Merge branch 'dev' into docker-curation-supprot

basel1322 · web-flow · commit 77c2f1941ad8 · 2025-12-22T13:56:29.000+02:00
diff --git a/cli/docs/flags.go b/cli/docs/flags.go
@@ -237,11 +237,11 @@ var commandFlags = map[string][]string{
 var flagsMap = map[string]components.Flag{
 	// Common commands flags
 	ServerId:    components.NewStringFlag(ServerId, "Server ID configured using the config command."),
-	Url:         components.NewStringFlag(Url, "JFrog URL."),
-	XrayUrl:     components.NewStringFlag(XrayUrl, "JFrog Xray URL."),
-	user:        components.NewStringFlag(user, "JFrog username."),
-	password:    components.NewStringFlag(password, "JFrog password."),
-	accessToken: components.NewStringFlag(accessToken, "JFrog access token."),
+	Url:         components.NewStringFlag(Url, "Specifies the URL of the JFrog platform."),
+	XrayUrl:     components.NewStringFlag(XrayUrl, "Specifies the URL of your Xray server."),
+	user:        components.NewStringFlag(user, "Specifies the user name of your JFrog platform."),
+	password:    components.NewStringFlag(password, "Specifies the user password of your JFrog platform."),
+	accessToken: components.NewStringFlag(accessToken, "Specifies the access token of your JFrog platform."),
 	Threads:     components.NewStringFlag(Threads, "The number of parallel threads used to scan the source code project.", components.WithIntDefaultValue(cliutils.Threads)),
 	// Xray flags
 	LicenseId: components.NewStringFlag(LicenseId, "Xray license ID.", components.SetMandatory(), components.WithHelpValue("Xray license ID")),
diff --git a/commands/audit/audit_test.go b/commands/audit/audit_test.go
@@ -261,7 +261,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedScaIssues: 15,
 		},
@@ -293,7 +292,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedScaIssues: 0,
 		},
@@ -324,7 +322,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedCaNotCovered: 15,
 		},
@@ -356,7 +353,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSecretsIssues: 16,
 		},
@@ -381,14 +377,13 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 						SecretsScannerConfig: services.SecretsScannerConfig{
 							EnableSecretsScan: true,
-							ExcludePatterns:   []string{"*api_secrets*"},
+							ExcludePatterns:   []string{"**/*api_secrets*/**"},
 						},
 						IacScannerConfig: services.IacScannerConfig{
 							EnableIacScan: false,
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSecretsIssues: 7,
 		},
@@ -419,7 +414,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSastIssues: 4,
 		},
@@ -441,7 +435,7 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 						SastScannerConfig: services.SastScannerConfig{
 							EnableSastScan:  true,
-							ExcludePatterns: []string{"*flask_webgoat*"},
+							ExcludePatterns: []string{"**/*flask_webgoat*/**"},
 						},
 						SecretsScannerConfig: services.SecretsScannerConfig{
 							EnableSecretsScan: false,
@@ -451,15 +445,14 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSastIssues: 0,
 		},
 		{
 			name:        "Enable only IaC scanner",
 			testDirPath: filepath.Join("..", "..", "tests", "testdata", "projects", "jas", "jas"),
 			configProfile: services.ConfigProfile{
-				ProfileName: "only-sast",
+				ProfileName: "only-iac",
 				Modules: []services.Module{{
