From 942cb7f838f51b2a1b03a8683ac15e468ece6cba Mon Sep 17 00:00:00 2001 From: codewithfourtix Date: Sun, 1 Mar 2026 19:28:28 +0500 Subject: [PATCH 1/3] Fix unreachable JSON validation code in validate_input_path The .json extension check and JSON well-formedness check after the 'raise click.BadParameter' were unreachable dead code. Move these validations into a separate conditional block that runs when from_json is True and the input is a valid file. Signed-off-by: codewithfourtix --- src/scancode/cli.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/scancode/cli.py b/src/scancode/cli.py index 1376c6cfee9..c5280af680f 100644 --- a/src/scancode/cli.py +++ b/src/scancode/cli.py @@ -192,6 +192,8 @@ def validate_input_path(ctx, param, value): if from_json and not is_file(location=inp, follow_symlinks=True): # extra JSON validation raise click.BadParameter(f"JSON input: {inp!r} is not a file") + + if from_json and is_file(location=inp, follow_symlinks=True): if not inp.lower().endswith(".json"): raise click.BadParameter(f"JSON input: {inp!r} is not a JSON file with a .json extension") with open(inp) as js: From ba29630b6e35d77a1e1c9cd012aaecf2eb398353 Mon Sep 17 00:00:00 2001 From: Ali Zulfiqar Date: Sun, 1 Mar 2026 21:38:06 +0500 Subject: [PATCH 2/3] removing trailing whitespace Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: codewithfourtix --- src/scancode/cli.py | 1 - 1 file changed, 1 deletion(-) diff --git a/src/scancode/cli.py b/src/scancode/cli.py index c5280af680f..d8f5d9e6da1 100644 --- a/src/scancode/cli.py +++ b/src/scancode/cli.py @@ -192,7 +192,6 @@ def validate_input_path(ctx, param, value): if from_json and not is_file(location=inp, follow_symlinks=True): # extra JSON validation raise click.BadParameter(f"JSON input: {inp!r} is not a file") - if from_json and is_file(location=inp, follow_symlinks=True): if not inp.lower().endswith(".json"): raise click.BadParameter(f"JSON input: {inp!r} is not a JSON file with a .json extension") From a221018031389a5d81116de02639cef43a9e6451 Mon Sep 17 00:00:00 2001 From: codewithfourtix Date: Mon, 2 Mar 2026 21:19:31 +0500 Subject: [PATCH 3/3] Fix unreachable JSON validation in validate_input_path The JSON extension and well-formedness checks were unreachable dead code because they appeared after an unconditional raise statement. Restructure into if/elif blocks so both checks are actually executed. Also add explicit UTF-8 encoding and handle UnicodeDecodeError when reading the JSON file header to give users a clear error message. Signed-off-by: codewithfourtix codewithfourtix@gmail.com Signed-off-by: codewithfourtix --- src/scancode/cli.py | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/scancode/cli.py b/src/scancode/cli.py index d8f5d9e6da1..d6d58a5f5f2 100644 --- a/src/scancode/cli.py +++ b/src/scancode/cli.py @@ -192,13 +192,16 @@ def validate_input_path(ctx, param, value): if from_json and not is_file(location=inp, follow_symlinks=True): # extra JSON validation raise click.BadParameter(f"JSON input: {inp!r} is not a file") - if from_json and is_file(location=inp, follow_symlinks=True): + elif from_json: if not inp.lower().endswith(".json"): raise click.BadParameter(f"JSON input: {inp!r} is not a JSON file with a .json extension") - with open(inp) as js: - start = js.read(100).strip() + try: + with open(inp, encoding='utf-8') as js: + start = js.read(100).strip() + except UnicodeDecodeError: + raise click.BadParameter(f"JSON input: {inp!r} is not a readable UTF-8 file") if not start.startswith("{"): - raise click.BadParameter(f"JSON input: {inp!r} is not a well formed JSON file") + raise click.BadParameter(f"JSON input: {inp!r} is not well formed JSON file") return value