bug(scan): gitignore applied to absolute path leading to wrong exclusion

[pjungermann]

Found a bug? You're welcome to

• Please make sure to:
  • Describe in details what the problem is
  • Attach a log file with relevant data preferably in DEBUG level (--log-level=DEBUG)
  • Attach the scanned sample files, anonymize the data if the original file cannot be provided
  • When attaching files to the issue make sure they are properly formatted

Expected Behavior

(Which results are expected from KICS?)

• .gitigore only applies to files within the same dir it exists and below
• .gitignore does not apply to the (absolute) parent dir path

Actual Behavior

(Formatted logs and samples helps us to better understand the issue)

.gitignore rules get applied to the parent dir path leading to all files being ignored

Steps to Reproduce the Problem

(Command line arguments and flags used)

1. Run KICS in any parent dir
   • in our case this, we used MegaLinter on Bitbucket Pipelines with the work dir/parent dir being /opt/atlassian/pipelines/agent/build
2. create a .gitignore file that ignores that contains a rule matching the parent dir
   • in our case: build/ matching and excluding i.e. /opt/atlassian/pipelines/agent/build/some/dir/or/file
   • in another dir that didn't match (e.g., when running it locally), we got different results as the files were not ignored
3. Run KICS with config verbose: true to see the exclusions

Specifications

(N/A if not applicable)

• Version: v2.0.1 (as part of MegaLinter v7.12.0)
• Platform:
• Subsystem:

Relates-to: issue #4584 Relates-to: PR #5506

[cx-monicac]

Hi @pjungermann,

Thank you for bringing this bug to our attention we opened an internal bug and will work on it as soon as possible.