Improve package scan performance#4606
Merged
AyanSinhaMahapatra merged 17 commits intodevelopfrom Jan 12, 2026
Merged
Conversation
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
Reference: https://github.com/Quantco/multiregex Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
AyanSinhaMahapatra
changed the title
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
Introduce a new option --binary-packages which looks for package/dependency data in binaries. Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
AyanSinhaMahapatra
force-pushed
the
fast-package-scan
branch
from
a99c4f8 to
dde6bc9
Compare
We do not need the license index in a --package-only scan as this is designed to do a fast package detection only scan which skips the license detection. As license index loading takes a couple seconds in each case, this makes the package only scan much faster. Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
pombredanne
reviewed
Dec 15, 2025
pombredanne
reviewed
Dec 15, 2025
pombredanne
reviewed
Dec 15, 2025
pombredanne
reviewed
Dec 15, 2025
pombredanne
reviewed
Dec 15, 2025
pombredanne
reviewed
Dec 15, 2025
Member
pombredanne
left a comment
pombredanne
left a comment
There was a problem hiding this comment.
Here are some nits for your consideration!
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
AyanSinhaMahapatra
force-pushed
the
fast-package-scan
branch
from
ff979a7 to
63d72cf
Compare
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
AyanSinhaMahapatra
force-pushed
the
fast-package-scan
branch
from
74ea81c to
db6d1a4
Compare
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
AyanSinhaMahapatra
force-pushed
the
fast-package-scan
branch
from
2ff893a to
51c9cde
Compare
Signed-off-by: Ayan Sinha Mahapatra <asmahapatra@aboutcode.org>
AyanSinhaMahapatra
force-pushed
the
fast-package-scan
branch
from
51c9cde to
e8c1e18
Compare
Member
Author
|
Review comments has been addressed, merging! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR improve package scan performance by:
--package-in-compiledto detect packages in compiled binaries like rust/go binariesReferences:
Tasks
Run tests locally to check for errors.