"Skip MimeTypes from scanning" Feature is Not Working

[Abilash18]

Description:

We encountered difficulties with the "Skip MimeTypes from scanning" feature in Fossology version 4.4.0. Despite configuring specific MIME types (such as jpg, png, jpeg) to be excluded from scans, these files are still being scanned.

How to reproduce:

Create a FOSSology instance (using public docker image - version 4.4.0)

Scenario 1:

1. Add MIME type files (jpg, png, jpeg) to the exclude list in the "Skip MimeTypes from scanning" section on the customize page.

2. Upload a package containing files with these MIME types.

3. Select the option - "Ignore SCM files (Git, SVN, TFS) and files with particular Mimetype."

4. Initiate the upload.

Observation:

After the upload, upon browsing the files, it is observed that the files with the specified MIME types are included in the scan, contrary to the expected behavior where they should be skipped.

Scenario 2:

1. Add MIME type files (png) to the exclude list in the "Skip MimeTypes from scanning" section on the customize page.
   Go to 'admin --> customize'

2. Upload a package containing files with these MIME types(PNG).

3. Select the option - "Ignore SCM files (Git, SVN, TFS) and files with particular Mimetype."

4. Initiate the upload.

5. check the file browser,
   Observation:
   The system skips the PNG files during the upload process

6. Initiated the another scan for the same package. This time, do not select the option "Ignore SCM files (Git, SVN, TFS) and files with particular Mimetype."

Observation:
The system scans all files, including the PNG files that were skipped in the previous upload.

Complete Job Flow,

Versions: 4.4.0

We would appreciate your guidance on how to properly use the "Skip MimeTypes from scanning" feature. An example would be very helpful.

[shaheemazmalmmd]

@Abilash18 : This is the expected behavior as you have checked the option "Ignore SCM files (Git, SVN, TFS) and files with particular Mimetype" it ignored and vice versa.

This feature will not work if you don't check "Ignore SCM files (Git, SVN, TFS) and files with particular Mimetype"

[Abilash18]

@shaheemazmalmmd

We have added MIME type files (jpg, png, jpeg) to the exclude list in the "Skip MimeTypes from scanning" section on the customize page.

(png, .png, image/png)*

Upload: 1
We uploaded a source package, selected the option "Ignore SCM files (Git, SVN, TFS) and files with particular MIME types," initiated the scan, and the system successfully skipped the PNG files that we added for exclusion.

Upload: 2
With the same source package that we uploaded in upload 1, we created a new upload, this time without selecting the option "Ignore SCM files (Git, SVN, TFS) and files with particular MIME types," initiated the scan, and the system included the PNG files in the 2nd upload. However, the system also included the PNG files that were skipped in the previous scan (Upload 1).

We didn't selected the ignore option only for the 2nd upload, but it affected in the 1st upload as well.
Is this an expected behavior?

and also can you able to provide a correct format for adding mime-type files to exclude in "Skip MimeTypes from scanning"
We tried all the mime-type patterns as below which will be the correct format?
(png, .png, image/png)*