Merge pull request #264 from yokowu/fix-security

fix: 修复c/c++代码扫描无效问题
2026-02-06 16:53:24 +08:00 · 2025-08-12 17:05:51 +08:00
parent b70b6a7ae1 2198933f6e
commit 02a13b2e3b
5 changed files with 19 additions and 10 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 backend/assets
-backend/docs/swagger.json
+backend/docs/swagger.json
+backend/assets-amd64
--- a/backend/consts/security.go
+++ b/backend/consts/security.go
@@ -1,6 +1,9 @@
 package consts

-import "fmt"
+import (
+	"fmt"
+	"strings"
+)

 type SecurityScanningStatus string

@@ -50,6 +53,13 @@ const (
 	SecurityScanningLanguageIaC        SecurityScanningLanguage = "IaC"
 )

+func (s SecurityScanningLanguage) Rule() string {
+	if s == SecurityScanningLanguageCpp {
+		return "c"
+	}
+	return strings.ToLower(string(s))
+}
+
 func (s SecurityScanningLanguage) RuleName() string {
 	if s == SecurityScanningLanguageIaC {
 		return "基础设施即代码（IaC）扫描"
--- a/backend/domain/security.go
+++ b/backend/domain/security.go
@@ -71,10 +71,10 @@ func (s *SecurityScanningBrief) From(e *db.SecurityScanning) *SecurityScanningBr
 }

 type ScanReq struct {
-	TaskID    string                          `json:"task_id"`
-	UserID    string                          `json:"user_id"`
-	Workspace string                          `json:"workspace"` // 项目目录
-	Language  consts.SecurityScanningLanguage `json:"language"`  // 扫描语言
+	TaskID    string `json:"task_id"`
+	UserID    string `json:"user_id"`
+	Workspace string `json:"workspace"` // 项目目录
+	Language  string `json:"language"`  // 扫描语言
 }

 type CreateSecurityScanningReq struct {
--- a/backend/internal/proxy/usecase/proxy.go
+++ b/backend/internal/proxy/usecase/proxy.go
@@ -161,7 +161,7 @@ func (p *ProxyUsecase) TaskHandle(ctx context.Context, task *queuerunner.Task[do
 		TaskID:    task.ID,
 		UserID:    task.Data.UserID,
 		Workspace: rootPath,
-		Language:  task.Data.Language,
+		Language:  task.Data.Language.Rule(),
 	})

 	if err != nil {
--- a/backend/internal/scanner/handler/http/v1/scanner.go
+++ b/backend/internal/scanner/handler/http/v1/scanner.go
@@ -4,7 +4,6 @@ import (
 	"fmt"
 	"log/slog"
 	"net/http"
-	"strings"

 	"github.com/GoYoko/web"

@@ -27,8 +26,7 @@ func NewScannerHandler(w *web.Web, logger *slog.Logger) *ScannerHandler {
 }

 func (s *ScannerHandler) Scan(ctx *web.Context, req domain.ScanReq) error {
-	rule := strings.ToLower(string(req.Language))
-	result, err := scan.Scan(req.TaskID, req.Workspace, rule)
+	result, err := scan.Scan(req.TaskID, req.Workspace, req.Language)
 	if err != nil {
 		s.logger.With("id", req.TaskID).With("error", err).ErrorContext(ctx.Request().Context(), "failed to scan")
 		return fmt.Errorf("failed to scan: %w", err)