jf audit command hangs after finding violations in v2.88.0 #638
Description
Describe the bug
The jf audit command hangs and doesn't exit cleanly after finding violations in version 2.88.0, causing GitHub Actions workflows to timeout and fail. This issue did not occur in v2.87.0.
Environment
- JFrog CLI Version: 2.88.0
- Previous Working Version: 2.87.0
- Platform: GitHub Actions (Linux runner)
- Node Version: 16.20.2
- Project Type: npm + Maven (multi-technology project)
Current behavior
Actual Behavior
The command:
- Successfully scans both Maven and npm dependencies
- Reports violations:
Found 2267 violations: [150 SCA, 2117 Operational Risk] - Hangs and never exits, causing the GitHub Actions step to remain "in progress"
- Eventually causes the workflow to timeout and fail
Reproduction steps
Steps to Reproduce
- Set up a GitHub Actions workflow with JFrog CLI v2.88.0
- Run
jf auditon a project containing both npm and Maven sub-projects - Ensure the project has dependencies with violations
- Observe the command output
Expected behavior
Expected Behavior
The jf audit command should:
- Complete the scan
- Report violations
- Exit cleanly with appropriate exit code (exit code 0 for no violations, or exit code 3 when violations fail the build)
- Allow the GitHub Actions workflow to proceed to the next step
JFrog CLI-Security version
2.88.0
JFrog CLI version (if applicable)
2.88.0
Operating system type and version
linux
JFrog Xray version
No response