Bug: Timeout control invalidation

When using GuardDog for batch detection of malicious packages, I found that GuardDog freezes when detecting large-sized malicious packages. 
Therefore, I tried modifying the SEMGREP_TIMEOUT in the analyzer.py file to change the timeout period, but this did not work. As a result, I had to force stop the detection by modifying the timeout parameter in subprocess.run(), yet this causes semgrep-core to keep residing in the process. During large-scale batch detection, this leads to memory exhaustion. 

<img width="992" height="215" alt="Image" src="https://github.com/user-attachments/assets/585565b6-0f59-4c00-96a7-bfee98ffc523" />

Currently, I can only resolve this issue by forcefully terminating the semgrep-core process every time a timeout occurs. Is there any solution to this problem?

<img width="1010" height="188" alt="Image" src="https://github.com/user-attachments/assets/3cd6b125-b518-4d95-ab76-1ff848d06cc7" />

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bug: Timeout control invalidation #631

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Bug: Timeout control invalidation #631

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions