feat: support exclude patterns to ignore paths (#803)

Author: Strum355

.vscodeignore

@@ -22,3 +22,4 @@ cico_build_deploy.sh
 coverage/**
 Jenkinsfile
 out
+docker-compose.yaml

README.md

@@ -92,33 +92,34 @@ The Red Hat Dependency Analytics extension has some configurable parameters that
 
 ### Configurable parameters
 
-**Red Hat Dependency Analytics Report File Path** :
-<br >Specify the local path to create the Red Hat Dependency Analytics report file.
+#### Red Hat Dependency Analytics Report File Path:
+Specify the local path to create the Red Hat Dependency Analytics report file.
 The default path is `/tmp/redhatDependencyAnalyticsReport.html`.
 
-<br >**IMPORTANT:** 
-<br >The `redHatDependencyAnalyticsReportFilePath` setting name has changed to `reportFilePath`.
+**IMPORTANT:**
 
-**Inline Vulnerability Severity Alerts** :
-<br >You can set the vulnerability severity alert level to `Error` or `Warning` for inline notifications of detected vulnerabilities.
+The `redHatDependencyAnalyticsReportFilePath` setting name has changed to `reportFilePath`.
 
-**Python** : 
+#### Inline Vulnerability Severity Alerts:
+You can set the vulnerability severity alert level to `Error` or `Warning` for inline notifications of detected vulnerabilities.
+
+#### Python: 
 * `usePythonVirtualEnvironment` : Automates the installation of missing packages in a Python virtual environment.
 * `enablePythonBestEffortsInstallation` : Installs Python packages for the Python version is use, disregarding declared versions.
   This configuration option requires the _Match Manifest Versions_ option set to `false`, and _Use Python Virtual Environment_ option set to `true`.
 * `usePipDepTree` : Use the `pipdeptree` command-line tool for building the Python dependency tree.
   This can enhance analysis time.
 
-**Golang** :
+#### Golang:
 * `useGoMVS` : Use the minimal version selection algorithm to select a set of module versions to use when building Go packages.
 
-**HTTP Proxy** :
+#### HTTP Proxy:
 * `httpProxy` : Configure HTTP proxy settings for the extension. There are three options available:
   - `on`: Always use the HTTP proxy regardless of VS Code's proxy settings
   - `off`: Never use the HTTP proxy regardless of VS Code's proxy settings
   - `fallback`: Use VS Code's proxy settings (default behavior)
 
