fossa-cli icon indicating copy to clipboard operation
fossa-cli copied to clipboard
verified publisher icon fossas

[ANE-2701] Make snippet scanning non experimental

Open spatten opened this issue 1 month ago • 0 comments

Overview

This PR implements the CLI part of ANE-2701

In this PR, we add a new flag, --snippet-scan and hide and deprecate the --x-snippet-scan flag.

The --x-snippet-scan flag still works, and you can use either --snippet-scan or --x-snippet-scan (or both) to enable snippet scanning.

The only difference is that you get a deprecation warning if you use --x-snippet-scan.

At some point in the future we will remove the --x-snippet-scan flag altogether. Because this is an experimental flag, we will not wait the normal 6 months between deprecation and removal. Instead, the minimum date for removal is one month from when this PR is included in a release.

Acceptance criteria

  • Both the --x-snippet-scan and --snippet-scan flags enable snippet scanning
  • You get a deprecation warning if you use --x-snippet-scan
  • The documentation is updated to use --snippet-scan instead of --x-snippet-scan
  • fossa analyze --help no longer mentions --x-snippet-scan
  • fossa analyze --help shows help for --snippet-scan

Testing plan

make install-dev

Run fossa-dev analyze --snippet-scan and fossa-dev analyze --x-snippet-scan and fossa-dev analyze --snippet-scan --x-snippet-scan. In all cases you should see a successful snippet scan. If you used --x-snippet-scan, you should see a deprecation warning.

Run fossa-dev analyze --help. You should see no mention of --x-snippet-scan. You should see documentation for --snippet-scan.

Risks

This is low risk

Metrics

References

Checklist

  • [ ] I added tests for this PR's change (or explained in the PR description why tests don't make sense).
  • [ ] If this PR introduced a user-visible change, I added documentation into docs/.
  • [ ] If this PR added docs, I added links as appropriate to the user manual's ToC in docs/README.ms and gave consideration to how discoverable or not my documentation is.
  • [ ] If this change is externally visible, I updated Changelog.md. If this PR did not mark a release, I added my changes into an ## Unreleased section at the top.
  • [ ] If I made changes to .fossa.yml or fossa-deps.{json.yml}, I updated docs/references/files/*.schema.json AND I have updated example files used by fossa init command. You may also need to update these if you have added/removed new dependency type (e.g. pip) or analysis target type (e.g. poetry).
  • [ ] If I made changes to a subcommand's options, I updated docs/references/subcommands/<subcommand>.md.

spatten avatar Dec 03 '25 01:12 spatten