diff --git a/package-lock.json b/package-lock.json index 4ff458c3..738c9430 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,7 +12,7 @@ "adm-zip": "~0.5.9", "fs-extra": "~10.1.0", "jfrog-client-js": "^2.9.0", - "jfrog-ide-webview": "https://releases.jfrog.io/artifactory/ide-webview-npm/jfrog-ide-webview/-/jfrog-ide-webview-0.2.14.tgz", + "jfrog-ide-webview": "https://releases.jfrog.io/artifactory/ide-webview-npm/jfrog-ide-webview/-/jfrog-ide-webview-0.3.0.tgz", "js-yaml": "^4.1.0", "json2csv": "~5.0.7", "nuget-deps-tree": "^0.3.1", @@ -4343,9 +4343,9 @@ } }, "node_modules/jfrog-ide-webview": { - "version": "0.2.14", - "resolved": "https://releases.jfrog.io/artifactory/ide-webview-npm/jfrog-ide-webview/-/jfrog-ide-webview-0.2.14.tgz", - "integrity": "sha512-sf8k+nr9QlQHZZ6DlCkbXdiG/Jb4lk4/Ft8SBM2B9W8apVTHth4pdNuM3vSD/RE7wt8aoA3QXNCPWi2GMRmZZg==", + "version": "0.3.0", + "resolved": "https://releases.jfrog.io/artifactory/ide-webview-npm/jfrog-ide-webview/-/jfrog-ide-webview-0.3.0.tgz", + "integrity": "sha512-EUgZv/75HxTCHDmiO0/FALsfBeR7KW/4bvfp7iZJGZaxNxyVSxBIb9tVQmeg/SlMEZbnuEpDoDzlhzypCtnTMg==", "dependencies": { "@mui/icons-material": "^5.14.19", "@mui/lab": "^5.0.0-alpha.142", diff --git a/package.json b/package.json index e57d7097..3c550624 100644 --- a/package.json +++ b/package.json @@ -333,7 +333,7 @@ "adm-zip": "~0.5.9", "fs-extra": "~10.1.0", "jfrog-client-js": "^2.9.0", - "jfrog-ide-webview": "https://releases.jfrog.io/artifactory/ide-webview-npm/jfrog-ide-webview/-/jfrog-ide-webview-0.2.14.tgz", + "jfrog-ide-webview": "https://releases.jfrog.io/artifactory/ide-webview-npm/jfrog-ide-webview/-/jfrog-ide-webview-0.3.0.tgz", "js-yaml": "^4.1.0", "json2csv": "~5.0.7", "nuget-deps-tree": "^0.3.1", diff --git a/src/main/diagnostics/descriptorActionProvider.ts b/src/main/diagnostics/descriptorActionProvider.ts index e8a45795..8036099b 100644 --- a/src/main/diagnostics/descriptorActionProvider.ts +++ b/src/main/diagnostics/descriptorActionProvider.ts @@ -118,7 +118,7 @@ export class DescriptorActionProvider extends AbstractFileActionProvider impleme if (!dependency || dependency.indirect || !this.availableUpdateManager(dependency)) { return actions; } - + dependency.getFixedVersionToCves().forEach((cves: Set, fixedVersion: string) => { previousCves = new Set([...previousCves, ...cves]); actions.push(this.createFixAction(dependency, previousCves, fixedVersion)); diff --git a/src/main/scanLogic/scanManager.ts b/src/main/scanLogic/scanManager.ts index c6c3de61..dff0dbbd 100644 --- a/src/main/scanLogic/scanManager.ts +++ b/src/main/scanLogic/scanManager.ts @@ -111,9 +111,9 @@ export class ScanManager implements ExtensionComponent { } if (scanDetails.jasRunnerFactory.supportedScans.tokenValidation) { if (params) { - params.tokenValidation = scanDetails.jasRunnerFactory.supportedScans.tokenValidation + params.tokenValidation = scanDetails.jasRunnerFactory.supportedScans.tokenValidation; } else { - params = {tokenValidation: scanDetails.jasRunnerFactory.supportedScans.tokenValidation} + params = { tokenValidation: scanDetails.jasRunnerFactory.supportedScans.tokenValidation }; } } for (const runner of jasRunners) { diff --git a/src/main/scanLogic/scanRunners/analyzerManager.ts b/src/main/scanLogic/scanRunners/analyzerManager.ts index 92879028..aa5ef052 100644 --- a/src/main/scanLogic/scanRunners/analyzerManager.ts +++ b/src/main/scanLogic/scanRunners/analyzerManager.ts @@ -149,7 +149,6 @@ export class AnalyzerManager { }; } - private async populateOptionalInformation(binaryVars: NodeJS.ProcessEnv, params?: BinaryEnvParams) { // Optional proxy information - environment variable let proxyHttpUrl: string | undefined = process.env['HTTP_PROXY']; @@ -164,7 +163,7 @@ export class AnalyzerManager { } if (params?.tokenValidation && params.tokenValidation === true) { - binaryVars[AnalyzerManager.JF_VALIDATE_SECRETS] = "true" + binaryVars[AnalyzerManager.JF_VALIDATE_SECRETS] = 'true'; } if (proxyHttpUrl) { binaryVars[AnalyzerManager.ENV_HTTP_PROXY] = this.addOptionalProxyAuthInformation(proxyHttpUrl); diff --git a/src/main/scanLogic/scanRunners/applicabilityScan.ts b/src/main/scanLogic/scanRunners/applicabilityScan.ts index 37160fed..cfaa80bf 100644 --- a/src/main/scanLogic/scanRunners/applicabilityScan.ts +++ b/src/main/scanLogic/scanRunners/applicabilityScan.ts @@ -281,7 +281,7 @@ export class ApplicabilityRunner extends JasRunner { let potential: CveApplicableDetails | undefined = applicableCvesIdToDetails.get(scannedCve); if (potential) { relevantApplicableCve.set(scannedCve, potential); - continue + continue; } potential = notApplicableCvesIdToDetails.get(scannedCve); if (potential) { diff --git a/src/main/scanLogic/sourceCodeScan/supportedScans.ts b/src/main/scanLogic/sourceCodeScan/supportedScans.ts index 99e6f810..2683d3c9 100644 --- a/src/main/scanLogic/sourceCodeScan/supportedScans.ts +++ b/src/main/scanLogic/sourceCodeScan/supportedScans.ts @@ -14,11 +14,11 @@ export class SupportedScans { private _tokenValidation?: boolean; constructor(private _connectionManager: ConnectionManager, protected _logManager: LogManager) {} - get tokenValidation(): boolean | undefined { - return this._tokenValidation + get tokenValidation(): boolean | undefined { + return this._tokenValidation; } - public setTokenValidation(value: boolean| undefined): SupportedScans { + public setTokenValidation(value: boolean | undefined): SupportedScans { this._tokenValidation = value; return this; } @@ -87,8 +87,8 @@ export class SupportedScans { ); requests.push( this.isTokenValidationEnabled() - .then(res => this.setTokenValidation(res)) - .catch(err => ScanUtils.onScanError(err, this._logManager, true)) + .then(res => this.setTokenValidation(res)) + .catch(err => ScanUtils.onScanError(err, this._logManager, true)) ); await Promise.all(requests); return this; @@ -121,10 +121,10 @@ export class SupportedScans { return await ConnectionUtils.testXrayEntitlementForFeature(this._connectionManager.createJfrogClient(), EntitlementScanFeature.Sast); } - /** + /** * Check if token validation scan is enabled */ - public async isTokenValidationEnabled(): Promise { + public async isTokenValidationEnabled(): Promise { let xraySemver: semver.SemVer = new semver.SemVer(this._connectionManager.xrayVersion); if (xraySemver.compare(DYNAMIC_TOKEN_VALIDATION_MIN_XRAY_VERSION) < 0) { this._logManager.logMessage( diff --git a/src/main/treeDataProviders/utils/analyzerUtils.ts b/src/main/treeDataProviders/utils/analyzerUtils.ts index d830dce5..9f48ff89 100644 --- a/src/main/treeDataProviders/utils/analyzerUtils.ts +++ b/src/main/treeDataProviders/utils/analyzerUtils.ts @@ -96,12 +96,13 @@ export class AnalyzerUtils { ); let fileIssue: SecurityIssue = AnalyzerUtils.getOrCreateSecurityIssue(fileWithIssues, analyzeIssue, fullDescription); let newLocation: FileRegion = location.physicalLocation.region; - let properties: {[key: string]: string} = { - "tokenValidation": analyzeIssue.properties?.tokenValidation - ? (analyzeIssue.properties.tokenValidation.trim() as keyof typeof TokenStatus) : '', - "metadata": analyzeIssue.properties?.metadata ? analyzeIssue.properties.metadata.trim() : '' - } - newLocation.properties = properties + let properties: { [key: string]: string } = { + tokenValidation: analyzeIssue.properties?.tokenValidation + ? (analyzeIssue.properties.tokenValidation.trim() as keyof typeof TokenStatus) + : '', + metadata: analyzeIssue.properties?.metadata ? analyzeIssue.properties.metadata.trim() : '' + }; + newLocation.properties = properties; fileIssue.locations.push(newLocation); }); } @@ -262,7 +263,7 @@ export class AnalyzerUtils { // Not Applicable let notApplicableApplicableDetails: CveApplicableDetails | undefined = descriptorNode.notApplicableCve?.get(node.labelId); if (!notApplicableApplicableDetails) { - continue + continue; } evidences.push({ reason: notApplicableApplicableDetails.fixReason