Incomplete dependency-graph generated on build failure
Closed this issue · 0 comments
bigdaz commented
When the build fails, in most cases a dependency-graph file is still generated. This can result in an incomplete dependency-graph being submitted, which could result in Dependabot Alerts being resolved incorrectly.
By default, the plugin should not generate an incomplete dependency-graph file in these circumstances. Instead, no file should be generated, and a warning emitted.
If it is deemed useful, we could add an opt-in to allow dependency-graph generation on failed builds.