Move sorting code into scan.go; move rendering inside of map construc…

…tion loop

Signed-off-by: egibs <[email protected]>

go.mod

@@ -1,6 +1,6 @@
 module github.com/chainguard-dev/bincapz
 
-go 1.23
+go 1.23.0
 
 require (
 	github.com/agext/levenshtein v1.2.3
@@ -13,6 +13,7 @@ require (
 	github.com/olekukonko/tablewriter v0.0.5
 	github.com/ulikunitz/xz v0.5.12
 	github.com/wk8/go-ordered-map/v2 v2.1.8
+	golang.org/x/sync v0.8.0
 	golang.org/x/term v0.23.0
 	gopkg.in/yaml.v3 v3.0.1
 )
@@ -37,6 +38,5 @@ require (
 	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/vbatts/tar-split v0.11.5 // indirect
-	golang.org/x/sync v0.8.0 // indirect
 	golang.org/x/sys v0.24.0 // indirect
 )

pkg/action/scan.go

@@ -155,6 +155,29 @@ func errIfHitOrMiss(frs map[string]*bincapz.FileReport, kind string, scanPath st
 	return nil
 }
 
+// structs and types for sorting reports alphabetically by path
+// kv stores the keys and values of a map
+type kv struct {
+	key   string
+	value *bincapz.FileReport
+}
+
+// reports is a slice of paths and their respective file reports
+type reports []kv
+
+// Implement interfaces required for Sorting
+func (r reports) Len() int {
+	return len(r)
+}
+
+func (r reports) Swap(i, j int) {
+	r[i], r[j] = r[j], r[i]
+}
+
+func (r reports) Less(i, j int) bool {
+	return r[i].key < r[j].key
+}
+
 // recursiveScan recursively YARA scans the configured paths - handling archives and OCI images.
 func recursiveScan(ctx context.Context, c bincapz.Config) (*bincapz.Report, error) {
 	logger := clog.FromContext(ctx)
@@ -175,7 +198,7 @@ func recursiveScan(ctx context.Context, c bincapz.Config) (*bincapz.Report, erro
 
 	scanPathFindings := map[string]*bincapz.FileReport{}
 
-	var kvPairs byKey
+	var pairs reports
 	for _, scanPath := range c.ScanPaths {
 		logger.Debug("recursive scan", slog.Any("scanPath", scanPath))
 		imageURI := ""
@@ -305,18 +328,27 @@ func recursiveScan(ctx context.Context, c bincapz.Config) (*bincapz.Report, erro
 
 		// Ensure that the report files are always sorted by path alphabetically
 		insertSorted := func(key string, value *bincapz.FileReport) {
-			kvPairs = append(kvPairs, KV{key: key, value: value})
-			sort.Sort(kvPairs)
+			pairs = append(pairs, kv{key: key, value: value})
+			sort.Sort(pairs)
 		}
 		for path, fr := range scanPathFindings {
 			insertSorted(path, fr)
 		}
-	} // loop: next scan path
 
-	// Add the sorted paths and file reports to the parent report
-	for _, kv := range kvPairs {
-		r.Files.Set(kv.key, kv.value)
-	}
+		// Ad the sorted paths and file reports to the parent report and render the results
+		for _, e := range pairs {
+			r.Files.Set(e.key, e.value)
+			if c.Renderer != nil && r.Diff == nil {
+				if e.value.RiskScore < c.MinFileRisk {
+					return nil, nil
+				}
+
+				if err := c.Renderer.File(ctx, e.value); err != nil {
+					return nil, fmt.Errorf("render: %w", err)
+				}
+			}
+		}
+	} // loop: next scan path
 	logger.Debugf("recursive scan complete: %d files", r.Files.Len())
 	return r, nil
 }
@@ -388,18 +420,6 @@ func Scan(ctx context.Context, c bincapz.Config) (*bincapz.Report, error) {
 			r.Files.Delete(files.Key)
 		}
 	}
-	if c.Renderer != nil && r.Diff == nil {
-		for files := r.Files.Oldest(); files != nil; files = files.Next() {
-			if files.Value.RiskScore < c.MinFileRisk {
-				// logger.Infof("%s [%d] does not meet min file risk [%d]", path, fr.RiskScore, c.MinFileRisk)
-				return nil, nil
-			}
-
-			if err := c.Renderer.File(ctx, files.Value); err != nil {
-				return nil, fmt.Errorf("render: %w", err)
-			}
-		}
-	}
 	if c.Stats {
 		err = render.Statistics(r)
 		if err != nil {