The goal is to always have a branch show as up-to date in the dashboard, if the following is true:
The branch has been scanned
The pre-commit hook has been enabled ever since the branch was scanned.
During scanning, for each commit C, keep a set of all file paths that were scanned.
Wait until all commits are scanned. If any new invalid lines were found, the push will be rejected, no need to do anything.
For each commit C, in topological order
For each parent of C, fetch the corresponding Scan Entity
If some parents of C haven’t been scanned, skip this commit – there’s not enough information to mark C as scanned.
Load all the InvalidLine objects from the parents of C.
Remove any InvalidLine objects that have file paths that were just scanned (see step #1)
Update the sha1 and save a copy of the invalid lines found