fix: run scanner from /app directory to prevent module resolution conflict#19
Conversation
…flict When scanning a repo that has its own src/main.py, the entrypoint's `python -m src.main` resolves the scanned repo's module instead of the scanner's because /github/workspace is the working directory. Changing to /app before execution ensures the scanner's own src.main is used.
ghaworkflow
left a comment
ghaworkflow
left a comment
There was a problem hiding this comment.
Looks like it should work.
🤖 Augment PR SummarySummary: Adjusts the action entrypoint to run the scanner from its installed 🤖 Was this summary useful? React with 👍 or 👎 |
![augmentcode[bot]](https://avatars.githubusercontent.com/in/1027498?s=60&v=4){kind=small}
There was a problem hiding this comment.
Pull request overview
This PR fixes a critical bug where the scanner could execute a scanned repository's src/main.py instead of its own when Python module resolution prioritizes the current working directory. The fix changes the working directory to /app (the scanner's installation directory) before executing the scanner's main module.
Changes:
- Modified entrypoint.sh to cd to /app before running the Python scanner module, preventing module resolution conflicts
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Summary
src/main.pyinstead of its own when the target repo contains asrc/main.pymodulecd /appbeforepython -m src.maininentrypoint.shso Python module resolution starts from the scanner's install directoryRoot Cause
The GitHub Action runs with
/github/workspaceas the working directory.python -m src.mainresolves modules relative to the current directory first, so if the scanned repository has its ownsrc/main.py, Python executes that instead of the scanner's code at/app/src/main.py.Test plan
src/main.pyand verify the scanner executes correctlysrc/main.pyto confirm no regression