Audit - Do not copy Visual Studio inner folder when building dependency tree (#205)

kerenr-jfrog · web-flow · commit c989616b5ed6 · 2024-10-28T13:15:05.000+02:00
diff --git a/commands/audit/sca/common.go b/commands/audit/sca/common.go
@@ -21,6 +21,11 @@ import (
 	xrayUtils "github.com/jfrog/jfrog-client-go/xray/services/utils"
 )
 
+const (
+	// Visual Studio inner directory.
+	DotVsRepoSuffix = ".vs"
+)
+
 var CurationErrorMsgToUserTemplate = "Failed to retrieve the dependencies tree for the %s project. Please contact your " +
 	"Artifactory administrator to verify pass-through for Curation audit is enabled for your project"
 
diff --git a/commands/audit/sca/nuget/nuget.go b/commands/audit/sca/nuget/nuget.go
@@ -65,7 +65,8 @@ func BuildDependencyTree(params utils.AuditParams) (dependencyTree []*xrayUtils.
 		err = errors.Join(err, fileutils.RemoveTempDir(tmpWd))
 	}()
 
-	err = biutils.CopyDir(wd, tmpWd, true, nil)
+	// Exclude Visual Studio inner directorty since it is not neccessary for the scan process and may cause race condition. 
+	err = biutils.CopyDir(wd, tmpWd, true, []string{sca.DotVsRepoSuffix})
 	if err != nil {
 		err = fmt.Errorf("failed copying project to temp dir: %w", err)
 		return
diff --git a/commands/audit/sca/pnpm/pnpm.go b/commands/audit/sca/pnpm/pnpm.go
@@ -13,6 +13,7 @@ import (
 	"golang.org/x/exp/maps"
 	"golang.org/x/exp/slices"
 
+	"github.com/jfrog/jfrog-cli-security/commands/audit/sca"
 	"github.com/jfrog/jfrog-cli-security/commands/audit/sca/npm"
 	"github.com/jfrog/jfrog-cli-security/utils"
 	"github.com/jfrog/jfrog-cli-security/utils/techutils"
@@ -115,7 +116,9 @@ func installProjectIfNeeded(pnpmExecPath, workingDir string) (dirForDependencies
 			err = errors.Join(err, fileutils.RemoveTempDir(dirForDependenciesCalculation))
 		}
 	}()
-	err = biutils.CopyDir(workingDir, dirForDependenciesCalculation, true, nil)
+
+	// Exclude Visual Studio inner directorty since it is not neccessary for the scan process and may cause race condition. 
+	err = biutils.CopyDir(workingDir, dirForDependenciesCalculation, true, []string{sca.DotVsRepoSuffix})
 	if err != nil {
 		err = fmt.Errorf("failed copying project to temp dir: %w", err)
 		return
diff --git a/commands/audit/sca/python/python.go b/commands/audit/sca/python/python.go
@@ -94,7 +94,8 @@ func getDependencies(auditPython *AuditPython) (dependenciesGraph map[string][]s
 		)
 	}()
 
-	err = biutils.CopyDir(wd, tempDirPath, true, nil)
+	// Exclude Visual Studio inner directorty since it is not neccessary for the scan process and may cause race condition. 
+	err = biutils.CopyDir(wd, tempDirPath, true, []string{sca.DotVsRepoSuffix})
 	if err != nil {
 		return
 	}
@@ -439,4 +440,4 @@ func populatePythonDependencyTree(currNode *xrayUtils.GraphNode, dependenciesGra
 		currNode.Nodes = append(currNode.Nodes, childNode)
 		populatePythonDependencyTree(childNode, dependenciesGraph, uniqueDepsSet)
 	}
-}
+}

Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,8 @@ func getDependencies(auditPython *AuditPython) (dependenciesGraph map[string][]s`
`94`	`94`	`)`
`95`	`95`	`}()`
`96`	`96`
`97`		`- err = biutils.CopyDir(wd, tempDirPath, true, nil)`
	`97`	`+ // Exclude Visual Studio inner directorty since it is not neccessary for the scan process and may cause race condition.`
	`98`	`+ err = biutils.CopyDir(wd, tempDirPath, true, []string{sca.DotVsRepoSuffix})`
`98`	`99`	`if err != nil {`
`99`	`100`	`return`
`100`	`101`	`}`
`@@ -439,4 +440,4 @@ func populatePythonDependencyTree(currNode *xrayUtils.GraphNode, dependenciesGra`
`439`	`440`	`currNode.Nodes = append(currNode.Nodes, childNode)`
`440`	`441`	`populatePythonDependencyTree(childNode, dependenciesGraph, uniqueDepsSet)`
`441`	`442`	`}`
`442`		`-}`
	`443`	`+}`