From d32845e8cf308399408791c2227f6d0c69905f8e Mon Sep 17 00:00:00 2001
From: Lee Read <lee@dlread.com>
Date: Sun, 4 Aug 2024 15:14:12 -0400
Subject: [PATCH] Explicitly close dependency-check engine when done (#89)

* Explicitly close dependency-check engine when done

Restructured internal code slightly to match semantics of working with a
resource that is open then closed.

Closes #86

* review feedback: use a thread
---
 CHANGELOG.md                                  |  1 +
 .../controller/dependency_check/scanner.clj   | 40 ++++++++++---------
 2 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index be230e2..bc0c561 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@
 * Unreleased
   * Bump deps [#75](https://github.com/clj-holmes/clj-watson/issues/75)
   * Improve command line experience [#77](https://github.com/clj-holmes/clj-watson/issues/77)
+  * Explicitly close the dependency-check engine when we are done with it [#86](https://github.com/clj-holmes/clj-watson/issues/86)
 
 * v5.1.3 5812615 -- 2024-07-31
   * Address [#60](https://github.com/clj-holmes/clj-watson/issues/60) by updating `org.owasp/dependency-check-core` to 10.0.3.
diff --git a/src/clj_watson/controller/dependency_check/scanner.clj b/src/clj_watson/controller/dependency_check/scanner.clj
index cd16642..4c60a30 100644
--- a/src/clj_watson/controller/dependency_check/scanner.clj
+++ b/src/clj_watson/controller/dependency_check/scanner.clj
@@ -12,7 +12,8 @@
   (binding [*out* *err*]
     (println "Downloading/Updating database.")
     (.doUpdates engine)
-    (println "Download/Update completed.")))
+    (println "Download/Update completed."))
+  engine)
 
 (defn- sanitize-property
   "Given a line from a properties file, remove sensitive information."
@@ -57,26 +58,27 @@
     settings))
 
 (defn ^:private build-engine [dependency-check-properties clj-watson-properties]
-  (let [settings (create-settings dependency-check-properties clj-watson-properties)
-        engine (Engine. settings)]
-    (update-download-database engine)
-    engine))
+  (let [settings (create-settings dependency-check-properties clj-watson-properties)]
+    (Engine. settings)))
 
 (defn ^:private clojure-file? [dependency-path]
   (string/ends-with? dependency-path ".jar"))
 
-(defn ^:private scan-jars [dependencies dependency-check-properties clj-watson-properties]
-  (let [engine (build-engine dependency-check-properties clj-watson-properties)]
-    (->> dependencies
-         (map :paths)
-         (apply concat)
-         (filter clojure-file?)
-         (map io/file)
-         (.scan engine))
-    (.analyzeDependencies engine)
-    engine))
+(defn ^:private scan-jars [engine dependencies]
+  (->> dependencies
+       (map :paths)
+       (apply concat)
+       (filter clojure-file?)
+       (map io/file)
+       (.scan engine))
+  (.analyzeDependencies engine)
+  engine)
 
-(defn start! [dependencies dependency-check-properties clj-watson-properties]
-  (let [engine (scan-jars dependencies dependency-check-properties clj-watson-properties)
-        scanned-dependencies (->> engine .getDependencies Arrays/asList)]
-    scanned-dependencies))
+(defn start!
+  [dependencies dependency-check-properties clj-watson-properties]
+  (with-open [engine (build-engine dependency-check-properties clj-watson-properties)]
+    (-> engine
+        (update-download-database)
+        (scan-jars dependencies)
+        (.getDependencies)
+        (Arrays/asList))))