I have a angular project which has several packages that have direct dependencies and developer dependencies like below
"dependencies": {
"@angular/animations": "8.2.14",
"@angular/cdk": "8.2.3",
"@angular/common": "8.2.14",
"@angular/compiler": "8.2.14",
"@angular/core": "8.2.14",
"@angular/forms": "8.2.14",
"@angular/material": "8.2.3",
.
.
},
"devDependencies": {
"@angular-devkit/build-angular": "0.803.20",
"@angular/cli": "8.3.20",
.
.
}
I am building CI/CD pipeline which does scans like oss, dast, sast etc. Is it advisable to exclude when developer dependencies while performing these scans? If dev dependency excluded, it will make pipeline execute quicker.
