feat: parallelize container test dependency requests

[bgardiner]

Pull Request Submission Checklist

• Follows CONTRIBUTING guidelines
• Commit messages
  are release-note ready, emphasizing
  what was changed, not how.
• Includes detailed description of changes
• Contains risk assessment (Low | Medium | High)
• Highlights breaking API changes (if applicable)
• Links to automated tests covering new functionality
• Includes manual testing instructions (if necessary)
• Updates relevant GitBook documentation (PR link: ___)
• Includes product update to be announced in the next stable release notes

What does this PR do?

This PR improves performance for ecosystem/container dependency testing by changing the /test-dependencies request flow from fully sequential to hybrid execution:

• For each path, it always executes the first ScanResult request first (base OS project ordering retained)
• It then executes the remaining ScanResult requests in parallel
• It preserves output ordering by collecting parallel responses and appending them in scan order
• It preserves existing error semantics:
  • 4xx request failures still fail fast
  • non-4xx failures are aggregated as per-path errors and the run continues

Additionally, this PR includes a follow-up commit to fix lint/formatting issues in the new unit test file so code-analysis can pass.

Where should the reviewer start?

• src/lib/ecosystems/test.ts
• test/jest/unit/lib/ecosystems/test.spec.ts

How should this be manually tested?

1. Run lint checks (matches CI code-analysis lint stage):
   • npm run lint
2. Run targeted unit tests:
   • npm run test:unit -- --runTestsByPath test/jest/unit/lib/ecosystems/test.spec.ts
3. Run related monitor unit tests for regression confidence:
   • npm run test:unit -- --runTestsByPath test/jest/unit/ecosystems-monitor-docker.spec.ts
4. Optionally run a representative container test command against a multi-project image and compare duration:
   • snyk container test <image>

What's the product update that needs to be communicated to CLI users?

Container test execution is now faster for images that produce multiple scan results. The CLI now keeps base OS processing first and parallelizes the remaining dependency API requests for better end-to-end command latency.

Risk assessment (Low | Medium | High)?

Low. The change is scoped to ecosystem test request orchestration and is covered with focused unit tests for execution order, error behavior, and result ordering.

Any background context you want to provide?

This addresses cases where container scans return many ScanResult entries and sequential /test-dependencies requests can make command runtime significantly longer.

What are the relevant tickets?

N/A

  

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[github-actions]

	Warnings
⚠️	There are multiple commits on your branch, please squash them locally before merging!

Generated by 🚫 dangerJS against 2980d6c