From 05e5f75f8c2c9444df8d59a79e7a3784155c75f5 Mon Sep 17 00:00:00 2001 From: Eran Turgeman Date: Tue, 30 Dec 2025 15:18:41 +0200 Subject: [PATCH 1/2] fix naming and potential bug in temp dir switching --- scanrepository/scanrepository.go | 19 ++++++++++++++----- utils/git.go | 5 +++-- 2 files changed, 17 insertions(+), 7 deletions(-) diff --git a/scanrepository/scanrepository.go b/scanrepository/scanrepository.go index bd4301f05..df25cb14f 100644 --- a/scanrepository/scanrepository.go +++ b/scanrepository/scanrepository.go @@ -70,17 +70,25 @@ func (sr *ScanRepositoryCmd) Run(repository utils.Repository, client vcsclient.V } func (sr *ScanRepositoryCmd) prepareEnvAndScanBranch(repository *utils.Repository) (err error) { - repoDir, restoreBaseDir, err := sr.checkoutToBranch() + repoDir, restoreBaseDir, err := sr.switchToTempWorkingDir() if err != nil { return } sr.baseWd = repoDir defer func() { - // On dry run don't delete the folder as we want to validate results if sr.dryRun { + // On dry run don't delete the folder as we want to validate results return } - err = errors.Join(err, restoreBaseDir(), fileutils.RemoveTempDir(repoDir)) + if restoreErr := restoreBaseDir(); restoreErr != nil { + err = errors.Join(err, restoreErr) + } + if repoErr := sr.gitManager.SetCurrentWdAsLocalGitRepository(); repoErr != nil { + err = errors.Join(err, repoErr) + } + if removeErr := fileutils.RemoveTempDir(repoDir); removeErr != nil { + err = errors.Join(err, removeErr) + } }() sr.scanDetails.MultiScanId, sr.scanDetails.StartTime = xsc.SendNewScanEvent(sr.scanDetails.XrayVersion, sr.scanDetails.XscVersion, @@ -427,7 +435,8 @@ func (sr *ScanRepositoryCmd) preparePullRequestDetails(aggregateFixes bool, vuln return pullRequestTitle, prBody, extraComments, nil } -func (sr *ScanRepositoryCmd) checkoutToBranch() (tempWd string, restoreDir func() error, err error) { +// This func switches to a newly created or provided temp dir for the the current execution in order to keep the user's working dir clean. +func (sr *ScanRepositoryCmd) switchToTempWorkingDir() (tempWd string, restoreDir func() error, err error) { if sr.dryRun { tempWd = filepath.Join(sr.dryRunRepoPath, sr.scanDetails.RepoName) } else { @@ -450,7 +459,7 @@ func (sr *ScanRepositoryCmd) checkoutToBranch() (tempWd string, restoreDir func( return } // Set the current copied local dir as the local git repository we are working with - err = sr.gitManager.SetLocalRepository() + err = sr.gitManager.SetCurrentWdAsLocalGitRepository() return } diff --git a/utils/git.go b/utils/git.go index 491041f81..e858f6bb0 100644 --- a/utils/git.go +++ b/utils/git.go @@ -124,11 +124,12 @@ func (gm *GitManager) SetLocalRepositoryAndRemoteName() (*GitManager, error) { var err error // Re-initialize the repository and update remoteName gm.remoteName = vcsutils.RemoteName - err = gm.SetLocalRepository() + err = gm.SetCurrentWdAsLocalGitRepository() return gm, err } -func (gm *GitManager) SetLocalRepository() error { +// Sets the current working dir as the local git repository +func (gm *GitManager) SetCurrentWdAsLocalGitRepository() error { var err error gm.localGitRepository, err = git.PlainOpen(".") return err From 1a02565112d306c135309851d4652d5dc8093371 Mon Sep 17 00:00:00 2001 From: Eran Turgeman Date: Sun, 4 Jan 2026 11:33:26 +0200 Subject: [PATCH 2/2] remove comments --- scanrepository/scanrepository.go | 2 -- utils/git.go | 1 - 2 files changed, 3 deletions(-) diff --git a/scanrepository/scanrepository.go b/scanrepository/scanrepository.go index df25cb14f..f906a989e 100644 --- a/scanrepository/scanrepository.go +++ b/scanrepository/scanrepository.go @@ -435,7 +435,6 @@ func (sr *ScanRepositoryCmd) preparePullRequestDetails(aggregateFixes bool, vuln return pullRequestTitle, prBody, extraComments, nil } -// This func switches to a newly created or provided temp dir for the the current execution in order to keep the user's working dir clean. func (sr *ScanRepositoryCmd) switchToTempWorkingDir() (tempWd string, restoreDir func() error, err error) { if sr.dryRun { tempWd = filepath.Join(sr.dryRunRepoPath, sr.scanDetails.RepoName) @@ -458,7 +457,6 @@ func (sr *ScanRepositoryCmd) switchToTempWorkingDir() (tempWd string, restoreDir if err != nil { return } - // Set the current copied local dir as the local git repository we are working with err = sr.gitManager.SetCurrentWdAsLocalGitRepository() return } diff --git a/utils/git.go b/utils/git.go index e858f6bb0..00e2698e5 100644 --- a/utils/git.go +++ b/utils/git.go @@ -128,7 +128,6 @@ func (gm *GitManager) SetLocalRepositoryAndRemoteName() (*GitManager, error) { return gm, err } -// Sets the current working dir as the local git repository func (gm *GitManager) SetCurrentWdAsLocalGitRepository() error { var err error gm.localGitRepository, err = git.PlainOpen(".")