diff --git a/src/constants.ts b/src/constants.ts index 882ae2a..9956bd1 100644 --- a/src/constants.ts +++ b/src/constants.ts @@ -132,7 +132,7 @@ export const getScanTypeDisplayName = (scanType: string): string => { export const DIAGNOSTIC_CODE_SEPARATOR = '::'; -export const REQUIRED_CLI_VERSION = '1.9.4'; +export const REQUIRED_CLI_VERSION = '1.9.5'; export const CLI_GITHUB = { OWNER: 'cycodehq', diff --git a/src/panels/violation/renderer/sast.ts b/src/panels/violation/renderer/sast.ts index 9893cec..9dc3a40 100644 --- a/src/panels/violation/renderer/sast.ts +++ b/src/panels/violation/renderer/sast.ts @@ -10,7 +10,7 @@ const renderDetection = detection => { const severityFirstLetter = detection.severity[0].toUpperCase(); ge('severity-icon').src = severityIcons[severityFirstLetter]; - ge('title').innerText = detection.message; + ge('title').innerText = detection.detection_details.policy_display_name; const cwes = detection.detection_details.cwe.join(', '); if (cwes) { diff --git a/src/panels/violation/violation-panel.ts b/src/panels/violation/violation-panel.ts index c11188d..314e80c 100644 --- a/src/panels/violation/violation-panel.ts +++ b/src/panels/violation/violation-panel.ts @@ -104,7 +104,7 @@ const _enrichIacDetectionForRender = (detection: IacDetection): IacDetection => }; const _enrichSastDetectionForRender = (detection: SastDetection): SastDetection => { - if (detection.message) { + if (detection.detection_details.description) { detection.detection_details.description = _MARKDOWN_CONVERTER.makeHtml(detection.detection_details.description); } diff --git a/src/providers/code-actions/commonActions.ts b/src/providers/code-actions/commonActions.ts index 70cd085..0ca866c 100644 --- a/src/providers/code-actions/commonActions.ts +++ b/src/providers/code-actions/commonActions.ts @@ -66,6 +66,10 @@ export const createOpenViolationCardAction = ( const detection = scanResultsService.getDetectionById(diagnosticCode.uniqueDetectionId); let message = detection?.message; + if (detection?.type === 'SAST') { + message = detection?.detection_details.policy_display_name; + } + if (message && message.length > 50) { message = message.slice(0, 50) + '...'; } diff --git a/src/providers/tree-view/utils.ts b/src/providers/tree-view/utils.ts index ec295a0..48aab6b 100644 --- a/src/providers/tree-view/utils.ts +++ b/src/providers/tree-view/utils.ts @@ -94,11 +94,11 @@ const _getIacValueItem = (detection: IacDetection): ValueItem => { }; const _getSastValueItem = (detection: SastDetection): ValueItem => { - const {message, detection_details, severity} = detection; + const {detection_details, severity} = detection; const {line_in_file, file_path} = detection_details; const valueItem: TreeViewDisplayedData = { - title: `line ${line_in_file}: ${message}`, + title: `line ${line_in_file}: ${detection_details.policy_display_name}`, severityFirstLetter: mapSeverityToFirstLetter(severity), lineNumber: line_in_file, detection: detection, diff --git a/src/services/scanners/IacScanner.ts b/src/services/scanners/IacScanner.ts index 3e60419..ffd8043 100644 --- a/src/services/scanners/IacScanner.ts +++ b/src/services/scanners/IacScanner.ts @@ -163,7 +163,7 @@ const detectionsToDiagnostics = async ( const document = await vscode.workspace.openTextDocument(documentUri); let message = `Severity: ${detection.severity}\n`; - message += `Description: ${detection.message}\n`; + message += `Rule: ${detection.message}\n`; message += `IaC Provider: ${detection.detection_details.infra_provider}\n`; diff --git a/src/services/scanners/SastScanner.ts b/src/services/scanners/SastScanner.ts index 75a52bc..3f22df0 100644 --- a/src/services/scanners/SastScanner.ts +++ b/src/services/scanners/SastScanner.ts @@ -82,9 +82,6 @@ const normalizeSastDetections = (result: { detections?: SastDetection[] }): Sast if (!detection_details.file_path.startsWith('/')) { detection_details.file_path = '/' + detection_details.file_path; } - - detection_details.description = detection.message; - detection.message = detection.message.slice(0, 50) + '...'; } return result.detections; @@ -158,7 +155,7 @@ const detectionsToDiagnostics = async ( const document = await vscode.workspace.openTextDocument(documentUri); let message = `Severity: ${detection.severity}\n`; - message += `Description: ${detection.message}\n`; + message += `Rule: ${detection.detection_details.policy_display_name}\n`; message += `In file: ${detection.detection_details.file_name}\n`; const diagnostic = new vscode.Diagnostic( diff --git a/src/types/detection.ts b/src/types/detection.ts index 53eb418..851290a 100644 --- a/src/types/detection.ts +++ b/src/types/detection.ts @@ -17,6 +17,7 @@ export type SecretDetection = { description?: string; remediation_guidelines?: string; custom_remediation_guidelines?: string; + policy_display_name: string; }; }; @@ -45,6 +46,10 @@ export type ScaDetection = { vulnerable_requirements: string; first_patched_version: string; }; + description?: string; + remediation_guidelines?: string; + custom_remediation_guidelines?: string; + policy_display_name: string; }; }; @@ -66,6 +71,7 @@ export type IacDetection = { description?: string; remediation_guidelines?: string; custom_remediation_guidelines?: string; + policy_display_name: string; }; }; @@ -77,7 +83,6 @@ export type SastDetection = { severity: string; detection_details: { external_scanner_id: string; - description: string; // doesn't come from CLI yet line_in_file: number; start_position: number; end_position: number; @@ -87,6 +92,10 @@ export type SastDetection = { owasp: string[]; category: string; languages: string[]; + description?: string; + remediation_guidelines?: string; + custom_remediation_guidelines?: string; + policy_display_name: string; }; };