Skip to content

Fix temp dir switching issue and naming in scan repo flow #1016

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
eranturgeman wants to merge 1 commit into
base: v3_er
Choose a base branch
from
Open

Fix temp dir switching issue and naming in scan repo flow #1016

eranturgeman wants to merge 1 commit into from

Conversation

@eranturgeman
Copy link
Contributor

@eranturgeman eranturgeman commented Dec 30, 2025

  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • This pull request is on the dev branch.
  • I used gofmt for formatting the code before submitting the pull request.
  • Update documentation about new features / new supported technologies

This PR fixes 2 things:

  1. names of functions that were incorrect/ not very clear
  2. potential bug that can cause the utilized gitManager to point its local git repository (.git) to a deleted repo, leaving it in an invalid state
    Explanation: Since we can iterate several branches in scan-repo, for each branch we work in a temp dir and return to the original dir at the end. When returning to the original dir we set the cur wd to the original dir and delete the temp one. I noticed that we missed setting the .git repo to the original on. This may cause if some failure happens to leave the gitManager pointing to a .git repository that no longer exists

@eranturgeman eranturgeman added bug Something isn't working safe to test Approve running integration tests on a pull request labels Dec 30, 2025
@github-actions github-actions bot removed the safe to test Approve running integration tests on a pull request label Dec 30, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Dec 30, 2025

👍 Frogbot scanned this pull request and did not find any new security issues.

@eranturgeman eranturgeman requested a review from eyalk007 January 1, 2026 07:40
eyalk007
eyalk007 requested changes Jan 1, 2026
View reviewed changes
utils/git.go
}

func (gm *GitManager) SetLocalRepository() error {
// Sets the current working dir as the local git repository
Copy link
Collaborator

@eyalk007 eyalk007 Jan 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

remove comment
func name is self explanatory

scanrepository/scanrepository.go
sr.baseWd = repoDir
defer func() {
// On dry run don't delete the folder as we want to validate results
if sr.dryRun {
Copy link
Collaborator

@eyalk007 eyalk007 Jan 1, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is not your code but if you like to(if not stop reading and resolve):

this whole dry run concept is wrong

dry run is used purely for tests

and this is test logic that is leaking into production code

if you want to fix it you can extract a GitClient interface and use dependency injection.

scanrepository/scanrepository.go
}

func (sr *ScanRepositoryCmd) checkoutToBranch() (tempWd string, restoreDir func() error, err error) {
// This func switches to a newly created or provided temp dir for the the current execution in order to keep the user's working dir clean.
Copy link
Collaborator

@eyalk007 eyalk007 Jan 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

typo in comment but remove it anyway

generally we don't want comments

comments are for either one of these 3 things:

  1. A temporary situation that will change in the future - Usually we add a TODO for a patch that cant be done.

  2. A misguided approach due to a third party source - for example the cli returns a bad object and we need to parse and change it to fit what we do.

  3. An unclear business logic - when the logic the code performs contradicts straightforward logic,
    We add a comment that explains the why the code is doing what it is doing and not the what.

scanrepository/scanrepository.go
if err != nil {
return
}
// Set the current copied local dir as the local git repository we are working with
Copy link
Collaborator

@eyalk007 eyalk007 Jan 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not your code but please remove comments

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eyalk007 eyalk007 eyalk007 requested changes

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eranturgeman @eyalk007