Skip to content

Fix has_manifest_files failing to match root-level manifest files#168

Open
dc-larsen wants to merge 1 commit intomainfrom
fix/has-manifest-files-root-path-matching
Open

Fix has_manifest_files failing to match root-level manifest files#168
dc-larsen wants to merge 1 commit intomainfrom
fix/has-manifest-files-root-path-matching

Conversation

@dc-larsen
Copy link

@dc-larsen dc-larsen commented Mar 4, 2026

Summary

has_manifest_files() unconditionally prepends **/ to patterns without /, then matches using PurePath.match(). In Python 3.12+, PurePath("package.json").match("**/package.json") returns False because ** requires at least one directory component. Root-level manifest files (the common case) never match.

This sets has_supported_files=False, forcing every scan into full scan mode instead of diff scan mode. Full scans don't post MR/PR comments.

Fix

Try the direct pattern match first (handles root-level files), then fall back to **/ prefixed pattern for subdirectory matching.

Reproduction

  1. Create a git repo with package.json at the root
  2. Run socketcli --target-path . --enable-debug --enable-diff
  3. Before fix: has_supported_files=False, falls back to full scan
  4. After fix: has_supported_files=True, proceeds with diff scan

Test plan

  • Added unit tests for root-level, subdirectory, wildcard, and edge cases (11 tests)
  • Reproduced locally on Python 3.14, confirmed fix resolves the issue
  • Verify socketdev/cli:latest Docker image Python version

Fixes Zendesk #2447

@dc-larsen
Fix has_manifest_files failing to match root-level manifest files
cea7932 
PurePath.match("**/package.json") returns False for root-level files
in Python 3.12+ because ** requires at least one directory component.
The function was unconditionally prepending **/ to all patterns,
causing root-level manifests like package.json and package-lock.json
to never match. This forced every scan into full scan mode instead of
diff scan mode, which meant MR/PR comments were never posted.

Fix by trying the direct pattern match first, then falling back to
the **/ prefixed pattern for subdirectory matching.

Fixes Zendesk #2447
@dc-larsen dc-larsen requested a review from a team as a code owner March 4, 2026 21:37
@github-actions
Copy link

github-actions bot commented Mar 4, 2026

Version Check Failed

Please increment...

@github-actions
Copy link

github-actions bot commented Mar 4, 2026

🚀 Preview package published!

Install with:

pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple socketsecurity==2.2.76.dev7

Docker image: socketdev/cli:pr-168

@dc-larsen dc-larsen requested a review from lelia March 4, 2026 21:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lelia lelia Awaiting requested review from lelia

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dc-larsen