Moved the Tier 1 reachability finalize logic to after the Full Scan instead of after the diff scan. This way if the diff scan fails for some reason the reachability status is still updated.

Author: dacoburn

pyproject.toml

@@ -6,7 +6,7 @@ build-backend = "hatchling.build"
 
 [project]
 name = "socketsecurity"
-version = "2.2.39"
+version = "2.2.40"
 requires-python = ">= 3.10"
 license = {"file" = "LICENSE"}
 dependencies = [

socketsecurity/__init__.py

@@ -1,3 +1,3 @@
 __author__ = 'socket.dev'
-__version__ = '2.2.39'
+__version__ = '2.2.40'
 USER_AGENT = f'SocketPythonCLI/{__version__}'

socketsecurity/core/__init__.py

@@ -10,7 +10,10 @@
 from glob import glob
 from io import BytesIO
 from pathlib import PurePath
-from typing import BinaryIO, Dict, List, Tuple, Set, Union
+from typing import BinaryIO, Dict, List, Tuple, Set, Union, TYPE_CHECKING, Optional
+
+if TYPE_CHECKING:
+    from socketsecurity.config import CliConfig
 from socketdev import socketdev
 from socketdev.exceptions import APIFailure
 from socketdev.fullscans import FullScanParams, SocketArtifact
@@ -59,11 +62,13 @@ class Core:
 
     config: SocketConfig
     sdk: socketdev
+    cli_config: Optional['CliConfig']
 
-    def __init__(self, config: SocketConfig, sdk: socketdev) -> None:
+    def __init__(self, config: SocketConfig, sdk: socketdev, cli_config: Optional['CliConfig'] = None) -> None:
         """Initialize Core with configuration and SDK instance."""
         self.config = config
         self.sdk = sdk
+        self.cli_config = cli_config
         self.set_org_vars()
 
     def set_org_vars(self) -> None:
@@ -507,7 +512,7 @@ def finalize_tier1_scan(self, full_scan_id: str, facts_file_path: str) -> bool:
             log.debug(f"Unable to finalize tier 1 scan: {e}")
             return False
 
-    def create_full_scan(self, files: List[str], params: FullScanParams, base_paths: List[str] = None) -> FullScan:
+    def create_full_scan(self, files: List[str], params: FullScanParams, base_paths: Optional[List[str]] = None) -> FullScan:
         """
         Creates a new full scan via the Socket API.
 
@@ -532,16 +537,29 @@ def create_full_scan(self, files: List[str], params: FullScanParams, base_paths:
         total_time = create_full_end - create_full_start
         log.debug(f"New Full Scan created in {total_time:.2f} seconds")
 
+        # Finalize tier1 scan if reachability analysis was enabled
+        if self.cli_config and self.cli_config.reach:
+            facts_file_path = self.cli_config.reach_output_file or ".socket.facts.json"
+            log.debug(f"Reachability analysis enabled, finalizing tier1 scan for full scan {full_scan.id}")
+            try:
+                success = self.finalize_tier1_scan(full_scan.id, facts_file_path)
+                if success:
+                    log.debug(f"Successfully finalized tier1 scan for full scan {full_scan.id}")
+                else:
+                    log.debug(f"Failed to finalize tier1 scan for full scan {full_scan.id}")
+            except Exception as e:
+                log.warning(f"Error finalizing tier1 scan for full scan {full_scan.id}: {e}")
+
         return full_scan
 
     def create_full_scan_with_report_url(
             self,
             paths: List[str],
             params: FullScanParams,
             no_change: bool = False,
-            save_files_list_path: str = None,
-            save_manifest_tar_path: str = None,
-            base_paths: List[str] = None
+            save_files_list_path: Optional[str] = None,
+            save_manifest_tar_path: Optional[str] = None,
+            base_paths: Optional[List[str]] = None
     ) -> Diff:
         """Create a new full scan and return with html_report_url.
 
@@ -935,9 +953,9 @@ def create_new_diff(
             paths: List[str],
             params: FullScanParams,
             no_change: bool = False,
-            save_files_list_path: str = None,
-            save_manifest_tar_path: str = None,
-            base_paths: List[str] = None
+            save_files_list_path: Optional[str] = None,
+            save_manifest_tar_path: Optional[str] = None,
+            base_paths: Optional[List[str]] = None
     ) -> Diff:
         """Create a new diff using the Socket SDK.
 
@@ -1184,6 +1202,7 @@ def create_purl(self, package_id: str, packages: dict[str, Package]) -> Purl:
         )
         return purl
 
+
     @staticmethod
     def get_source_data(package: Package, packages: dict) -> list:
         """

socketsecurity/socketcli.py

@@ -82,7 +82,7 @@ def main_code():
     client = CliClient(socket_config)
     sdk.api.api_url = socket_config.api_url
     log.debug("loaded client")
-    core = Core(socket_config, sdk)
+    core = Core(socket_config, sdk, config)
     log.debug("loaded core")
 
     # Check for required dependencies if reachability analysis is enabled
@@ -565,24 +565,6 @@ def main_code():
             )
             output_handler.handle_output(diff)
 
-    # Finalize tier 1 scan if reachability analysis was enabled
-    if config.reach and diff.id not in ("NO_DIFF_RAN", "NO_SCAN_RAN"):
-        facts_file_path = config.reach_output_file or ".socket.facts.json"
-        # Use absolute path based on target directory
-        if not os.path.isabs(facts_file_path):
-            facts_file_path = os.path.join(config.target_path, facts_file_path)
-
-        log.info("Finalizing tier 1 reachability scan...")
-        warning_message = "Failed to finalize tier 1 scan: The scan has still been created, but the Socket team may not have the assoicated analytics required to debug potential issues."
-        try:
-            finalize_result = core.finalize_tier1_scan(diff.id, facts_file_path)
-            if finalize_result:
-                log.debug("Tier 1 scan finalized successfully")
-            else:
-                log.warning(warning_message)
-        except Exception as e:
-            log.warning(f"{warning_message} {e}")
-
     # Handle license generation
     if not should_skip_scan and diff.id != "NO_DIFF_RAN" and diff.id != "NO_SCAN_RAN" and config.generate_license:
         all_packages = {}