From e11cd923604284e7d3541978574aa41930c8d539 Mon Sep 17 00:00:00 2001
From: Gordon Wang <36049150+gordonwang0@users.noreply.github.com>
Date: Tue, 14 Feb 2023 00:15:00 +0100
Subject: [PATCH] Purge Cargo.lock files from Mariner vendor dir (#6908)

Cargo.lock files present in the vendor directory will cause Component Governance to incorrectly scan those dependencies. Remove these files to prevent this.
---
 edgelet/build/linux/package-mariner.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/edgelet/build/linux/package-mariner.sh b/edgelet/build/linux/package-mariner.sh
index e53856e02c3..d9b981d1b27 100755
--- a/edgelet/build/linux/package-mariner.sh
+++ b/edgelet/build/linux/package-mariner.sh
@@ -103,6 +103,7 @@ cargo vendor vendor
 # Purge Cargo.lock files from dependencies. These files are not necessary and will cause
 # Component Governance to incorrectly scan them for issues.
 find "$CARGO_HOME/registry/src/" -name "Cargo.lock" -exec echo "Deleting {}" \; -exec rm {} \;
+find "${BUILD_REPOSITORY_LOCALPATH}/vendor/" -name "Cargo.lock" -exec echo "Deleting {}" \; -exec rm {} \;
 
 # Configure Cargo to use vendored the deps
 mkdir .cargo