 					ModuleId:     1,
 					ModuleName:   "only-iac-module",
@@ -482,7 +475,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedIacIssues: 9,
 		},
@@ -510,11 +502,10 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 						IacScannerConfig: services.IacScannerConfig{
 							EnableIacScan:   true,
-							ExcludePatterns: []string{"*iac/gcp*"},
+							ExcludePatterns: []string{"**/*iac/gcp*/**"},
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedIacIssues: 0,
 		},
@@ -545,7 +536,6 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSastIssues:    4,
 			expectedSecretsIssues: 16,
@@ -570,18 +560,17 @@ func TestAuditWithConfigProfile(t *testing.T) {
 						},
 						SastScannerConfig: services.SastScannerConfig{
 							EnableSastScan:  true,
-							ExcludePatterns: []string{"*flask_webgoat*"},
+							ExcludePatterns: []string{"**/*flask_webgoat*/**"},
 						},
 						SecretsScannerConfig: services.SecretsScannerConfig{
 							EnableSecretsScan: true,
-							ExcludePatterns:   []string{"*api_secrets*"},
+							ExcludePatterns:   []string{"**/*api_secrets*/**"},
 						},
 						IacScannerConfig: services.IacScannerConfig{
 							EnableIacScan: true,
 						},
 					},
 				}},
-				IsDefault: false,
 			},
 			expectedSastIssues:    0,
 			expectedSecretsIssues: 7,
diff --git a/go.mod b/go.mod
@@ -17,7 +17,7 @@ require (
 	github.com/jfrog/jfrog-apps-config v1.0.1
 	github.com/jfrog/jfrog-cli-artifactory v0.8.1-0.20251211075913-35ebcd308e93
 	github.com/jfrog/jfrog-cli-core/v2 v2.60.1-0.20251210085744-f8481d179ac5
-	github.com/jfrog/jfrog-client-go v1.55.1-0.20251211124639-306f15dbcf29
+	github.com/jfrog/jfrog-client-go v1.55.1-0.20251217080430-c92b763b7465
 	github.com/magiconair/properties v1.8.10
 	github.com/owenrumney/go-sarif/v3 v3.2.3
 	github.com/package-url/packageurl-go v0.1.3
diff --git a/go.sum b/go.sum
@@ -158,8 +158,8 @@ github.com/jfrog/jfrog-cli-artifactory v0.8.1-0.20251211075913-35ebcd308e93 h1:r
 github.com/jfrog/jfrog-cli-artifactory v0.8.1-0.20251211075913-35ebcd308e93/go.mod h1:7cCaRhXorlbyXZgiW5bplCExFxlnROaG21K12d8inpQ=
 github.com/jfrog/jfrog-cli-core/v2 v2.60.1-0.20251210085744-f8481d179ac5 h1:GYE67ubwl+ZRw3CcXFUi49EwwQp6k+qS8sX0QuHDHO8=
 github.com/jfrog/jfrog-cli-core/v2 v2.60.1-0.20251210085744-f8481d179ac5/go.mod h1:BMoGi2rG0udCCeaghqlNgiW3fTmT+TNnfTnBoWFYgcg=
-github.com/jfrog/jfrog-client-go v1.55.1-0.20251211124639-306f15dbcf29 h1:u+FMai2cImOJExJ1Ehe8JsrpAXmPyRaDXwM60wV3bPA=
-github.com/jfrog/jfrog-client-go v1.55.1-0.20251211124639-306f15dbcf29/go.mod h1:WQ5Y+oKYyHFAlCbHN925bWhnShTd2ruxZ6YTpb76fpU=
+github.com/jfrog/jfrog-client-go v1.55.1-0.20251217080430-c92b763b7465 h1:Ff3BlNPndrAfa1xFI/ORFzfWTxQxF0buWG61PEJwd3U=
+github.com/jfrog/jfrog-client-go v1.55.1-0.20251217080430-c92b763b7465/go.mod h1:WQ5Y+oKYyHFAlCbHN925bWhnShTd2ruxZ6YTpb76fpU=
 github.com/jhump/protoreflect v1.15.1 h1:HUMERORf3I3ZdX05WaQ6MIpd/NJ434hTp5YiKgfCL6c=
 github.com/jhump/protoreflect v1.15.1/go.mod h1:jD/2GMKKE6OqX8qTjhADU1e6DShO+gavG9e0Q693nKo=
 github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k=
diff --git a/jas/applicability/applicabilitymanager.go b/jas/applicability/applicabilitymanager.go
@@ -88,7 +88,7 @@ func newApplicabilityScanManager(directDependenciesCves, indirectDependenciesCve
 }
 
