perf: reduce hot-path allocations and defer default env gating to scan [IDE-1786]

[bastiandoetsch]

User description

Description

This PR targets refactor/IDE-1786_folder-config-refactoring and adds performance improvements identified from profiling (config resolution, scan state aggregation, OSS conversion, startup path).

Behavioural notes

• WaitForDefaultEnv runs in DelegatingConcurrentScanner before scans, not in SnykCli.getCommand / extension executor — faster init, scans still wait for PATH/JAVA_HOME/Maven defaults.
• UnmarshallOssJson errors report input length instead of embedding the full payload (avoids huge error strings).

Technical summary

• ConfigResolver: single RLock + getBoolLocked for DisplayableIssueTypesForFolder
• ScanStateAggregator: per-folder issue-type cache; pre-sized maps
• OSS: byte prefix for JSON array check; issuesByID index; GetExtendedMessage(format, ...)
• Hover: channel buffer 10000 → 100
• Benchmarks: config resolver, StateSnapshot, UnmarshallOssJson

Checklist

• Tests added and all succeed
• Regenerated mocks, etc. (make generate)
• Linted (make lint-fix)
• README.md updated, if user-facing
• License file updated, if new 3rd-party dependency is introduced

---

PR Type

Enhancement, Tests

---

Description

• Defer default environment readiness checks to scanner.

• Optimize hot-path allocations and map pre-sizing.

• Refine OSS JSON parsing and error reporting.

• Introduce new benchmarks and tests.

---

File Walkthrough

	Relevant files
Performance	4 files service.go Reduce hover channel buffer size                                                  +1/-1      scan_state_aggregator.go Optimize scan state aggregation and caching                            +10/-5    converter.go Optimize OSS JSON unmarshalling and error reporting            +6/-5      config_resolver.go Optimize config resolver with locked getter                            +16/-11
Tests	7 files scan_state_aggregator_bench_test.go Add StateSnapshot benchmark                                                            +109/-0  scanner_test.go Add tests for scanner env readiness handling                          +93/-0    cli_extension_executor_test.go Update ExtensionExecutor env readiness test                            +4/-48    cli_test.go Update CLI getCommand env readiness test                                  +4/-49    converter_bench_test.go Add UnmarshallOssJson benchmark                                                    +37/-0    oss_test.go Update OSS tests for refactored issue conversion                  +5/-9      config_resolver_bench_test.go Add config resolver benchmarks                                                      +65/-0
Refactoring	6 files scanner.go Defer default env check to scanner pre-scan                            +24/-9    cli.go Remove default env wait from CLI getCommand                            +0/-5      cli_extension_executor.go Remove default env wait from ExtensionExecutor                      +0/-4      issue.go Refactor OSS issue conversion logic                                            +17/-16  types.go Simplify GetExtendedMessage signature                                        +2/-2      unified_converter.go Align unified converter with GetExtendedMessage signature +5/-2

---

[bastiandoetsch]

/describe

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[snyk-pr-review-bot]

PR Description updated to latest commit (d159d9e)

[ShawkyZ]

why /4+1 ?

[bastiandoetsch]

it is a best effort estimate for products :). it's not always the right size, but it's a start.

[snyk-pr-review-bot]

PR Reviewer Guide 🔍

🧪 PR contains tests

🔒 No security concerns identified

⚡ Recommended focus areas for review High Risk of Backpressure 🟠 [major] Reducing the hoverChan buffer from 10,000 to 100 introduces a significant risk of stalling the entire scan pipeline in large workspaces. Since multiple product scanners publish results concurrently for every file and folder, a burst of completion events could easily saturate the buffer if the hover listener (which takes a lock in registerHovers) is temporarily delayed. This will block the scanner goroutines in DelegatingConcurrentScanner.Scan on the send operation, effectively hanging the scan. s.hoverChan = make(chan DocumentHovers, 100)

📚 Repository Context Analyzed This review considered 47 relevant code sections from 15 files (average relevance: 0.90) domain/ide/workspace/folder.go (lines 1-223) infrastructure/oss/cli_scanner.go (lines 1-215) infrastructure/code/code.go (lines 1-160) domain/ide/workspace/workspace.go (lines 1-254) application/di/test_init.go (lines 1-117) application/config/config.go (lines 1-196) infrastructure/code/fake_code_client_scanner.go (lines 1-45) ... and 8 more file(s)