chore: rename fields to be more descriptive

thomasschafer · thomasschafer · commit 5b5372d08f79 · 2025-11-21T15:35:06.000Z
diff --git a/internal/mocks/uvclient.go b/internal/mocks/uvclient.go
@@ -21,11 +21,11 @@ func (m *MockUVClient) ExportSBOM(inputDir string) (*scaplugin.Finding, error) {
 	}
 	return &scaplugin.Finding{
 		Sbom: []byte(`{"mock":"sbom"}`),
-		FilesProcessed: []string{
+		FileExclusions: []string{
 			path.Join(inputDir, uv.RequirementsTxtFileName),
 			path.Join(inputDir, uv.PyprojectTomlFileName),
 		},
-		TargetFile: path.Join(inputDir, uv.UvLockFileName),
+		NormalisedTargetFile: uv.UvLockFileName,
 	}, nil
 }
 
diff --git a/internal/uv/uvclient.go b/internal/uv/uvclient.go
@@ -54,11 +54,11 @@ func (c client) ExportSBOM(inputDir string) (*scaplugin.Finding, error) {
 
 	return &scaplugin.Finding{
 		Sbom: output,
-		FilesProcessed: []string{
+		FileExclusions: []string{
 			path.Join(inputDir, RequirementsTxtFileName),
 			path.Join(inputDir, PyprojectTomlFileName),
 		},
-		TargetFile: path.Join(inputDir, UvLockFileName),
+		NormalisedTargetFile: UvLockFileName,
 	}, nil
 }
 
diff --git a/pkg/depgraph/sbom_resolution.go b/pkg/depgraph/sbom_resolution.go
@@ -106,7 +106,7 @@ func handleSBOMResolutionDI(
 func getExclusionsFromFindings(findings []scaplugin.Finding) []string {
 	exclusions := []string{}
 	for _, f := range findings {
-		exclusions = append(exclusions, f.FilesProcessed...)
+		exclusions = append(exclusions, f.FileExclusions...)
 	}
 	return exclusions
 }
@@ -160,7 +160,7 @@ func sbomToWorkflowData(finding scaplugin.Finding, snykClient *snykclient.SnykCl
 
 	logger.Printf("Successfully converted SBOM, warning(s): %d\n", len(warnings))
 
-	depGraphsData, err := extractDepGraphsFromScans(scans, finding.TargetFile)
+	depGraphsData, err := extractDepGraphsFromScans(scans, finding.NormalisedTargetFile)
 	if err != nil {
 		return nil, fmt.Errorf("failed to extract depgraphs from scan results: %w", err)
 	}
diff --git a/pkg/depgraph/sbom_resolution_test.go b/pkg/depgraph/sbom_resolution_test.go
@@ -242,8 +242,8 @@ func Test_callback_SBOMResolution(t *testing.T) {
 		// Create mock plugin that returns two findings
 		mockPlugin := &mockScaPlugin{
 			findings: []scaplugin.Finding{
-				{Sbom: []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[]}`), FilesProcessed: []string{}},
-				{Sbom: []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[{"name":"test"}]}`), FilesProcessed: []string{}},
+				{Sbom: []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[]}`), FileExclusions: []string{}},
+				{Sbom: []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[{"name":"test"}]}`), FileExclusions: []string{}},
 			},
 		}
 
@@ -297,19 +297,19 @@ func Test_callback_SBOMResolution(t *testing.T) {
 	t.Run("handleSBOMResolution with FlagAllProjects", func(t *testing.T) {
 		finding1 := scaplugin.Finding{
 			Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[]}`),
-			FilesProcessed: []string{"uv.lock", "pyproject.toml"},
+			FileExclusions: []string{"uv.lock", "pyproject.toml"},
 		}
 		finding2 := scaplugin.Finding{
 			Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[{"name":"test"}]}`),
-			FilesProcessed: []string{"requirements.txt", "setup.py"},
+			FileExclusions: []string{"requirements.txt", "setup.py"},
 		}
 		finding3 := scaplugin.Finding{
 			Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[{"name":"someFinding"}]}`),
-			FilesProcessed: []string{"package.json"},
+			FileExclusions: []string{"package.json"},
 		}
 		finding4 := scaplugin.Finding{
 			Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[{"name":"anotherFinding"}]}`),
-			FilesProcessed: []string{"go.mod"},
+			FileExclusions: []string{"go.mod"},
 		}
 
