From df0691dc70f69278c88f4f02c18fe0baf975cc2e Mon Sep 17 00:00:00 2001 From: Aleksandr Misonizhnik Date: Tue, 16 Jun 2026 15:49:51 +0200 Subject: [PATCH] fix(cli): Write rule load trace to ~/.opentaint logs dir The Semgrep rule load trace was written under os.TempDir(); store it in the per-project log directory (~/.opentaint/logs//) so it lives alongside the logs and is cleaned up by `opentaint prune --logs`. Encapsulate the trace-file naming convention in the load_trace lib via RuleLoadTracePathIn, keeping the cmd call site free of filename details, and drop the now-unused tmp PathBuilder defaults. --- cli/cmd/scan.go | 13 +++++++++---- .../load_trace/gen_rule_load_trace_file_name.go | 10 ++++------ 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/cli/cmd/scan.go b/cli/cmd/scan.go index cab1cece6..327d0e215 100644 --- a/cli/cmd/scan.go +++ b/cli/cmd/scan.go @@ -245,11 +245,16 @@ func runScan(cmd *cobra.Command, cfg ScanConfig) { uriBase := fmt.Sprintf("%s%s", sourceRoot, string(filepath.Separator)) + ruleLoadTraceDir, err := utils.GetProjectLogPath(absUserProjectRoot) + if err != nil { + out.Fatalf("Failed to resolve rule load trace directory: %v", err) + } + var absSemgrepRuleLoadTracePath string if cfg.DryRun { - absSemgrepRuleLoadTracePath = filepath.Join(os.TempDir(), dryRunRuleLoadTraceFileName) + absSemgrepRuleLoadTracePath = filepath.Join(ruleLoadTraceDir, dryRunRuleLoadTraceFileName) } else { - absSemgrepRuleLoadTracePath = setupSemgrepRuleLoadTrace() + absSemgrepRuleLoadTracePath = setupSemgrepRuleLoadTrace(ruleLoadTraceDir) } // Display scan information in tree format @@ -564,8 +569,8 @@ func printScanInfo(cmd *cobra.Command, plan scanPlan, absSemgrepRuleLoadTracePat sb.Render() } -func setupSemgrepRuleLoadTrace() string { - absSemgrepRuleLoadTracePath, err := load_trace.GenerateSemgrepRuleLoadTraceFilePath() +func setupSemgrepRuleLoadTrace(traceDir string) string { + absSemgrepRuleLoadTracePath, err := load_trace.RuleLoadTracePathIn(traceDir) if err != nil { out.Fatalf("Failed to generate rule load trace file path: \"%s\": %v", absSemgrepRuleLoadTracePath, err) } diff --git a/cli/internal/load_trace/gen_rule_load_trace_file_name.go b/cli/internal/load_trace/gen_rule_load_trace_file_name.go index f695d7214..9b1a05087 100644 --- a/cli/internal/load_trace/gen_rule_load_trace_file_name.go +++ b/cli/internal/load_trace/gen_rule_load_trace_file_name.go @@ -19,9 +19,6 @@ type PathBuilder struct { // NewPathBuilder creates a new PathBuilder with default settings func NewPathBuilder() *PathBuilder { return &PathBuilder{ - baseDir: os.TempDir(), - subDir: filepath.Join("opentaint", "rule_load_trace"), - filePrefix: "", fileSuffix: ".json", timeFormat: "2006-01-02_15-04-05", permissions: 0755, @@ -77,7 +74,8 @@ func (pb *PathBuilder) Build() (string, error) { return filePath, nil } -// GenerateSemgrepRuleLoadTraceFilePath creates a trace file path using default settings (backward compatibility) -func GenerateSemgrepRuleLoadTraceFilePath() (string, error) { - return NewPathBuilder().Build() +// RuleLoadTracePathIn builds a rule-load-trace file path inside dir, e.g. +// /rule-load-trace-2006-01-02_15-04-05.json, creating dir if needed. +func RuleLoadTracePathIn(dir string) (string, error) { + return NewPathBuilder().BaseDir(dir).FilePrefix("rule-load-trace-").Build() }