From defca393781f31528fe3b09329485656038553ab Mon Sep 17 00:00:00 2001 From: dterrysynopsys Date: Fri, 21 Jul 2023 10:31:01 -0700 Subject: [PATCH 1/4] guard against 32k windows file limit and fix error reporting for rapid sig scans --- shared-version.properties | 2 +- .../detect/lifecycle/run/step/RapidModeStepRunner.java | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/shared-version.properties b/shared-version.properties index 01dfe2a4b0..71e75241c0 100644 --- a/shared-version.properties +++ b/shared-version.properties @@ -1,3 +1,3 @@ // ALSO CHANGE integration-common version in src/main/resources/create-gradle-airgap-script.ft -gradle.ext.blackDuckCommonVersion='66.2.3' +gradle.ext.blackDuckCommonVersion='66.2.5-SNAPSHOT-e' gradle.ext.springBootVersion='2.7.12' diff --git a/src/main/java/com/synopsys/integration/detect/lifecycle/run/step/RapidModeStepRunner.java b/src/main/java/com/synopsys/integration/detect/lifecycle/run/step/RapidModeStepRunner.java index 9d578b18a2..b4786450cb 100644 --- a/src/main/java/com/synopsys/integration/detect/lifecycle/run/step/RapidModeStepRunner.java +++ b/src/main/java/com/synopsys/integration/detect/lifecycle/run/step/RapidModeStepRunner.java @@ -7,6 +7,7 @@ import java.nio.file.Paths; import java.util.ArrayList; import java.util.HashSet; +import java.util.Iterator; import java.util.List; import java.util.Optional; import java.util.UUID; @@ -17,6 +18,8 @@ import com.google.gson.Gson; import com.synopsys.integration.blackduck.api.generated.view.DeveloperScansScanView; +import com.synopsys.integration.blackduck.codelocation.Result; +import com.synopsys.integration.blackduck.codelocation.signaturescanner.ScanBatchOutput; import com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanCommandOutput; import com.synopsys.integration.detect.configuration.DetectUserFriendlyException; import com.synopsys.integration.detect.configuration.enumeration.BlackduckScanMode; @@ -168,6 +171,11 @@ private List parseScanUrls(String scanMode, SignatureScanOuputResult si List parsedUrls = new ArrayList<>(outputs.size()); for (ScanCommandOutput output : outputs) { + // Don't bother further processing scans that have failed. We have already reported errors on them. + if (output.getResult().equals(Result.FAILURE)) { + continue; + } + try { File specificRunOutputDirectory = output.getSpecificRunOutputDirectory(); String scanOutputLocation = specificRunOutputDirectory.toString() + SignatureScanResult.OUTPUT_FILE_PATH; From ae006048635678d4c93b647b23e1f55021cb242e Mon Sep 17 00:00:00 2001 From: David Terry Date: Fri, 4 Aug 2023 13:30:09 -0400 Subject: [PATCH 2/4] update BD common --- shared-version.properties | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/shared-version.properties b/shared-version.properties index 71e75241c0..58400de635 100644 --- a/shared-version.properties +++ b/shared-version.properties @@ -1,3 +1,3 @@ // ALSO CHANGE integration-common version in src/main/resources/create-gradle-airgap-script.ft -gradle.ext.blackDuckCommonVersion='66.2.5-SNAPSHOT-e' +gradle.ext.blackDuckCommonVersion='66.2.6' gradle.ext.springBootVersion='2.7.12' From 36155f3d8d51ad148fb68d3262c7e54b56743c4b Mon Sep 17 00:00:00 2001 From: David Terry Date: Fri, 4 Aug 2023 15:12:05 -0400 Subject: [PATCH 3/4] update release notes --- documentation/src/main/markdown/currentreleasenotes.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/documentation/src/main/markdown/currentreleasenotes.md b/documentation/src/main/markdown/currentreleasenotes.md index 453c0707fc..86705e21e3 100644 --- a/documentation/src/main/markdown/currentreleasenotes.md +++ b/documentation/src/main/markdown/currentreleasenotes.md @@ -8,3 +8,7 @@ * The Ephemeral Scan Mode, that was deprecated in [solution_name] 8.x, has been removed in favor of Stateless Scan Mode. See the [Stateless Scans page](runningdetect/statelessscan.md) for further details. * npm 6, which was deprecated in [solution_name] 8.x, is no longer supported. * [solution_name] 7.x has entered end of support. See the [Product Maintenance, Support, and Service Schedule page](https://sig-product-docs.synopsys.com/bundle/blackduck-compatibility/page/topics/Support-and-Service-Schedule.html) for further details. + +### Resolved issues + +* (IDETECT-3821) Detect will now capture and record failures of the Signature Scanner due to command lengths exceeding Windows limits. This can happen with certain folder structures when using the `detect.excluded.directories` property. \ No newline at end of file From 452a5d85446b2e52871e1cf41588444df4480db0 Mon Sep 17 00:00:00 2001 From: Chris Potts Date: Fri, 4 Aug 2023 15:58:05 -0400 Subject: [PATCH 4/4] Update DetectProperties.java Add a note indicating the Windows limitation on command length. --- .../integration/detect/configuration/DetectProperties.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.java b/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.java index f246ac677d..e96a723089 100644 --- a/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.java +++ b/src/main/java/com/synopsys/integration/detect/configuration/DetectProperties.java @@ -893,7 +893,7 @@ private DetectProperties() { StringListProperty.newBuilder("detect.excluded.directories", emptyList()) .setInfo("Detect Excluded Directories", DetectPropertyFromVersion.VERSION_7_0_0) .setHelp( - "A comma-separated list of names, name patterns, relative paths, or path patterns of directories that Detect should exclude.", + "A comma-separated list of names, name patterns, relative paths, or path patterns of directories that Detect should exclude. Caution should be exercised when including this parameter on Windows, as the command length generated may exceed OS limitations.", "Subdirectories whose name or path is resolved from the patterns in this list will not be searched when determining which detectors to run, will not be searched to find files for binary scanning when property detect.binary.scan.file.name.patterns is set, and will be excluded from signature scan using the Scan CLI '--exclude' flag. Refer to the Downloading and Running Synopsys Detect > Including and Excluding Tools, Detectors, Directories, etc. page for more details." ) .setGroups(DetectGroup.PATHS, DetectGroup.DETECTOR, DetectGroup.GLOBAL, DetectGroup.SOURCE_SCAN) @@ -906,7 +906,7 @@ private DetectProperties() { BooleanProperty.newBuilder("detect.excluded.directories.defaults.disabled", false) .setInfo("Detect Excluded Directories Defaults Disabled", DetectPropertyFromVersion.VERSION_7_0_0) .setHelp( - "If false, Detect will exclude the default directory names. See the detailed help for more information.", + "If false, Detect will exclude the default directory names. See the detailed help for more information. Caution should be exercised when including this parameter on Windows, as the commmand length generated may exceed OS limitations.", "If false, the following directories will be excluded by Detect when searching for detectors: __MACOX, bin, build, .git, .gradle, .yarn, node_modules, out, packages, target, .synopsys, and the following directories will be excluded from signature scan using the Scan CLI '--exclude' flag: .git, .gradle, node_modules, .synopsys." ) .setGroups(DetectGroup.PATHS, DetectGroup.DETECTOR, DetectGroup.GLOBAL, DetectGroup.SOURCE_SCAN)