fix terminal output to be consistent between scans

[AdamVB]

We have inconsistent outputs when running cnspec scan local, this is only a visual bug, the correct results are still sent to server.

  1. QueryMap() (policy/bundle_map.go:296-306) builds a map of CodeId → *Mquery. If multiple queries compile to the same MQL code (same CodeId) but have different MRNs (e.g.,
  from different policies), only the last one wins — it's a lossy deduplication.
  2. ReportingQueries in the resolved policy is keyed by CodeId (set at resolved_policy_builder.go:355), so the filter at line 511 passes.
  3. report.Scores is keyed by QrId from ReportingJobs (internal/datalakes/inmemory/policyresolver.go:435). For check-type reporting jobs, QrId = n.queryMrn (the MRN used in
  the resolved policy, set at resolved_policy_builder.go:349).
  4. The lookup at line 516 does report.Scores[query.Mrn] — but query.Mrn comes from whichever Mquery happened to be last in the QueryMap() iteration for that CodeId. If that
  MRN differs from the one used in the resolved policy's ReportingJob, the score lookup fails.

[mondoo-code-review]

Fixes inconsistent terminal output when multiple policies define checks with the same MQL code but different MRNs.

[mondoo-code-review]

🔵 suggestion — buildCodeIdToMrnMap is called inside the for _, target := range report.RawResults loop (the outer loop starting around line 497), but its output depends only on resolved, which doesn't change per iteration. Consider hoisting this call above the outer loop to avoid rebuilding the map for every asset.

[github-actions]

Test Results

  1 files  ±0   37 suites  ±0   1m 21s ⏱️ ±0s
664 tests +8  663 ✅ +8  1 💤 ±0  0 ❌ ±0 
665 runs  +8  664 ✅ +8  1 💤 ±0  0 ❌ ±0 

Results for commit e8c7848. ± Comparison against base commit 03011b5.