-**Maven and Gradle Wrappers** :
+#### Maven and Gradle Wrappers:
 * `preferWrapper` : Configure whether to use Maven or Gradle wrappers. There are three options available:
   - `true`: Always use the wrapper regardless of VS Code's `maven.preferMavenWrapper` setting
   - `false`: Never use the wrapper regardless of VS Code's `maven.preferMavenWrapper` setting
@@ -130,11 +131,16 @@ The default path is `/tmp/redhatDependencyAnalyticsReport.html`.
         "preferWrapper": "true/false/fallback"
     },
     "gradle": {
-        preferWrapper": "true/false/fallback"
+        "preferWrapper": "true/false/fallback"
     }
 }
 ```
 
+#### Exclude manifests from analysis: 
+Specify glob patterns for manifests to be ignored for background analysis e.g. `**/test/**/package.json` will ignore all package.json files within `test/` or any subdirectories of it. 
+
+**NOTE:** Only forward slash (`/`) is supported as a path separator. Please use forward slash as the path separator even for Windows paths.
+
 ## Features
 
 - **Component analysis**

package-lock.json

@@ -188,16 +188,6 @@
           "markdownDescription": "Enable usage data and errors to be sent to Red Hat servers. Read our [privacy statement](https://developers.redhat.com/article/tool-data-collection).",
           "scope": "window"
         },
-        "redHatDependencyAnalyticsServer.trace.server": {
-          "type": "string",
-          "enum": [
-            "off",
-            "messages",
-            "verbose"
-          ],
-          "default": "off",
-          "description": "Traces the communication between VSCode and the Red Hat Dependency Analytics Language Server."
-        },
         "redHatDependencyAnalytics.matchManifestVersions": {
           "type": "boolean",
           "default": true,
@@ -376,7 +366,14 @@
         "redHatDependencyAnalytics.recommendations.enabled": {
           "type": "boolean",
           "default": true,
-          "description": "Toggles recommending Red Hat repositories"
+          "description": "Toggles recommending Red Hat repositories."
+        },
+        "redHatDependencyAnalytics.exclude": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "description": "List of path globs for manifests to ignore for analysis. Only forward slash is support as a path separator."
         }
       }
     }
@@ -434,6 +431,7 @@
     "@xml-tools/parser": "^1.0.11",
     "fs": "^0.0.1-security",
     "json-to-ast": "^2.1.0",
+    "minimatch": "^10.0.3",
     "path": "^0.12.7"
   }
 }

package.json

@@ -5,6 +5,7 @@ import * as vscode from 'vscode';
 import { GlobalState, DEFAULT_RHDA_REPORT_FILE_PATH, SNYK_TOKEN_KEY } from './constants';
 import * as commands from './commands';
 import { getTelemetryId } from './redhatTelemetry';
+import { Minimatch } from 'minimatch';
 
 /**
  * Represents the configuration settings for the extension.
@@ -44,6 +45,7 @@ class Config {
   exhortDockerPath!: string;
   exhortPodmanPath!: string;
   exhortImagePlatform!: string;
+  excludePatterns!: Minimatch[];
 
   private readonly DEFAULT_MVN_EXECUTABLE = 'mvn';
   private readonly DEFAULT_GRADLE_EXECUTABLE = 'gradle';
@@ -129,6 +131,7 @@ class Config {
     this.exhortDockerPath = rhdaConfig.docker.executable.path || this.DEFAULT_DOCKER_EXECUTABLE;
     this.exhortPodmanPath = rhdaConfig.podman.executable.path || this.DEFAULT_PODMAN_EXECUTABLE;
     this.exhortImagePlatform = rhdaConfig.imagePlatform;
+    this.excludePatterns = (rhdaConfig.exclude as string[]).map(pattern => new Minimatch(pattern));
   }
 
   private getEffectiveHttpProxyUrl(): string {

src/config.ts

@@ -40,14 +40,14 @@ export async function activate(context: vscode.ExtensionContext) {
   }()));
 
   const fileHandler = new AnalysisMatcher();
-  context.subscriptions.push(vscode.workspace.onDidSaveTextDocument((doc) => fileHandler.handle(doc)));
+  context.subscriptions.push(vscode.workspace.onDidSaveTextDocument((doc) => fileHandler.handle(doc, outputChannelDep)));
   // Anecdotaly, some extension(s) may cause did-open events for files that aren't actually open in the editor,
   // so this will trigger CA for files not actually open.
-  context.subscriptions.push(vscode.workspace.onDidOpenTextDocument((doc) => fileHandler.handle(doc)));
+  context.subscriptions.push(vscode.workspace.onDidOpenTextDocument((doc) => fileHandler.handle(doc, outputChannelDep)));
