jfrog · attiasas · Nov 26, 2024 · Nov 26, 2024
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -333,7 +333,7 @@
         "adm-zip": "~0.5.9",
         "fs-extra": "~10.1.0",
         "jfrog-client-js": "^2.9.0",
-        "jfrog-ide-webview": "https://releases.jfrog.io/artifactory/ide-webview-npm/jfrog-ide-webview/-/jfrog-ide-webview-0.2.14.tgz",
+        "jfrog-ide-webview": "https://releases.jfrog.io/artifactory/ide-webview-npm/jfrog-ide-webview/-/jfrog-ide-webview-0.3.0.tgz",
         "js-yaml": "^4.1.0",
         "json2csv": "~5.0.7",
         "nuget-deps-tree": "^0.3.1",

diff --git a/src/main/diagnostics/descriptorActionProvider.ts b/src/main/diagnostics/descriptorActionProvider.ts
@@ -118,7 +118,7 @@ export class DescriptorActionProvider extends AbstractFileActionProvider impleme
         if (!dependency || dependency.indirect || !this.availableUpdateManager(dependency)) {
             return actions;
         }
-    
+
         dependency.getFixedVersionToCves().forEach((cves: Set<string>, fixedVersion: string) => {
             previousCves = new Set([...previousCves, ...cves]);
             actions.push(this.createFixAction(dependency, previousCves, fixedVersion));

diff --git a/src/main/scanLogic/scanManager.ts b/src/main/scanLogic/scanManager.ts
@@ -111,9 +111,9 @@ export class ScanManager implements ExtensionComponent {
         }
         if (scanDetails.jasRunnerFactory.supportedScans.tokenValidation) {
             if (params) {
-                params.tokenValidation = scanDetails.jasRunnerFactory.supportedScans.tokenValidation
+                params.tokenValidation = scanDetails.jasRunnerFactory.supportedScans.tokenValidation;
             } else {
-                params = {tokenValidation: scanDetails.jasRunnerFactory.supportedScans.tokenValidation}
+                params = { tokenValidation: scanDetails.jasRunnerFactory.supportedScans.tokenValidation };
             }
         }
         for (const runner of jasRunners) {

diff --git a/src/main/scanLogic/scanRunners/analyzerManager.ts b/src/main/scanLogic/scanRunners/analyzerManager.ts
@@ -149,7 +149,6 @@ export class AnalyzerManager {
         };
     }
 
-
     private async populateOptionalInformation(binaryVars: NodeJS.ProcessEnv, params?: BinaryEnvParams) {
         // Optional proxy information - environment variable
         let proxyHttpUrl: string | undefined = process.env['HTTP_PROXY'];
@@ -164,7 +163,7 @@ export class AnalyzerManager {
         }
 
         if (params?.tokenValidation && params.tokenValidation === true) {
-            binaryVars[AnalyzerManager.JF_VALIDATE_SECRETS] = "true"
+            binaryVars[AnalyzerManager.JF_VALIDATE_SECRETS] = 'true';
         }
         if (proxyHttpUrl) {
             binaryVars[AnalyzerManager.ENV_HTTP_PROXY] = this.addOptionalProxyAuthInformation(proxyHttpUrl);

diff --git a/src/main/scanLogic/scanRunners/applicabilityScan.ts b/src/main/scanLogic/scanRunners/applicabilityScan.ts
@@ -281,7 +281,7 @@ export class ApplicabilityRunner extends JasRunner {
                 let potential: CveApplicableDetails | undefined = applicableCvesIdToDetails.get(scannedCve);
                 if (potential) {
                     relevantApplicableCve.set(scannedCve, potential);
-                    continue
+                    continue;
                 }
                 potential = notApplicableCvesIdToDetails.get(scannedCve);
                 if (potential) {

diff --git a/src/main/scanLogic/sourceCodeScan/supportedScans.ts b/src/main/scanLogic/sourceCodeScan/supportedScans.ts
@@ -14,11 +14,11 @@ export class SupportedScans {
     private _tokenValidation?: boolean;
     constructor(private _connectionManager: ConnectionManager, protected _logManager: LogManager) {}
 
-    get tokenValidation(): boolean | undefined { 
-        return this._tokenValidation
+    get tokenValidation(): boolean | undefined {
+        return this._tokenValidation;
     }
 
-    public setTokenValidation(value: boolean| undefined): SupportedScans {
+    public setTokenValidation(value: boolean | undefined): SupportedScans {
         this._tokenValidation = value;
         return this;
     }
@@ -87,8 +87,8 @@ export class SupportedScans {
         );
         requests.push(
             this.isTokenValidationEnabled()
-            .then(res => this.setTokenValidation(res))
-            .catch(err => ScanUtils.onScanError(err, this._logManager, true))
+                .then(res => this.setTokenValidation(res))
+                .catch(err => ScanUtils.onScanError(err, this._logManager, true))
         );
         await Promise.all(requests);
         return this;
@@ -121,10 +121,10 @@ export class SupportedScans {
         return await ConnectionUtils.testXrayEntitlementForFeature(this._connectionManager.createJfrogClient(), EntitlementScanFeature.Sast);
     }
 
-     /**
+    /**
      * Check if token validation scan is enabled
      */
-     public async isTokenValidationEnabled(): Promise<boolean> {
+    public async isTokenValidationEnabled(): Promise<boolean> {
         let xraySemver: semver.SemVer = new semver.SemVer(this._connectionManager.xrayVersion);
         if (xraySemver.compare(DYNAMIC_TOKEN_VALIDATION_MIN_XRAY_VERSION) < 0) {
             this._logManager.logMessage(

diff --git a/src/main/treeDataProviders/utils/analyzerUtils.ts b/src/main/treeDataProviders/utils/analyzerUtils.ts
@@ -96,12 +96,13 @@ export class AnalyzerUtils {
             );
             let fileIssue: SecurityIssue = AnalyzerUtils.getOrCreateSecurityIssue(fileWithIssues, analyzeIssue, fullDescription);
             let newLocation: FileRegion = location.physicalLocation.region;
-            let properties: {[key: string]: string} = {
-               "tokenValidation": analyzeIssue.properties?.tokenValidation
-                ? (analyzeIssue.properties.tokenValidation.trim() as keyof typeof TokenStatus) : '',
-                "metadata": analyzeIssue.properties?.metadata ? analyzeIssue.properties.metadata.trim() : ''
-            }
-            newLocation.properties = properties
+            let properties: { [key: string]: string } = {
+                tokenValidation: analyzeIssue.properties?.tokenValidation
+                    ? (analyzeIssue.properties.tokenValidation.trim() as keyof typeof TokenStatus)
+                    : '',
+                metadata: analyzeIssue.properties?.metadata ? analyzeIssue.properties.metadata.trim() : ''
+            };
+            newLocation.properties = properties;
             fileIssue.locations.push(newLocation);
         });
     }
@@ -262,7 +263,7 @@ export class AnalyzerUtils {
                         // Not Applicable
                         let notApplicableApplicableDetails: CveApplicableDetails | undefined = descriptorNode.notApplicableCve?.get(node.labelId);
                         if (!notApplicableApplicableDetails) {
-                            continue
+                            continue;
                         }
                         evidences.push({
                             reason: notApplicableApplicableDetails.fixReason