add web

2026-03-12 14:42:23 +08:00
parent 9ae55407fc
commit 027cf50759
8 changed files with 225 additions and 52 deletions
--- a/scanner/js_scanner.py
+++ b/scanner/js_scanner.py
@@ -20,7 +20,7 @@ class JavaScriptScanner(BaseScanner):
        super().__init__(config)
        self.extensions = ['.js', '.jsx', '.ts', '.tsx', '.vue', '.svelte']

-    def scan(self, repo_url: str, commit_id: Optional[str], branch: str) -> Dict[str, Any]:
+    def scan(self, repo_url: str, commit_id: Optional[str], branch: str, changed_files: Optional[List[str]] = None) -> Dict[str, Any]:
        """
        执行 JavaScript/TypeScript 代码扫描

@@ -28,6 +28,7 @@ class JavaScriptScanner(BaseScanner):
            repo_url: 仓库 URL
            commit_id: 提交 ID
            branch: 分支名
+            changed_files: 可选的变更文件列表（来自 PR）

        Returns:
            扫描结果
@@ -51,8 +52,8 @@ class JavaScriptScanner(BaseScanner):
            # 克隆仓库
            clone_dir = self.clone_repo(repo_url, commit_id, branch)

-            # 获取 JavaScript/TypeScript 文件
-            js_files = self.get_changed_files(clone_dir, self.extensions)
+            # 获取 JavaScript/TypeScript 文件（只扫描变更的文件）
+            js_files = self.get_changed_files(clone_dir, self.extensions, changed_files)
            result['files_scanned'] = len(js_files)

            if not js_files:
@@ -75,7 +76,7 @@ class JavaScriptScanner(BaseScanner):

        return result

-    def _run_eslint(self, cwd: str, files: List[str]) -> Dict[str, Any]:
+    def _run_eslint(self, clone_dir: str, files: List[str]) -> Dict[str, Any]:
        """运行 ESLint 扫描"""
        result = {
            'tool': 'eslint',
@@ -88,7 +89,7 @@ class JavaScriptScanner(BaseScanner):
            cmd = ['npx', 'eslint', '--format=json', '--no-eslintrc'] + files
            
            # 如果没有 eslint 配置，先创建默认配置
-            eslintrc_path = os.path.join(cwd, '.eslintrc.json')
+            eslintrc_path = os.path.join(clone_dir, '.eslintrc.json')
            if not os.path.exists(eslintrc_path):
                # 创建简单的 ESLint 配置
                eslint_config = {
@@ -106,7 +107,7 @@ class JavaScriptScanner(BaseScanner):
                with open(eslintrc_path, 'w') as f:
                    json.dump(eslint_config, f)

-            output = self.run_command(cmd, cwd, timeout=120)
+            output = self.run_command(cmd, clone_dir, timeout=120)
            result['raw_output'] = output.get('stdout', '') + output.get('stderr', '')

            # 解析 JSON 输出
@@ -115,6 +116,8 @@ class JavaScriptScanner(BaseScanner):
                    eslint_results = json.loads(output['stdout'])
                    for file_result in eslint_results:
                        file_path = file_result.get('filePath', '')
+                        # 使用相对于 clone_dir 的路径
+                        rel_path = os.path.relpath(file_path, clone_dir) if file_path else ''
                        messages = file_result.get('messages', [])
                        
                        for msg in messages:
@@ -124,7 +127,7 @@ class JavaScriptScanner(BaseScanner):
                                'type': severity,
                                'severity': 'Error' if msg.get('severity', 0) == 2 else 'Warning',
                                'message': msg.get('message', ''),
-                                'file': os.path.basename(file_path),
+                                'file': rel_path,
                                'line': msg.get('line', 0),
                                'column': msg.get('column', 0),
                                'symbol': msg.get('ruleId', 'unknown')