Malicious code scanner

barv-jfrog · barv-jfrog · commit e846bffda49e · 2025-12-08T16:42:03.000+02:00
diff --git a/commands/maliciousscan/maliciousscan.go b/commands/maliciousscan/maliciousscan.go
@@ -109,12 +109,11 @@ func (cmd *MaliciousScanCommand) Run() (err error) {
 		return fmt.Errorf("failed to download Analyzer Manager: %w", err)
 	}
 
-	isRecursiveScan := len(cmd.workingDirs) == 0
 	workingDirs, err := coreutils.GetFullPathsWorkingDirs(cmd.workingDirs)
 	if err != nil {
 		return err
 	}
-	logScanPaths(workingDirs, isRecursiveScan)
+	logScanPaths(workingDirs)
 
 	cmdResults := results.NewCommandResults(utils.SourceCode)
 	cmdResults.SetXrayVersion(xrayVersion)
@@ -123,7 +122,7 @@ func (cmd *MaliciousScanCommand) Run() (err error) {
 		IncludeVulnerabilities: true,
 	})
 
-	populateScanTargets(cmdResults, workingDirs, isRecursiveScan)
+	populateScanTargets(cmdResults, workingDirs)
 
 	scannerOptions := []jas.JasScannerOption{
 		jas.WithEnvVars(
@@ -225,22 +224,18 @@ func (cmd *MaliciousScanCommand) Run() (err error) {
 	return nil
 }
 
-func logScanPaths(workingDirs []string, isRecursiveScan bool) {
+func logScanPaths(workingDirs []string) {
 	if len(workingDirs) == 0 {
 		return
 	}
 	if len(workingDirs) == 1 {
-		if isRecursiveScan {
-			log.Info("Detecting recursively targets for scan in path:", workingDirs[0])
-		} else {
-			log.Info("Scanning path:", workingDirs[0])
-		}
+		log.Info("Scanning path:", workingDirs[0])
 		return
 	}
 	log.Info("Scanning paths:", strings.Join(workingDirs, ", "))
 }
 
-func populateScanTargets(cmdResults *results.SecurityCommandResults, workingDirs []string, isRecursiveScan bool) {
+func populateScanTargets(cmdResults *results.SecurityCommandResults, workingDirs []string) {
 	for _, requestedDirectory := range workingDirs {
 		if !fileutils.IsPathExists(requestedDirectory, false) {
 			log.Warn("The working directory", requestedDirectory, "doesn't exist. Skipping scan...")
diff --git a/jas/maliciouscode/maliciouscodescanner.go b/jas/maliciouscode/maliciouscodescanner.go
@@ -14,8 +14,9 @@ import (
 )
 
 const (
+	maliciousScanCommand = "mal"
+
 	MaliciousScannerType MaliciousScanType = "malicious-scan" // #nosec
-	maliciousScanCommand                   = "mal"
 )
 
 type MaliciousScanType string

Original file line number	Diff line number	Diff line change
`@@ -14,8 +14,9 @@ import (`
`14`	`14`	`)`
`15`	`15`
`16`	`16`	`const (`
	`17`	`+ maliciousScanCommand = "mal"`
	`18`	`+`
`17`	`19`	`MaliciousScannerType MaliciousScanType = "malicious-scan" // #nosec`
`18`		`- maliciousScanCommand = "mal"`
`19`	`20`	`)`
`20`	`21`
`21`	`22`	`type MaliciousScanType string`