Merge branch 'master' into commit-flag-repo

Author: sourya-deepsource

VERSION

@@ -1 +1 @@
-2.0.51
+2.0.54

cmd/deepsource/main.go

@@ -73,21 +73,24 @@ func mainRun() (exitCode int) {
 func run() int {
 	v.SetBuildInfo(version, Date, buildMode)
 
-	// Check for available updates and notify (skip when running "update" itself)
+	// Notify about available updates from a previous check (instant, disk-only read).
+	// Then kick off a background check for the next invocation.
 	isUpdateCmd := len(os.Args) >= 2 && os.Args[1] == "update"
 	if !isUpdateCmd && update.ShouldCheckForUpdate() {
-		client := &http.Client{Timeout: 3 * time.Second}
-		if err := update.CheckForUpdate(client); err != nil {
-			debug.Log("update: %v", err)
-		}
-
 		state, err := update.ReadUpdateState()
 		if err != nil {
 			debug.Log("update: %v", err)
 		}
 		if state != nil {
-			fmt.Fprintln(os.Stderr, pterm.Yellow(fmt.Sprintf("Update available: v%s, run '%s update' to install.", state.Version, filepath.Base(os.Args[0]))))
+			fmt.Fprintln(os.Stderr, pterm.Yellow(fmt.Sprintf("Update available: v%s → v%s, run '%s update' to install.", version, state.Version, filepath.Base(os.Args[0]))))
 		}
+
+		go func() {
+			client := &http.Client{Timeout: 3 * time.Second}
+			if err := update.CheckForUpdate(client); err != nil {
+				debug.Log("update: %v", err)
+			}
+		}()
 	}
 
 	exitCode := 0

command/auth/login/login.go

@@ -114,7 +114,7 @@ func (opts *LoginOptions) Run(cmd *cobra.Command) (err error) {
 	}
 
 	if opts.PAT != "" {
-		return opts.startPATLoginFlow(svc, cfg, opts.PAT)
+		return startPATLoginFlow(svc, cfg, opts.PAT)
 	}
 
 	if !opts.TokenExpired && cfg.Token != "" {

command/auth/login/pat_login_flow.go

@@ -9,7 +9,7 @@ import (
 	"github.com/fatih/color"
 )
 
-func (opts *LoginOptions) startPATLoginFlow(svc *authsvc.Service, cfg *config.CLIConfig, token string) error {
+func startPATLoginFlow(svc *authsvc.Service, cfg *config.CLIConfig, token string) error {
 	cfg.Token = token
 
 	viewer, err := svc.GetViewer(context.Background(), cfg)

command/issues/issues.go

@@ -252,7 +252,7 @@ func (opts *IssuesOptions) Run(ctx context.Context, cmd *cobra.Command) error {
 	opts.client = client
 	opts.remote = remote
 
-	issuesList, err := opts.resolveIssues(ctx, client, remote)
+	issuesList, err := opts.resolveIssuesWithRetry(ctx, client, remote)
 	if err != nil {
 		return err
 	}
@@ -283,6 +283,45 @@ func (opts *IssuesOptions) Run(ctx context.Context, cmd *cobra.Command) error {
 	return nil
 }
 