   context.subscriptions.push(vscode.workspace.onDidCloseTextDocument(doc => clearCodeActionsMap(doc.uri)));
   // Iterate all open docs, as there is (in general) no did-open event for these.
   for (const doc of vscode.workspace.textDocuments) {
-    fileHandler.handle(doc);
+    fileHandler.handle(doc, outputChannelDep);
   }
 
   // show welcome message after first install or upgrade

src/extension.ts

@@ -8,7 +8,8 @@ import { DependencyProvider as GoMod } from './providers/go.mod';
 import { DependencyProvider as RequirementsTxt } from './providers/requirements.txt';
 import { DependencyProvider as BuildGradle } from './providers/build.gradle';
 import { ImageProvider as Docker } from './providers/docker';
-import { outputChannelDep } from './extension';
+import { globalConfig } from './config';
+import { DepOutputChannel } from './depOutputChannel';
 
 export class AnalysisMatcher {
   matchers: Array<{ scheme: string, pattern: RegExp, callback: (path: Uri, contents: string) => Promise<void> }> = [
@@ -44,12 +45,17 @@ export class AnalysisMatcher {
     }
   ];
 
-  async handle(doc: TextDocument) {
+  async handle(doc: TextDocument, outputChannel: DepOutputChannel) {
+    const excludeMatch = globalConfig.excludePatterns.find(pattern => pattern.match(doc.uri.fsPath));
+    if (excludeMatch) {
+      outputChannel.debug(`skipping "${doc.uri.fsPath}" due to matching ${excludeMatch.pattern}`);
+      return;
+    }
     for (const matcher of this.matchers) {
       if (matcher.pattern.test(basename(doc.fileName))) {
-        outputChannelDep.info(`generating component analysis diagnostics for "${doc.fileName}"`);
+        outputChannel.info(`generating component analysis diagnostics for "${doc.fileName}"`);
         await matcher.callback(doc.uri, doc.getText());
-        outputChannelDep.info(`done generating component analysis diagnostics for "${doc.fileName}"`);
+        outputChannel.info(`done generating component analysis diagnostics for "${doc.fileName}"`);
       }
     }
   }

src/fileHandler.ts

@@ -1,7 +1,13 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions */
 import * as assert from 'assert';
 import * as vscode from 'vscode';
 
 import * as commands from '../src/commands';
+import * as chai from 'chai';
+import * as sinonChai from 'sinon-chai';
+
+const expect = chai.expect;
+chai.use(sinonChai);
 
 suite('Extension module', () => {
   test('Extension should be present', () => {
@@ -25,7 +31,6 @@ suite('Extension module', () => {
       commands.STACK_ANALYSIS_FROM_PIE_BTN_COMMAND,
       commands.STACK_ANALYSIS_FROM_STATUS_BAR_COMMAND
     ];
-    // @ts-expect-error
-    assert.ok((await vscode.commands.getCommands(true)).includes(...FABRIC8_COMMANDS));
+    expect((await vscode.commands.getCommands(true))).to.include.members(FABRIC8_COMMANDS);
   });
-});
+});

test/extension.test.ts

@@ -0,0 +1,40 @@
+/* eslint-disable @typescript-eslint/no-unused-expressions */
+import * as vscode from 'vscode';
+
+import * as chai from 'chai';
+import * as sinon from 'sinon';
+import * as sinonChai from 'sinon-chai';
+import { AnalysisMatcher } from '../src/fileHandler';
+import { DepOutputChannel } from '../src/depOutputChannel';
+import * as path from 'path';
+
+const expect = chai.expect;
+chai.use(sinonChai);
+
+suite('File Handler', () => {
+  let sandbox: sinon.SinonSandbox;
+
+  setup(() => {
+    sandbox = sinon.createSandbox();
+  });
+
+  teardown(() => {
+    sandbox.restore();
+  });
+  test('test file handler exclusion', async () => {
+    const fileHandler = new AnalysisMatcher();
+
+    vscode.workspace.getConfiguration('redHatDependencyAnalytics').update('exclude', ['**/requirements.txt']);
+
+    const manifestFile = path.resolve(vscode.workspace.workspaceFolders![0].uri.fsPath, 'requirements.txt');
+    const doc = await vscode.workspace.openTextDocument(manifestFile);
+
+    const outputChannel = new DepOutputChannel('sample');
+    const debuglogSpy = sandbox.stub(outputChannel, 'debug');
+
+    await fileHandler.handle(doc, outputChannel);
+
+    expect(debuglogSpy).to.be.calledOnce;
+    expect(debuglogSpy).to.be.calledWithExactly(`skipping "${manifestFile}" due to matching **/requirements.txt`);
+  });
+});

test/fileHandler.test.ts

@@ -0,0 +1,5 @@
+{
+    "redHatDependencyAnalytics.exclude": [
+        "**/requirements.txt"
+    ]
+}