cycodehq · MarshalX · May 21, 2024 · May 20, 2024
@@ -55,12 +55,12 @@ const _onDidReceiveMessage = async (message: Record<string, string>) => {
     return;
   }
 
-  const detection = scanResultsService.getDetectionById(message.uniqueDetectionId);
-  if (!detection) {
+  const scanResult = scanResultsService.getDetectionById(message.uniqueDetectionId);
+  if (!scanResult) {
     return;
   }
 
-  const ideData = await getSecretDetectionIdeData(detection as SecretDetection);
+  const ideData = await getSecretDetectionIdeData(scanResult.detection as SecretDetection);
 
   vscode.commands.executeCommand(
       VscodeCommands.IgnoreCommandId,

@@ -13,15 +13,15 @@ export class CycodeActions implements vscode.CodeActionProvider {
   ];
 
   provideCodeActions(
-      document: vscode.TextDocument,
-      range: vscode.Range | vscode.Selection,
+      _document: vscode.TextDocument,
+      _range: vscode.Range | vscode.Selection,
       context: vscode.CodeActionContext
   ): vscode.CodeAction[] {
     const aggregatedDiagnostics = aggregateDiagnosticsByCode(context.diagnostics);
 
     const codeActions: vscode.CodeAction[] = [];
     for (const [diagnosticCode, diagnostics] of aggregatedDiagnostics.entries()) {
-      codeActions.push(...this.createCodeActions(diagnosticCode, diagnostics, document, range));
+      codeActions.push(...this.createCodeActions(diagnosticCode, diagnostics));
     }
 
     return this.getUniqueCodeActions(codeActions);
@@ -30,19 +30,17 @@ export class CycodeActions implements vscode.CodeActionProvider {
   private createCodeActions(
       rawDiagnosticCode: string,
       diagnostics: vscode.Diagnostic[],
-      document: vscode.TextDocument,
-      range: vscode.Range | vscode.Selection,
   ) {
     const diagnosticCode = DiagnosticCode.fromString(rawDiagnosticCode);
     switch (diagnosticCode.scanType) {
       case ScanType.Secrets:
-        return createSecretCommandCodeActions(document, range, diagnostics, diagnosticCode);
+        return createSecretCommandCodeActions(diagnostics, diagnosticCode);
       case ScanType.Sca:
-        return createScaCommandCodeActions(document, diagnostics, diagnosticCode);
+        return createScaCommandCodeActions(diagnostics, diagnosticCode);
       case ScanType.Iac:
-        return createIacCommandCodeActions(document, diagnostics, diagnosticCode);
+        return createIacCommandCodeActions(diagnostics, diagnosticCode);
       case ScanType.Sast:
-        return createSastCommandCodeActions(document, diagnostics, diagnosticCode);
+        return createSastCommandCodeActions(diagnostics, diagnosticCode);
       default:
         return [];
     }

@@ -1,95 +1,93 @@
 import * as vscode from 'vscode';
 import {DiagnosticCode} from '../../services/common';
 import {VscodeCommands} from '../../utils/commands';
-import {CommandParameters} from '../../cli-wrapper/constants';
-import {IgnoreCommandConfig} from '../../types/commands';
 import {scanResultsService} from '../../services/ScanResultsService';
+import {AnyDetection, IacDetection, SastDetection, ScaDetection, SecretDetection} from '../../types/detection';
+import {ScanType} from '../../constants';
 
-export const createIgnoreRuleAction = (
-    diagnostics: vscode.Diagnostic[], diagnosticCode: DiagnosticCode, document: vscode.TextDocument
-): vscode.CodeAction => {
-  const detection = scanResultsService.getDetectionById(diagnosticCode.uniqueDetectionId);
-  const ruleId = detection?.detection_rule_id;
+const _getOpenViolationCardActionSastTitle = (detection: SastDetection) => {
+  return detection?.detection_details.policy_display_name;
+};
 
-  const ignoreRuleAction = new vscode.CodeAction(
-      `ignore rule ${ruleId}`,
-      vscode.CodeActionKind.QuickFix
-  );
-  ignoreRuleAction.command = {
-    command: VscodeCommands.IgnoreCommandId,
-    title: `Ignore rule ID: ${ruleId}`,
-    tooltip: 'This will always ignore this rule type',
-    arguments: [
-      {
-        scanType: diagnosticCode.scanType,
-        ignoreBy: CommandParameters.ByRule,
-        param: ruleId,
-        filePath: document.fileName,
-      } as IgnoreCommandConfig,
-    ],
-  };
-  ignoreRuleAction.diagnostics = diagnostics;
-  ignoreRuleAction.isPreferred = false;
+const _getOpenViolationCardActionIacTitle = (detection: IacDetection) => {
+  return detection?.message;
+};
 
