@@ -409,24 +409,30 @@ async def handle_repo_scan_highest_risk(payload: dict):
409409 # Persist summarized scan to repository_scans collection
410410 platform , repo_name = _infer_repo_meta (repo_url )
411411 try :
412+ # Group enriched dependencies by their source file path (library_path)
413+ grouped : Dict [str , List [Dict [str , Any ]]] = {}
414+ for d in dependencies :
415+ # prefer explicit file field, fall back to first source if present
416+ path = d .get ('file' ) or (d .get ('sources' )[0 ] if d .get ('sources' ) else None ) or 'unknown'
417+ if not d .get ('name' ):
418+ continue
419+ lib_entry = {
420+ "library_name" : d .get ('name' ),
421+ "library_version" : normalize_version (d .get ('version' )) or d .get ('version' ) or "unknown" ,
422+ "ecosystem" : d .get ('ecosystem' )
423+ }
424+ grouped .setdefault (path , []).append (lib_entry )
425+
426+ deps_payload = [
427+ {"library_path" : path , "libraries" : libs }
428+ for path , libs in grouped .items ()
429+ ]
430+
412431 payload = RepositoryScanCreate (
413432 repository_url = repo_url ,
414433 repository_platform = platform ,
415434 repository_name = repo_name ,
416- dependencies = [
417- {
418- "library_path" : file .get ("path" ),
419- "libraries" : [
420- {
421- "library_name" : dep .get ("name" ),
422- "library_version" : normalize_version (dep .get ("version" )) or dep .get ("version" ) or "unknown"
423- }
424- for dep in (file .get ("report" , {}).get ("dependencies" ) or [])
425- if dep .get ("name" )
426- ],
427- }
428- for file in analyzed_files
429- ],
435+ dependencies = deps_payload ,
430436 )
431437 await create_repository_scan (payload )
432438 except Exception as exc :
0 commit comments