+// resolveIssuesWithRetry calls resolveIssues and, for monorepos with an
+// auto-detected sub-repo path, progressively strips path segments on
+// "Repository does not exist" errors until a match is found.
+func (opts *IssuesOptions) resolveIssuesWithRetry(ctx context.Context, client *deepsource.Client, remote *vcs.RemoteData) ([]issues.Issue, error) {
+	issuesList, err := opts.resolveIssues(ctx, client, remote)
+	if err == nil {
+		return issuesList, nil
+	}
+
+	if strings.Contains(err.Error(), "This repository is a monorepo") {
+		return nil, fmt.Errorf("This is a monorepo. Use --repo to specify a sub-project.\n\nHint: %s", err.Error())
+	}
+
+	if !strings.Contains(err.Error(), "Repository does not exist") || remote.SubRepoSuffix == "" {
+		return nil, err
+	}
+
+	baseName := strings.SplitN(remote.RepoName, ":", 2)[0]
+	parts := strings.Split(remote.SubRepoSuffix, ":")
+	for len(parts) > 0 {
+		parts = parts[:len(parts)-1]
+		remote.SubRepoSuffix = strings.Join(parts, ":")
+		if remote.SubRepoSuffix == "" {
+			remote.RepoName = baseName
+		} else {
+			remote.RepoName = baseName + ":" + remote.SubRepoSuffix
+		}
+
+		issuesList, err = opts.resolveIssues(ctx, client, remote)
+		if err == nil {
+			return issuesList, nil
+		}
+		if !strings.Contains(err.Error(), "Repository does not exist") {
+			return nil, err
+		}
+	}
+	return nil, err
+}
+
 func (opts *IssuesOptions) resolveIssues(ctx context.Context, client *deepsource.Client, remote *vcs.RemoteData) ([]issues.Issue, error) {
 	serverFilters := opts.buildServerFilters()
 	prFilters := opts.buildPRFilters()
@@ -314,7 +353,11 @@ func (opts *IssuesOptions) resolveIssues(ctx context.Context, client *deepsource
 		case ab.PRNumber > 0:
 			opts.PRNumber = ab.PRNumber
 			opts.CommitOid = ab.CommitOid
-			issuesList, err = client.GetPRIssues(ctx, remote.Owner, remote.RepoName, remote.VCSProvider, ab.PRNumber, prFilters)
+			if ab.Fallback {
+				issuesList, err = client.GetRunIssuesFlat(ctx, ab.CommitOid, serverFilters)
+			} else {
+				issuesList, err = client.GetPRIssues(ctx, remote.Owner, remote.RepoName, remote.VCSProvider, ab.PRNumber, prFilters)
+			}
 		case ab.UseRepo:
 			issuesList, err = client.GetIssues(ctx, remote.Owner, remote.RepoName, remote.VCSProvider)
 		default:
@@ -624,16 +667,20 @@ func (opts *IssuesOptions) renderHumanIssues() error {
 			severity := humanizeSeverity(g.Key.IssueSeverity)
 			sevTag := style.IssueSeverityColor(g.Key.IssueSeverity, "["+severity+"]")
 
+			// Build metadata suffix: "issue-code · Analyzer Name"
+			meta := g.Key.IssueCode
+			if analyzerName := g.Issues[0].Analyzer.Name; analyzerName != "" {
+				meta += " · " + analyzerName
+			}
+
 			if len(g.Issues) == 1 {
-				// Single occurrence: render exactly as before
-				fmt.Fprintf(w, "  %s %s\n", sevTag, g.Key.IssueText)
+				fmt.Fprintf(w, "  %s %s %s\n", sevTag, g.Key.IssueText, pterm.Gray("("+meta+")"))
 				if opts.Verbose && g.Description != "" {
 					fmt.Fprintf(w, "  %s\n", pterm.Gray(g.Description))
 				}
 				fmt.Fprintf(w, "  %s\n", pterm.Gray(formatLocation(g.Issues[0], cwd)))
 			} else {
-				// Multi-occurrence: show count + compact locations
-				fmt.Fprintf(w, "  %s %s (%d occurrences)\n", sevTag, g.Key.IssueText, len(g.Issues))
+				fmt.Fprintf(w, "  %s %s %s (%d occurrences)\n", sevTag, g.Key.IssueText, pterm.Gray("("+meta+")"), len(g.Issues))
 				if opts.Verbose && g.Description != "" {
 					fmt.Fprintf(w, "  %s\n", pterm.Gray(g.Description))
 				}