 func (asm *ApplicabilityScanManager) Run(module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error) {
-	if err = asm.createConfigFile(module, append(asm.scanner.Exclusions, asm.scanner.ScannersExclusions.ContextualAnalysisExcludePatterns...)...); err != nil {
+	if err = asm.createConfigFile(module, asm.scanner.ScannersExclusions.ContextualAnalysisExcludePatterns, asm.scanner.Exclusions...); err != nil {
 		return
 	}
 	if err = asm.runAnalyzerManager(); err != nil {
@@ -116,12 +116,12 @@ type scanConfiguration struct {
 	ScanType             string   `yaml:"scantype"`
 }
 
-func (asm *ApplicabilityScanManager) createConfigFile(module jfrogappsconfig.Module, exclusions ...string) error {
+func (asm *ApplicabilityScanManager) createConfigFile(module jfrogappsconfig.Module, centralConfigExclusions []string, exclusions ...string) error {
 	roots, err := jas.GetSourceRoots(module, nil)
 	if err != nil {
 		return err
 	}
-	excludePatterns := jas.GetExcludePatterns(module, nil, exclusions...)
+	excludePatterns := jas.GetExcludePatterns(module, nil, centralConfigExclusions, exclusions...)
 	if asm.thirdPartyScan {
 		log.Info("Including node modules folder in applicability scan")
 		excludePatterns = removeElementFromSlice(excludePatterns, utils.NodeModulesPattern)
diff --git a/jas/applicability/applicabilitymanager_test.go b/jas/applicability/applicabilitymanager_test.go
@@ -175,7 +175,7 @@ func TestCreateConfigFile_VerifyFileWasCreated(t *testing.T) {
 
 	currWd, err := coreutils.GetWorkingDirectory()
 	assert.NoError(t, err)
-	err = applicabilityManager.createConfigFile(jfrogappsconfig.Module{SourceRoot: currWd})
+	err = applicabilityManager.createConfigFile(jfrogappsconfig.Module{SourceRoot: currWd}, []string{})
 	assert.NoError(t, err)
 
 	defer func() {
diff --git a/jas/common.go b/jas/common.go
@@ -420,37 +420,39 @@ func GetSourceRoots(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scan
 	return roots, nil
 }
 
-func GetExcludePatterns(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner, exclusions ...string) []string {
-	if len(exclusions) > 0 {
-		return filterUniqueAndConvertToFilesExcludePatterns(exclusions)
+func GetExcludePatterns(module jfrogappsconfig.Module, scanner *jfrogappsconfig.Scanner, centralConfigExclusions []string, cliExclusions ...string) []string {
+	uniqueExcludePatterns := datastructures.MakeSet[string]()
+	if len(cliExclusions) > 0 || len(centralConfigExclusions) > 0 {
+		// Adding exclusions from CLI requires to convert them to file exclude patterns
+		uniqueExcludePatterns.AddElements(convertToFilesExcludePatterns(cliExclusions)...)
+		// Adding exclusions from centralized config, no need to convert
+		uniqueExcludePatterns.AddElements(centralConfigExclusions...)
+		return uniqueExcludePatterns.ToSlice()
 	}
-
 	// Adding exclusions from jfrog-apps-config IF no exclusions provided from other source (flags, env vars, config profile)
-	excludePatterns := module.ExcludePatterns
+	uniqueExcludePatterns.AddElements(module.ExcludePatterns...)
 	if scanner != nil {
-		excludePatterns = append(excludePatterns, scanner.ExcludePatterns...)
+		uniqueExcludePatterns.AddElements(scanner.ExcludePatterns...)
 	}
-	if len(excludePatterns) == 0 {
+	if uniqueExcludePatterns.Size() == 0 {
 		return utils.DefaultJasExcludePatterns
 	}
-	return excludePatterns
+	return uniqueExcludePatterns.ToSlice()
 }
 
 // This function convert every exclude pattern to a file exclude pattern form.
 // Checks are being made since some of the exclude patters we get here might already be in a file exclude pattern
-// Additionally, we keep patterns without duplications
-func filterUniqueAndConvertToFilesExcludePatterns(excludePatterns []string) []string {
-	uniqueExcludePatterns := datastructures.MakeSet[string]()
+func convertToFilesExcludePatterns(excludePatterns []string) (converted []string) {
 	for _, excludePattern := range excludePatterns {
 		if !strings.HasPrefix(excludePattern, "**/") {
 			excludePattern = "**/" + excludePattern
 		}
 		if !strings.HasSuffix(excludePattern, "/**") {
 			excludePattern += "/**"
 		}
-		uniqueExcludePatterns.Add(excludePattern)
+		converted = append(converted, excludePattern)
 	}
-	return uniqueExcludePatterns.ToSlice()
+	return converted
 }
 
 func CheckForSecretValidation(xrayManager *xray.XrayServicesManager, xrayVersion string, validateSecrets bool) bool {
diff --git a/jas/common_test.go b/jas/common_test.go
@@ -127,7 +127,7 @@ func TestGetExcludePatterns(t *testing.T) {
 	for _, testCase := range getExcludePatternsCases {
 		t.Run("", func(t *testing.T) {
 			scanner := testCase.scanner
-			actualExcludePatterns := GetExcludePatterns(module, scanner)
+			actualExcludePatterns := GetExcludePatterns(module, scanner, []string{})
 			if scanner == nil {
 				assert.ElementsMatch(t, module.ExcludePatterns, actualExcludePatterns)
 				return
@@ -280,7 +280,7 @@ func TestAddScoreToRunRules(t *testing.T) {
 	}
 }
 
