I note from Included Analyzers that ESLint is an included scanner
Is there further information about the ESLint scanner run by default?
Is any configuration possible in the .lift.toml?
If not, what is the equivilient custom configuration - perhaps we can modify as a custom tool to use the latest version
Example scan: Sonatype Lift -- Console
We’re currently defaulting to 7.32.0 for ESLint. If you wanted to use a different version you can use a setup script which runs before the analysis to configure any changes to the build environment that you need. See Build and .toml Details for details on how to include a setup script.
In your script you can add something like
sudo npm i -g firstname.lastname@example.org \
eslint-plugin-prettier --save-dev && \
sudo npm i -g @typescript-eslint/eslint-plugin@latest --save-dev
If this setup script is in your repo in
.lift/setup.sh then your .lift.toml config file would contain
setup = ".lift/setup.sh"
The build logs in the web console should show the output from the setup.sh to evaluate if there were any issues or warnings.
Let me know how it works out for you.
thanks - will give it a go!
You’re running into two issues currently. The first is that it is difficult to test config changes in a PR, because we run an analysis on both branches and then diff the results. When the config is different in the two branches you can get some unexpected behavior. I suggest using the web console to run an ad hoc analysis on your branch with the config changes to test things out.
Second issue is the version of node seems to be too old to support ESLint 8. We’re installing node/npm with the OS package manager and it’s latest version is quite outdated. I’m bringing it up to the team to make a more flexible option to have broader support. I’ll share an update as soon as we have one.