command/issues/tests/golden_files/commit_scope_response.json

@@ -18,9 +18,11 @@
                     "endLine": 42,
                     "title": "Unchecked error return value of os.ReadFile",
                     "shortcode": "GO-W1007",
-                    "explanation": "Return value of io.ReadAll is not checked for errors",
                     "category": "BUG_RISK",
-                    "severity": "MAJOR"
+                    "severity": "MAJOR",
+                    "issue": {
+                      "shortDescription": "Return value of io.ReadAll is not checked for errors"
+                    }
                   }
                 },
                 {
@@ -31,9 +33,11 @@
                     "endLine": 91,
                     "title": "HTTP request built with user-controlled URL",
                     "shortcode": "GO-S1010",
-                    "explanation": "Constructing HTTP request with user-controlled URL allows SSRF",
                     "category": "SECURITY",
-                    "severity": "MAJOR"
+                    "severity": "MAJOR",
+                    "issue": {
+                      "shortDescription": "Constructing HTTP request with user-controlled URL allows SSRF"
+                    }
                   }
                 }
               ]

command/issues/tests/golden_files/get_analysis_runs_pr_fallback_completed_response.json

@@ -0,0 +1,46 @@
+{
+  "repository": {
+    "analysisRuns": {
+      "edges": [
+        {
+          "node": {
+            "runUid": "run-uid-running-01",
+            "commitOid": "831701c7a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
+            "branchName": "feature/new-auth",
+            "status": "RUNNING",
+            "createdAt": "2025-03-12T14:00:00Z",
+            "finishedAt": null,
+            "updatedAt": "2025-03-12T14:01:00Z",
+            "summary": {
+              "occurrencesIntroduced": 0,
+              "occurrencesResolved": 0,
+              "occurrencesSuppressed": 0
+            },
+            "reportCard": null
+          }
+        },
+        {
+          "node": {
+            "runUid": "run-uid-completed-01",
+            "commitOid": "862df9f2e3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8",
+            "branchName": "feature/new-auth",
+            "status": "SUCCESS",
+            "createdAt": "2025-03-12T12:00:00Z",
+            "finishedAt": "2025-03-12T12:05:00Z",
+            "updatedAt": "2025-03-12T12:05:00Z",
+            "summary": {
+              "occurrencesIntroduced": 2,
+              "occurrencesResolved": 0,
+              "occurrencesSuppressed": 0
+            },
+            "reportCard": null
+          }
+        }
+      ],
+      "pageInfo": {
+        "hasNextPage": false,
+        "endCursor": null
+      }
+    }
+  }
+}

command/issues/tests/golden_files/get_analysis_runs_pr_fallback_first_response.json

@@ -0,0 +1,29 @@
+{
+  "repository": {
+    "analysisRuns": {
+      "edges": [
+        {
+          "node": {
+            "runUid": "run-uid-running-01",
+            "commitOid": "831701c7a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6",
+            "branchName": "feature/new-auth",
+            "status": "RUNNING",
+            "createdAt": "2025-03-12T14:00:00Z",
+            "finishedAt": null,
+            "updatedAt": "2025-03-12T14:01:00Z",
+            "summary": {
+              "occurrencesIntroduced": 0,
+              "occurrencesResolved": 0,
+              "occurrencesSuppressed": 0
+            },
+            "reportCard": null
+          }
+        }
+      ],
+      "pageInfo": {
+        "hasNextPage": false,
+        "endCursor": null
+      }
+    }
+  }
+}

command/issues/tests/golden_files/pr_scope_response.json

@@ -13,7 +13,9 @@
               "shortcode": "GO-W1007",
               "category": "BUG_RISK",
               "severity": "MAJOR",
-              "explanation": "Return value of io.ReadAll is not checked for errors"
+              "issue": {
+                "shortDescription": "Return value of io.ReadAll is not checked for errors"
+              }
             }
           },
           {
@@ -26,7 +28,9 @@
               "shortcode": "GO-S1010",
               "category": "SECURITY",
               "severity": "MAJOR",
-              "explanation": "Constructing HTTP request with user-controlled URL allows SSRF"
+              "issue": {
+                "shortDescription": "Constructing HTTP request with user-controlled URL allows SSRF"
+              }
             }
           }
         ],