Skip to content

Commit 4c26d1d

Browse files
authored
fix(scan): respect projectIgnorePaths from socket.yml (#1225)
Backport of v1.x #1137 to main. `socket scan create`, `socket scan reach`, and `socket fix` (coana path) now honor the `projectIgnorePaths` list from socket.yml when collecting files. The underlying glob infrastructure (`globWithGitIgnore`) and `getPackageFilesForScan` already accepted a `config` option on main — we just weren't feeding socket.yml into it from these three callers. Changes: * `handle-create-new-scan.mts`: load socket.yml via `findSocketYmlSync` and pass through as `config` to `getPackageFilesForScan`. * `handle-scan-reach.mts`: same. * `coana-fix.mts`: same. * `test/unit/commands/fix/handle-fix-limit.test.mts`: mock for `@socketsecurity/lib/fs` now also returns `safeReadFileSync` since `findSocketYmlSync` calls it; the no-op returns `undefined` so the test treats socket.yml as absent.
1 parent 35e70d4 commit 4c26d1d

File tree

4 files changed

+29
-0
lines changed

4 files changed

+29
-0
lines changed

packages/cli/src/commands/fix/coana-fix.mts

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@ import {
2929
import { FLAG_DRY_RUN } from '../../constants/cli.mts'
3030
import { GQL_PR_STATE_OPEN } from '../../constants/github.mts'
3131
import { DOT_SOCKET_DOT_FACTS_JSON } from '../../constants/paths.mts'
32+
import { findSocketYmlSync } from '../../utils/config.mts'
3233
import { spawnCoanaDlx } from '../../utils/dlx/spawn.mjs'
3334
import { getErrorCause } from '../../utils/error/errors.mjs'
3435
import { getPackageFilesForScan } from '../../utils/fs/path-resolve.mjs'
@@ -121,7 +122,15 @@ export async function coanaFix(
121122
}
122123

123124
const supportedFiles = supportedFilesCResult.data
125+
126+
// Load socket.yml so projectIgnorePaths is respected when collecting files.
127+
const socketYmlResult = findSocketYmlSync(cwd)
128+
const socketConfig = socketYmlResult.ok
129+
? socketYmlResult.data?.parsed
130+
: undefined
131+
124132
const scanFilepaths = await getPackageFilesForScan(['.'], supportedFiles, {
133+
config: socketConfig,
125134
cwd,
126135
})
127136

packages/cli/src/commands/scan/handle-create-new-scan.mts

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@ import { runSocketBasics } from '../../utils/basics/spawn.mts'
3131
function excludeFactsJson(paths: string[]): string[] {
3232
return paths.filter(p => path.basename(p) !== DOT_SOCKET_DOT_FACTS_JSON)
3333
}
34+
import { findSocketYmlSync } from '../../utils/config.mts'
3435
import { getPackageFilesForScan } from '../../utils/fs/path-resolve.mts'
3536
import { readOrDefaultSocketJson } from '../../utils/socket/json.mts'
3637
import { socketDocsLink } from '../../utils/terminal/link.mts'
@@ -149,7 +150,15 @@ export async function handleCreateNewScan({
149150
spinner.start('Searching for local files to include in scan...')
150151

151152
const supportedFiles = supportedFilesCResult.data
153+
154+
// Load socket.yml so projectIgnorePaths is respected when collecting files.
155+
const socketYmlResult = findSocketYmlSync(cwd)
156+
const socketConfig = socketYmlResult.ok
157+
? socketYmlResult.data?.parsed
158+
: undefined
159+
152160
const packagePaths = await getPackageFilesForScan(targets, supportedFiles, {
161+
config: socketConfig,
153162
cwd,
154163
})
155164

packages/cli/src/commands/scan/handle-scan-reach.mts

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ const logger = getDefaultLogger()
77
import { fetchSupportedScanFileNames } from './fetch-supported-scan-file-names.mts'
88
import { outputScanReach } from './output-scan-reach.mts'
99
import { performReachabilityAnalysis } from './perform-reachability-analysis.mts'
10+
import { findSocketYmlSync } from '../../utils/config.mts'
1011
import { getPackageFilesForScan } from '../../utils/fs/path-resolve.mts'
1112
import { checkCommandInput } from '../../utils/validation/check-input.mts'
1213

@@ -49,7 +50,15 @@ export async function handleScanReach({
4950
)
5051

5152
const supportedFiles = supportedFilesCResult.data
53+
54+
// Load socket.yml so projectIgnorePaths is respected when collecting files.
55+
const socketYmlResult = findSocketYmlSync(cwd)
56+
const socketConfig = socketYmlResult.ok
57+
? socketYmlResult.data?.parsed
58+
: undefined
59+
5260
const packagePaths = await getPackageFilesForScan(targets, supportedFiles, {
61+
config: socketConfig,
5362
cwd,
5463
})
5564

packages/cli/test/unit/commands/fix/handle-fix-limit.test.mts

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -113,6 +113,8 @@ vi.mock('../../../../src/commands/fix/pr-lifecycle-logger.mts', () => ({
113113

114114
vi.mock('@socketsecurity/lib/fs', () => ({
115115
readJsonSync: mockReadJsonSync,
116+
// Return undefined so findSocketYmlSync treats socket.yml as absent.
117+
safeReadFileSync: vi.fn(() => undefined),
116118
}))
117119

118120
vi.mock('node:fs', () => ({

0 commit comments

Comments
 (0)