 		tc := []struct {
@@ -520,7 +520,7 @@ func Test_callback_SBOMResolution(t *testing.T) {
 			findings: []scaplugin.Finding{
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[]}`),
-					FilesProcessed: []string{"uv.lock"},
+					FileExclusions: []string{"uv.lock"},
 				},
 			},
 		}
@@ -590,7 +590,7 @@ func Test_callback_SBOMResolution(t *testing.T) {
 			findings: []scaplugin.Finding{
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","components":[]}`),
-					FilesProcessed: []string{"uv.lock"},
+					FileExclusions: []string{"uv.lock"},
 				},
 			},
 		}
@@ -632,7 +632,7 @@ func Test_getExclusionsFromFindings(t *testing.T) {
 			findings: []scaplugin.Finding{
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX"}`),
-					FilesProcessed: []string{},
+					FileExclusions: []string{},
 				},
 			},
 			expected: []string{},
@@ -642,7 +642,7 @@ func Test_getExclusionsFromFindings(t *testing.T) {
 			findings: []scaplugin.Finding{
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX"}`),
-					FilesProcessed: []string{"file1.py", "file2.py"},
+					FileExclusions: []string{"file1.py", "file2.py"},
 				},
 			},
 			expected: []string{"file1.py", "file2.py"},
@@ -652,11 +652,11 @@ func Test_getExclusionsFromFindings(t *testing.T) {
 			findings: []scaplugin.Finding{
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX"}`),
-					FilesProcessed: []string{"file1.py", "file2.py"},
+					FileExclusions: []string{"file1.py", "file2.py"},
 				},
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5"}`),
-					FilesProcessed: []string{"file3.py", "file4.py", "file5.py"},
+					FileExclusions: []string{"file3.py", "file4.py", "file5.py"},
 				},
 			},
 			expected: []string{"file1.py", "file2.py", "file3.py", "file4.py", "file5.py"},
@@ -666,15 +666,15 @@ func Test_getExclusionsFromFindings(t *testing.T) {
 			findings: []scaplugin.Finding{
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX"}`),
-					FilesProcessed: []string{},
+					FileExclusions: []string{},
 				},
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5"}`),
-					FilesProcessed: []string{"file1.py"},
+					FileExclusions: []string{"file1.py"},
 				},
 				{
 					Sbom:           []byte(`{"bomFormat":"CycloneDX","specVersion":"1.6"}`),
-					FilesProcessed: []string{"file2.py", "file3.py"},
+					FileExclusions: []string{"file2.py", "file3.py"},
 				},
 			},
 			expected: []string{"file1.py", "file2.py", "file3.py"},
diff --git a/pkg/sca_plugin/interface.go b/pkg/sca_plugin/interface.go
@@ -5,9 +5,9 @@ import "github.com/rs/zerolog"
 type Options struct{}
 
 type Finding struct {
-	Sbom           Sbom
-	FilesProcessed []string
-	TargetFile     string
+	Sbom                 Sbom     // The raw SBOM bytes
+	FileExclusions       []string // Paths for files that other plugins should ignore
+	NormalisedTargetFile string   // The target file name without any qualifiers, e.g. `uv.lock` (and not `dir/uv.lock`)
 }
 
 type Sbom []byte

Original file line number	Diff line number	Diff line change
`@@ -21,11 +21,11 @@ func (m MockUVClient) ExportSBOM(inputDir string) (scaplugin.Finding, error) {`
`21`	`21`	`}`
`22`	`22`	`return &scaplugin.Finding{`
`23`	`23`	Sbom: []byte(`{"mock":"sbom"}`),
`24`		`- FilesProcessed: []string{`
	`24`	`+ FileExclusions: []string{`
`25`	`25`	`path.Join(inputDir, uv.RequirementsTxtFileName),`
`26`	`26`	`path.Join(inputDir, uv.PyprojectTomlFileName),`
`27`	`27`	`},`
`28`		`- TargetFile: path.Join(inputDir, uv.UvLockFileName),`
	`28`	`+ NormalisedTargetFile: uv.UvLockFileName,`
`29`	`29`	`}, nil`
`30`	`30`	`}`
`31`	`31`
Original file line number	Diff line number	Diff line change
`@@ -106,7 +106,7 @@ func handleSBOMResolutionDI(`
`106`	`106`	`func getExclusionsFromFindings(findings []scaplugin.Finding) []string {`
`107`	`107`	`exclusions := []string{}`
`108`	`108`	`for _, f := range findings {`
`109`		`- exclusions = append(exclusions, f.FilesProcessed...)`
	`109`	`+ exclusions = append(exclusions, f.FileExclusions...)`
`110`	`110`	`}`
`111`	`111`	`return exclusions`
`112`	`112`	`}`
`@@ -160,7 +160,7 @@ func sbomToWorkflowData(finding scaplugin.Finding, snykClient *snykclient.SnykCl`
`160`	`160`
`161`	`161`	`logger.Printf("Successfully converted SBOM, warning(s): %d\n", len(warnings))`
`162`	`162`
`163`		`- depGraphsData, err := extractDepGraphsFromScans(scans, finding.TargetFile)`
	`163`	`+ depGraphsData, err := extractDepGraphsFromScans(scans, finding.NormalisedTargetFile)`
`164`	`164`	`if err != nil {`
`165`	`165`	`return nil, fmt.Errorf("failed to extract depgraphs from scan results: %w", err)`
`166`	`166`	`}`