-func TestFilterUniqueAndConvertToFilesExcludePatterns(t *testing.T) {
+func TestConvertToFilesExcludePatterns(t *testing.T) {
 	tests := []struct {
 		name            string
 		excludePatterns []string
@@ -297,7 +297,7 @@ func TestFilterUniqueAndConvertToFilesExcludePatterns(t *testing.T) {
 	}
 
 	for _, test := range tests {
-		filteredExcludePatterns := filterUniqueAndConvertToFilesExcludePatterns(test.excludePatterns)
+		filteredExcludePatterns := convertToFilesExcludePatterns(test.excludePatterns)
 		// Sort is needed since we create the response slice from a Set (unordered)
 		slices.Sort(filteredExcludePatterns)
 		assert.EqualValues(t, test.expectedOutput, filteredExcludePatterns)
diff --git a/jas/iac/iacscanner.go b/jas/iac/iacscanner.go
@@ -70,7 +70,7 @@ func newIacScanManager(scanner *jas.JasScanner, scannerTempDir string, resultsTo
 }
 
 func (iac *IacScanManager) Run(module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error) {
-	if err = iac.createConfigFile(module, append(iac.scanner.Exclusions, iac.scanner.ScannersExclusions.IacExcludePatterns...)...); err != nil {
+	if err = iac.createConfigFile(module, iac.scanner.ScannersExclusions.IacExcludePatterns, iac.scanner.Exclusions...); err != nil {
 		return
 	}
 	if err = iac.runAnalyzerManager(); err != nil {
@@ -91,7 +91,7 @@ type iacScanConfiguration struct {
 	SkippedDirs            []string `yaml:"skipped-folders"`
 }
 
-func (iac *IacScanManager) createConfigFile(module jfrogappsconfig.Module, exclusions ...string) error {
+func (iac *IacScanManager) createConfigFile(module jfrogappsconfig.Module, centralConfigExclusions []string, exclusions ...string) error {
 	roots, err := jas.GetSourceRoots(module, module.Scanners.Iac)
 	if err != nil {
 		return err
@@ -103,7 +103,7 @@ func (iac *IacScanManager) createConfigFile(module jfrogappsconfig.Module, exclu
 				Output:                 iac.resultsFileName,
 				PathToResultsToCompare: iac.resultsToCompareFileName,
 				Type:                   iacScannerType,
-				SkippedDirs:            jas.GetExcludePatterns(module, module.Scanners.Iac, exclusions...),
+				SkippedDirs:            jas.GetExcludePatterns(module, module.Scanners.Iac, centralConfigExclusions, exclusions...),
 			},
 		},
 	}
diff --git a/jas/iac/iacscanner_test.go b/jas/iac/iacscanner_test.go
@@ -67,7 +67,7 @@ func TestIacScan_CreateConfigFile_VerifyFileWasCreated(t *testing.T) {
 
 	currWd, err := coreutils.GetWorkingDirectory()
 	assert.NoError(t, err)
-	err = iacScanManager.createConfigFile(jfrogappsconfig.Module{SourceRoot: currWd})
+	err = iacScanManager.createConfigFile(jfrogappsconfig.Module{SourceRoot: currWd}, []string{})
 
 	defer func() {
 		err = os.Remove(iacScanManager.configFileName)
diff --git a/jas/sast/sastscanner.go b/jas/sast/sastscanner.go
@@ -69,7 +69,7 @@ func newSastScanManager(scanner *jas.JasScanner, scannerTempDir string, signedDe
 }
 
 func (ssm *SastScanManager) Run(module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error) {
-	if err = ssm.createConfigFile(module, ssm.signedDescriptions, append(ssm.scanner.Exclusions, ssm.scanner.ScannersExclusions.SastExcludePatterns...)...); err != nil {
+	if err = ssm.createConfigFile(module, ssm.signedDescriptions, ssm.scanner.ScannersExclusions.SastExcludePatterns, ssm.scanner.Exclusions...); err != nil {
 		return
 	}
 	if err = ssm.runAnalyzerManager(filepath.Dir(ssm.scanner.AnalyzerManager.AnalyzerManagerFullPath)); err != nil {
@@ -104,7 +104,7 @@ type sastParameters struct {
 	SignedDescriptions bool `yaml:"signed_descriptions,omitempty"`
 }
 
