From 9fb80ef59f8c93d85e73faf2f67c622823b98e3d Mon Sep 17 00:00:00 2001
From: syoul <syoul@librezo.fr>
Date: Thu, 19 Mar 2026 20:42:49 +0100
Subject: [PATCH] fix: sbom-generate - inclure node_modules pour SBOM complet

Retirer l'exclusion des node_modules permet a Syft de scanner
les paquets reellement installes (transitifs inclus).
Seuls les artefacts de build sont exclus (build/, .next/, out/).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 .woodpecker.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.woodpecker.yml b/.woodpecker.yml
index 29bb18c..88a6625 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -87,7 +87,7 @@ steps:
       - apk add --no-cache curl
       - curl -sSfL https://raw.githubusercontent.com/anchore/syft/main/install.sh | sh -s -- -b /usr/local/bin latest
       - mkdir -p .reports
-      - syft dir:. --exclude './node_modules' --exclude './radar-app/node_modules' --exclude './.next' --exclude './build' -o cyclonedx-json --file .reports/sbom-radar.cyclonedx.json
+      - syft dir:. --exclude './build' --exclude './radar-app/.next' --exclude './radar-app/out' -o cyclonedx-json --file .reports/sbom-radar.cyclonedx.json
       - echo "SBOM genere $(wc -c < .reports/sbom-radar.cyclonedx.json) octets"
 
   # Etape 3b : Scan CVE (Trivy) depuis le SBOM Syft