Merge branch 'master' into fix/ruby-git-deps

fossas · Apr 18, 2024 · 5a575f7 · 5a575f7
2 parents 2f0944e + b73c87d
commit 5a575f7
Show file tree

Hide file tree

Showing 7 changed files with 27 additions and 113 deletions.
diff --git a/.github/scripts/install-nix.sh b/.github/scripts/install-nix.sh
diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml
@@ -32,14 +32,10 @@ jobs:
         sed 's/nixbld:x:\([[:digit:]]*\):$/nixbld:x:\1:nixbld-1,nixbld-2,nixbld-3/' /etc/group > group-changed
         mv group-changed /etc/group
 
-    - name: run our custom nix install script
-      run : ./.github/scripts/install-nix.sh
-      shell: bash
-      env:
-        INPUT_NIX_PATH: "nixpkgs=channel:nixos-unstable"
-        INPUT_EXTRA_NIX_CONFIG: "build-users-group = nixbld"
-        INPUT_INSTALL_URL: ""
-        INPUT_INSTALL_OPTIONS: ""
+    - uses: cachix/install-nix-action@v25
+      with:
+        nix_path: nixpkgs=channel:nixos-unstable
+        extra_nix_config: "build-users-group = nixbld"
 
     - name: Debugging information
       run: |

diff --git a/.github/workflows/integrations-test.yml b/.github/workflows/integrations-test.yml
@@ -41,14 +41,10 @@ jobs:
         sed 's/nixbld:x:\([[:digit:]]*\):$/nixbld:x:\1:nixbld-1,nixbld-2,nixbld-3/' /etc/group > group-changed
         mv group-changed /etc/group
 
-    - name: run our custom nix install script
-      run : ./.github/scripts/install-nix.sh
-      shell: bash
-      env:
-        INPUT_NIX_PATH: "nixpkgs=channel:nixos-unstable"
-        INPUT_EXTRA_NIX_CONFIG: "build-users-group = nixbld"
-        INPUT_INSTALL_URL: ""
-        INPUT_INSTALL_OPTIONS: ""
+    - uses: cachix/install-nix-action@v25
+      with:
+        nix_path: nixpkgs=channel:nixos-unstable
+        extra_nix_config: "build-users-group = nixbld"
 
     - name: Debugging information
       run: |

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -94,4 +94,4 @@ jobs:
         uses: sudo-bot/action-shellcheck@latest
         with:
             # https://github.com/koalaman/shellcheck#how-to-use
-            cli-args: "*.sh ./.github/scripts/*.sh"
+            cli-args: "*.sh"
diff --git a/Changelog.md b/Changelog.md
@@ -2,6 +2,7 @@
 
 ## v3.9.13
 - Support GIT dependencies in Bundler projects ([#1403](https://github.com/fossas/fossa-cli/pull/1403/files))
+- Reports: Increase the timeout when hitting the report generation API endpoint ([#1412](https://github.com/fossas/fossa-cli/pull/1412)).
 
 ## v3.9.12
 - `--detect-dynamic`: Fix deb tatic parsing ([#1401](https://github.com/fossas/fossa-cli/pull/1401)).

diff --git a/docs/references/subcommands/analyze/detect-vendored.md b/docs/references/subcommands/analyze/detect-vendored.md
@@ -23,6 +23,18 @@ By default, VSI ignores the following directory:
 
 ### FAQ
 
+#### Is there a limit to the number of scanned files?
+
+This feature does not have a concrete limit, however at this time FOSSA considers projects that have more than 35,000 files "unsupported".
+That being said, they may work.
+
+> [!NOTE]
+> Files are counted recursively, meaning that every archive contained in your project is unpacked and its contents are scanned,
+> and each of those interior files count when talking about the 35,000 file supported limit.
+
+If you find that this is a significant issue in your usage of this feature, we'd love to hear more about your use case.
+Please consider dropping us a message through the [FOSSA Support page](https://support.fossa.com)!
+
 #### Is my source code sent to FOSSA's servers?
 
 VSI fingerprints your first party source code but does not send it to the server. Currently this is implemented with two SHA-256 hashes:

diff --git a/src/Control/Carrier/FossaApiClient/Internal/FossaAPIV1.hs b/src/Control/Carrier/FossaApiClient/Internal/FossaAPIV1.hs
@@ -1183,6 +1183,8 @@ getAttributionJson apiOpts ProjectRevision{..} = fossaReq $ do
             =: True
           <> "dependencyInfoOptions[]"
             =: packageDownloadUrl
+          -- Large reports can take over a minute to generate, so increase the timeout to 10 minutes
+          <> responseTimeoutSeconds 600
   orgId <- organizationId <$> getOrganization apiOpts
   response <- req GET (attributionEndpoint baseUrl orgId (Locator "custom" projectName (Just projectRevision)) ReportJson) NoReqBody jsonResponse opts
   pure (responseBody response)
@@ -1197,7 +1199,9 @@ getAttribution apiOpts revision ReportJson = fossaReq $ do
   jsonValue <- getAttributionJson apiOpts revision
   pure . decodeUtf8 $ Aeson.encode jsonValue
 getAttribution apiOpts ProjectRevision{..} format = fossaReq $ do
-  (baseUrl, opts) <- useApiOpts apiOpts
+  (baseUrl, baseOpts) <- useApiOpts apiOpts
+  -- Large reports can take over a minute to generate, so increase the timeout to 10 minutes
+  let opts = baseOpts <> responseTimeoutSeconds 600
 
   orgId <- organizationId <$> getOrganization apiOpts
   response <- req GET (attributionEndpoint baseUrl orgId (Locator "custom" projectName (Just projectRevision)) format) NoReqBody bsResponse opts