-func (ssm *SastScanManager) createConfigFile(module jfrogappsconfig.Module, signedDescriptions bool, exclusions ...string) error {
+func (ssm *SastScanManager) createConfigFile(module jfrogappsconfig.Module, signedDescriptions bool, centralConfigExclusions []string, exclusions ...string) error {
 	sastScanner := module.Scanners.Sast
 	if sastScanner == nil {
 		sastScanner = &jfrogappsconfig.SastScanner{}
@@ -125,7 +125,7 @@ func (ssm *SastScanManager) createConfigFile(module jfrogappsconfig.Module, sign
 				SastParameters: sastParameters{
 					SignedDescriptions: signedDescriptions,
 				},
-				ExcludePatterns: jas.GetExcludePatterns(module, &sastScanner.Scanner, exclusions...),
+				ExcludePatterns: jas.GetExcludePatterns(module, &sastScanner.Scanner, centralConfigExclusions, exclusions...),
 				UserRules:       ssm.sastRules,
 			},
 		},
diff --git a/jas/secrets/secretsscanner.go b/jas/secrets/secretsscanner.go
@@ -75,7 +75,7 @@ func newSecretsScanManager(scanner *jas.JasScanner, scanType SecretsScanType, sc
 }
 
 func (ssm *SecretScanManager) Run(module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []*sarif.Run, violationsSarifRuns []*sarif.Run, err error) {
-	if err = ssm.createConfigFile(module, append(ssm.scanner.Exclusions, ssm.scanner.ScannersExclusions.SecretsExcludePatterns...)...); err != nil {
+	if err = ssm.createConfigFile(module, ssm.scanner.ScannersExclusions.SecretsExcludePatterns, ssm.scanner.Exclusions...); err != nil {
 		return
 	}
 	if err = ssm.runAnalyzerManager(); err != nil {
@@ -96,7 +96,7 @@ type secretsScanConfiguration struct {
 	SkippedDirs            []string `yaml:"skipped-folders"`
 }
 
-func (s *SecretScanManager) createConfigFile(module jfrogappsconfig.Module, exclusions ...string) error {
+func (s *SecretScanManager) createConfigFile(module jfrogappsconfig.Module, centralConfigExclusions []string, exclusions ...string) error {
 	roots, err := jas.GetSourceRoots(module, module.Scanners.Secrets)
 	if err != nil {
 		return err
@@ -108,7 +108,7 @@ func (s *SecretScanManager) createConfigFile(module jfrogappsconfig.Module, excl
 				Output:                 s.resultsFileName,
 				PathToResultsToCompare: s.resultsToCompareFileName,
 				Type:                   string(s.scanType),
-				SkippedDirs:            jas.GetExcludePatterns(module, module.Scanners.Secrets, exclusions...),
+				SkippedDirs:            jas.GetExcludePatterns(module, module.Scanners.Secrets, centralConfigExclusions, exclusions...),
 			},
 		},
 	}
diff --git a/jas/secrets/secretsscanner_test.go b/jas/secrets/secretsscanner_test.go
@@ -62,7 +62,7 @@ func TestSecretsScan_CreateConfigFile_VerifyFileWasCreated(t *testing.T) {
 
 	currWd, err := coreutils.GetWorkingDirectory()
 	assert.NoError(t, err)
-	err = secretScanManager.createConfigFile(jfrogappsconfig.Module{SourceRoot: currWd})
+	err = secretScanManager.createConfigFile(jfrogappsconfig.Module{SourceRoot: currWd}, []string{})
 	assert.NoError(t, err)
 
 	defer func() {
diff --git a/sca/bom/buildinfo/technologies/common_test.go b/sca/bom/buildinfo/technologies/common_test.go
@@ -62,8 +62,6 @@ func TestGetExcludePattern(t *testing.T) {
 						},
 					},
 				},
-				IsDefault:      false,
-				IsBasicProfile: false,
 			},
 			expected: "(^exclude1$)|(^exclude2$)|(^exclude3$)",
 		},
diff --git a/tests/testdata/other/configProfile/configProfileExample.json b/tests/testdata/other/configProfile/configProfileExample.json
diff --git a/utils/xsc/configprofile_test.go b/utils/xsc/configprofile_test.go

