diff --git a/core/cautils/scaninfo.go b/core/cautils/scaninfo.go index d0103f13..235fe0e4 100644 --- a/core/cautils/scaninfo.go +++ b/core/cautils/scaninfo.go @@ -321,6 +321,9 @@ func (scanInfo *ScanInfo) getScanningContext(input string) ScanningContext { return ContextCluster } + // Check if input is a URL (http:// or https://) + isURL := strings.HasPrefix(input, "http://") || strings.HasPrefix(input, "https://") + // git url if _, err := giturl.NewGitURL(input); err == nil { if repo, err := CloneGitRepo(&input); err == nil { @@ -331,6 +334,16 @@ func (scanInfo *ScanInfo) getScanningContext(input string) ScanningContext { return ContextGitRemote } } + // If giturl.NewGitURL succeeded but cloning failed, the input is a git URL + // that couldn't be cloned. Don't treat it as a local path. + // The clone error was already logged by CloneGitRepo + return ContextDir // Return ContextDir to trigger "no files found" error with clear URL context + } + + // If it looks like a URL but wasn't recognized as a git URL, still don't treat it as a local path + if isURL { + logger.L().Error("URL provided but not recognized as a valid git repository", helpers.String("url", input)) + return ContextDir } if !filepath.IsAbs(input) { // parse path diff --git a/core/cautils/scaninfo_test.go b/core/cautils/scaninfo_test.go index 3ee367fa..18257af2 100644 --- a/core/cautils/scaninfo_test.go +++ b/core/cautils/scaninfo_test.go @@ -88,6 +88,16 @@ func TestGetScanningContext(t *testing.T) { input: os.TempDir(), want: ContextDir, }, + { + name: "self-hosted GitLab URL that can't be cloned", + input: "https://gitlab.private-domain.com/my-org/my-repo.git", + want: ContextDir, // Should return ContextDir when clone fails, not try to treat as local path + }, + { + name: "http URL that can't be cloned", + input: "http://gitlab.example.com/org/repo", + want: ContextDir, // Should return ContextDir when clone fails, not try to treat as local path + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) {