependencies in the
qlpack.yml, the lock file will be updated as necessary.
`upgrade`: Update or create the codeql-pack.lock.yml to use the latest
versions of all dependencies, subject to the constraints in the
qlpack.yml file.
`verify`: Verify that the existing codeql-pack.lock.yml is still valid
with respect to the dependencies specified in the qlpack.yml file, or
fail the lock file if it does not exist.
`no-lock`: Ignore the existing codeql-pack.lock.yml and perform
resolution based on qlpack.yml file. Does not create or update the lock
file.
`use-lock`: Use the existing codeql-pack.lock.yml file to resolve
dependencies, or create the lock file if it does not exist.
`update`: \[Deprecated] Update or create the codeql-pack.lock.yml to
use the latest versions of all dependencies, subject to the constraints
in the qlpack.yml file. Equivalent to 'upgrade'
#### `--[no-]allow-prerelease`
Allow packs with pre-release version qualifiers (e.g.,
`X.Y.Z-qualifier`) to be used. Without this flag, pre-release packs will
be ignored.
Available since `v2.11.3`.
#### `--no-strict-mode`
\[Advanced] Turn off strict mode to avoid a warning when resolving
packages from the `--additional-packs`
and other locally resolved locations. Packages resolved locally are
never downloaded
and will not be added to the package lock.
#### `--lock-override=<file>`
\[Advanced] Specifies an alternate lock file to use as the input to
dependency resolution.
### Options for resolving QL packs outside of the package registry
#### `--search-path=<dir>[:<dir>...]`
A list of directories under which QL packs may be found. Each directory
can either be a QL pack (or bundle of packs containing a
`.codeqlmanifest.json` file at the root) or the immediate parent of one
or more such directories.
If the path contains more than one directory, their order defines
precedence between them: when a pack name that must be resolved is
matched in more than one of the directory trees, the one given first
wins.
Pointing this at a checkout of the open-source CodeQL repository ought
to work when querying one of the languages that live there.
If you have checked out the CodeQL repository as a sibling of the
unpacked CodeQL toolchain, you don't need to give this option; such
sibling directories will always be searched for QL packs that cannot be
found otherwise. (If this default does not work, it is strongly
recommended to set up `--search-path` once and for all in a per-user
configuration file).
(Note: On Windows the path separator is `;`).
#### `--additional-packs=<dir>[:<dir>...]`
If this list of directories is given, they will be searched for packs
before the ones in `--search-path`. The order between these doesn't
matter; it is an error if a pack name is found in two different places
through this list.
This is useful if you're temporarily developing a new version of a pack
that also appears in the default path. On the other hand, it is *not
recommended* to override this option in a config file; some internal
actions will add this option on the fly, overriding any configured
value.
(Note: On Windows the path separator is `;`).
### Options for configuring the CodeQL package manager
#### `--registries-auth-stdin`
Authenticate to GitHub Enterprise Server Container registries by passing
a comma-separated list of \<registry\_url>=\<token> pairs.
For example, you can pass
`https://containers.GHEHOSTNAME1/v2/=TOKEN1,https://containers.GHEHOSTNAME2/v2/=TOKEN2`
to authenticate to two GitHub Enterprise Server instances.
This overrides the CODEQL\_REGISTRIES\_AUTH and GITHUB\_TOKEN environment
variables. If you only need to authenticate to the github.com Container
registry, you can instead authenticate using the simpler
`--github-auth-stdin` option.
#### `--github-auth-stdin`
Authenticate to the github.com Container registry by passing a
github.com GitHub Apps token or personal access token via standard
input.
To authenticate to GitHub Enterprise Server Container registries, pass
`--registries-auth-stdin` or use the CODEQL\_REGISTRIES\_AUTH environment
variable.
This overrides the GITHUB\_TOKEN environment variable.
### Common options
#### `-h, --help`
Show this help text.
#### `-J=<opt>`
\[Advanced] Give option to the JVM running the command.
(Beware that options containing spaces will not be handled correctly.)
#### `-v, --verbose`
Incrementally increase the number of progress messages printed.
#### `-q, --quiet`
Incrementally decrease the number of progress messages printed.
#### `--verbosity=<level>`
\[Advanced] Explicitly set the verbosity level to one of errors,
warnings, progress, progress+, progress++, progress+++. Overrides `-v`
and `-q`.
#### `--logdir=<dir>`
\[Advanced] Write detailed logs to one or more files in the given
directory, with generated names that include timestamps and the name of
the running subcommand.
(To write a log file with a name you have full control over, instead
give `--log-to-stderr` and redirect stderr as desired.)
Reference in New Issue View Git Blame Copy Permalink