From 7d6d1b2b1b95d4b06107a813ff1b5f50e919cfbc Mon Sep 17 00:00:00 2001
From: Aditya B <abyreddy@blackduck.com>
Date: Thu, 9 Oct 2025 13:36:29 +0530
Subject: [PATCH 1/2] Fix sonarqube findings under go mod file detector

---
 .../go/gomodfile/parse/GoModDependencyResolver.java         | 2 +-
 .../detectables/go/gomodfile/parse/GoModFileParser.java     | 2 +-
 .../go/gomodfile/parse/model/GoDependencyNode.java          | 6 ++++++
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java
index cc05440a4c..2cb63f5bd5 100644
--- a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java
+++ b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java
@@ -105,7 +105,7 @@ public ResolvedDependencies resolveDependencies(GoModFileContent goModContent, E
         }
 
         // Check connectivity to Go proxy
-        if (!goProxyModuleResolver.checkConnectivity()) {
+        if (goProxyModuleResolver.checkConnectivity().equals(false)) {
             logger.warn("Cannot connect to Go proxy at {}. Skipping recursive dependency resolution.", goProxyModuleResolver.options.getGoProxyUrl());
             return new ResolvedDependencies(finalDirectDependencies, finalIndirectDependencies, rootNode);
         }
diff --git a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModFileParser.java b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModFileParser.java
index 7d439b7d4b..b35b8496b6 100644
--- a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModFileParser.java
+++ b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModFileParser.java
@@ -33,7 +33,7 @@ public class GoModFileParser {
     private static final Pattern MODULE_PATTERN = Pattern.compile("^module\\s+(.+)$");
     private static final Pattern GO_VERSION_PATTERN = Pattern.compile("^go\\s+(.+)$");
     private static final Pattern TOOLCHAIN_PATTERN = Pattern.compile("^toolchain\\s+(.+)$");
-    private static final Pattern DEPENDENCY_PATTERN = Pattern.compile("^\\s*([^\\s]+)\\s+([^\\s]+(?:-[^\\s]+)*)(?:\\s+//\\s*(.+))?$");
+    private static final Pattern DEPENDENCY_PATTERN = Pattern.compile("^\\s*([^\\s]+)\\s+([^\\s]+)(?:\\s+//\\s*(.+))?$");
     private static final Pattern REPLACE_PATTERN = Pattern.compile("^\\s*([^\\s]+)(?:\\s+([^\\s]+))?\\s+=>");
     private static final Pattern COMMENT_PATTERN = Pattern.compile("^\\s*//.*$");
     private static final Pattern EMPTY_LINE_PATTERN = Pattern.compile("^\\s*$");
diff --git a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/model/GoDependencyNode.java b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/model/GoDependencyNode.java
index 0381051b82..45e7ce9713 100644
--- a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/model/GoDependencyNode.java
+++ b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/model/GoDependencyNode.java
@@ -1,6 +1,7 @@
 package com.blackduck.integration.detectable.detectables.go.gomodfile.parse.model;
 
 import java.util.List;
+import java.util.Objects;
 
 import com.blackduck.integration.bdio.model.dependency.Dependency;
 
@@ -45,6 +46,11 @@ public boolean equals(Object o) {
 
         return dependency != null ? dependency.equals(that.dependency) : that.dependency == null;
     }
+
+    @Override
+    public int hashCode() {
+        return Objects.hash(dependency, children, isRootNode);
+    }
     
     /**
      * Utility method to get the total count of all dependencies in the graph (including transitive).

From ecf880757354440b09b905d4610d07663e0da61f Mon Sep 17 00:00:00 2001
From: Aditya Byreddy <37792774+sig-abyreddy@users.noreply.github.com>
Date: Thu, 9 Oct 2025 13:42:14 +0530
Subject: [PATCH 2/2] Update
 detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .../detectables/go/gomodfile/parse/GoModDependencyResolver.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java
index 2cb63f5bd5..cc05440a4c 100644
--- a/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java
+++ b/detectable/src/main/java/com/blackduck/integration/detectable/detectables/go/gomodfile/parse/GoModDependencyResolver.java
@@ -105,7 +105,7 @@ public ResolvedDependencies resolveDependencies(GoModFileContent goModContent, E
         }
 
         // Check connectivity to Go proxy
-        if (goProxyModuleResolver.checkConnectivity().equals(false)) {
+        if (!goProxyModuleResolver.checkConnectivity()) {
             logger.warn("Cannot connect to Go proxy at {}. Skipping recursive dependency resolution.", goProxyModuleResolver.options.getGoProxyUrl());
             return new ResolvedDependencies(finalDirectDependencies, finalIndirectDependencies, rootNode);
         }