Feature: Expose CloneOptions when analyzing a git repo

Question

Feature: Expose CloneOptions when analyzing a git repo

Opened this issue 4 years ago · 0 comments

remote.NewArtifact currently uses a hardcoded git.CloneOptions to clone the default branch and write progress to stdout (https://github.com/aquasecurity/fanal/blob/main/artifact/remote/git.go#L30-L34)

This prevents multiple scanning use cases:

scanning a branch before it's merged to main
scanning a private repo
suppressing/redirecting git's progress to stdout (e.g. when trying to parse the output of trivy repo --format json)

Adding a git.CloneOptions (or wrapping CloneOptions in a fanal type as image.NewArtifact does with DockerOptions) parameter to remote.NewArtifact would offer flexibility to fanal's consumers.