Original file line number	Diff line number	Diff line change
`@@ -88,7 +88,7 @@ func newApplicabilityScanManager(directDependenciesCves, indirectDependenciesCve`
`88`	`88`	`}`
`89`	`89`
`90`	`90`	`func (asm ApplicabilityScanManager) Run(module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []sarif.Run, violationsSarifRuns []*sarif.Run, err error) {`
`91`		`- if err = asm.createConfigFile(module, append(asm.scanner.Exclusions, asm.scanner.ScannersExclusions.ContextualAnalysisExcludePatterns...)...); err != nil {`
	`91`	`+ if err = asm.createConfigFile(module, asm.scanner.ScannersExclusions.ContextualAnalysisExcludePatterns, asm.scanner.Exclusions...); err != nil {`
`92`	`92`	`return`
`93`	`93`	`}`
`94`	`94`	`if err = asm.runAnalyzerManager(); err != nil {`
`@@ -116,12 +116,12 @@ type scanConfiguration struct {`
`116`	`116`	ScanType string `yaml:"scantype"`
`117`	`117`	`}`
`118`	`118`
`119`		`-func (asm *ApplicabilityScanManager) createConfigFile(module jfrogappsconfig.Module, exclusions ...string) error {`
	`119`	`+func (asm *ApplicabilityScanManager) createConfigFile(module jfrogappsconfig.Module, centralConfigExclusions []string, exclusions ...string) error {`
`120`	`120`	`roots, err := jas.GetSourceRoots(module, nil)`
`121`	`121`	`if err != nil {`
`122`	`122`	`return err`
`123`	`123`	`}`
`124`		`- excludePatterns := jas.GetExcludePatterns(module, nil, exclusions...)`
	`124`	`+ excludePatterns := jas.GetExcludePatterns(module, nil, centralConfigExclusions, exclusions...)`
`125`	`125`	`if asm.thirdPartyScan {`
`126`	`126`	`log.Info("Including node modules folder in applicability scan")`
`127`	`127`	`excludePatterns = removeElementFromSlice(excludePatterns, utils.NodeModulesPattern)`
Original file line number	Diff line number	Diff line change
`@@ -70,7 +70,7 @@ func newIacScanManager(scanner *jas.JasScanner, scannerTempDir string, resultsTo`
`70`	`70`	`}`
`71`	`71`
`72`	`72`	`func (iac IacScanManager) Run(module jfrogappsconfig.Module) (vulnerabilitiesSarifRuns []sarif.Run, violationsSarifRuns []*sarif.Run, err error) {`
`73`		`- if err = iac.createConfigFile(module, append(iac.scanner.Exclusions, iac.scanner.ScannersExclusions.IacExcludePatterns...)...); err != nil {`
	`73`	`+ if err = iac.createConfigFile(module, iac.scanner.ScannersExclusions.IacExcludePatterns, iac.scanner.Exclusions...); err != nil {`
`74`	`74`	`return`
`75`	`75`	`}`
`76`	`76`	`if err = iac.runAnalyzerManager(); err != nil {`
`@@ -91,7 +91,7 @@ type iacScanConfiguration struct {`
`91`	`91`	SkippedDirs []string `yaml:"skipped-folders"`
`92`	`92`	`}`
`93`	`93`
`94`		`-func (iac *IacScanManager) createConfigFile(module jfrogappsconfig.Module, exclusions ...string) error {`
	`94`	`+func (iac *IacScanManager) createConfigFile(module jfrogappsconfig.Module, centralConfigExclusions []string, exclusions ...string) error {`
`95`	`95`	`roots, err := jas.GetSourceRoots(module, module.Scanners.Iac)`
`96`	`96`	`if err != nil {`
`97`	`97`	`return err`
`@@ -103,7 +103,7 @@ func (iac *IacScanManager) createConfigFile(module jfrogappsconfig.Module, exclu`
`103`	`103`	`Output: iac.resultsFileName,`
`104`	`104`	`PathToResultsToCompare: iac.resultsToCompareFileName,`
`105`	`105`	`Type: iacScannerType,`
`106`		`- SkippedDirs: jas.GetExcludePatterns(module, module.Scanners.Iac, exclusions...),`
	`106`	`+ SkippedDirs: jas.GetExcludePatterns(module, module.Scanners.Iac, centralConfigExclusions, exclusions...),`
`107`	`107`	`},`
`108`	`108`	`},`
`109`	`109`	`}`