-  return ignoreRuleAction;
+const _getOpenViolationCardActionScaTitle = (detection: ScaDetection) => {
+  let description = detection.detection_details.vulnerability_description;
+  if (!description) {
+    // if detection is about non-premise licence
+    description = detection.message;
+  }
+
+  return description;
 };
 
-export const createIgnorePathAction = (
-    diagnostics: vscode.Diagnostic[], diagnosticCode: DiagnosticCode, document: vscode.TextDocument
-): vscode.CodeAction => {
-  const ignorePathAction = new vscode.CodeAction(
-      `ignore path ${document.uri.fsPath}`,
-      vscode.CodeActionKind.QuickFix
-  );
-  ignorePathAction.command = {
-    command: VscodeCommands.IgnoreCommandId,
-    title: `Ignore path: ${document.uri.fsPath}`,
-    tooltip: 'This will always ignore this path',
-    arguments: [
-      {
-        scanType: diagnosticCode.scanType,
-        ignoreBy: CommandParameters.ByPath,
-        param: document.uri.fsPath,
-        filePath: document.fileName,
-      } as IgnoreCommandConfig,
-    ],
-  };
-  ignorePathAction.diagnostics = diagnostics;
-  ignorePathAction.isPreferred = false;
+const _getOpenViolationCardActionSecretTitle = (detection: SecretDetection) => {
+  return `a hardcoded ${detection.type} is used`;
+};
+
+const _getOpenViolationCardActionDetectionSpecificTitle = (
+    detection: AnyDetection, diagnosticCode: DiagnosticCode
+): string => {
+  switch (diagnosticCode.scanType) {
+    case ScanType.Sast:
+      return _getOpenViolationCardActionSastTitle(detection as SastDetection);
+    case ScanType.Secrets:
+      return _getOpenViolationCardActionSecretTitle(detection as SecretDetection);
+    case ScanType.Sca:
+      return _getOpenViolationCardActionScaTitle(detection as ScaDetection);
+    case ScanType.Iac:
+      return _getOpenViolationCardActionIacTitle(detection as IacDetection);
+    default:
+      return detection?.message;
+  }
+};
+
+const _getOpenViolationCardActionTitle = (
+    detection: AnyDetection, diagnosticCode: DiagnosticCode
+): string => {
+  let title = _getOpenViolationCardActionDetectionSpecificTitle(detection, diagnosticCode);
 
-  return ignorePathAction;
+  // cut too long messages
+  if (title && title.length > 50) {
+    title = title.slice(0, 50) + '...';
+  }
+
+  // Cut too long ID.
+  // The original unique ID is 2 ** 64 combinations (16 characters).
+  // We cut it to 6 characters to make it more readable.
+  // It gives as 2 ** 24 combinations that are still enough to be collision-free.
+  // Because it's super rare to have the same detections in the same file in the same text range.
+  const uniqueDetectionId = diagnosticCode.uniqueDetectionId.slice(0, 6);
+
+  return `Cycode: ${title} (${uniqueDetectionId})`;
 };
 
 export const createOpenViolationCardAction = (
     diagnostics: vscode.Diagnostic[], diagnosticCode: DiagnosticCode
 ): vscode.CodeAction => {
-  const detection = scanResultsService.getDetectionById(diagnosticCode.uniqueDetectionId);
-
-  let message = detection?.message;
-  if (detection?.type === 'SAST') {
-    message = detection?.detection_details.policy_display_name;
+  const scanResult = scanResultsService.getDetectionById(diagnosticCode.uniqueDetectionId);
+  if (!scanResult) {
+    throw new Error(`Detection with id ${diagnosticCode.uniqueDetectionId} not found`);
   }
 
-  if (message && message.length > 50) {
-    message = message.slice(0, 50) + '...';
-  }
+  const title = _getOpenViolationCardActionTitle(scanResult.detection, diagnosticCode);
 
   const openViolationCardAction = new vscode.CodeAction(
-      `open violation card for ${message}`,
-      vscode.CodeActionKind.QuickFix
+      title, vscode.CodeActionKind.QuickFix
   );
   openViolationCardAction.command = {
     command: VscodeCommands.OpenViolationPanel,
-    title: `Open Violation Card: ${message}`,
+    title: title,
     tooltip: 'This will open violation card for this detection',
     arguments: [
       diagnosticCode.scanType,
-      detection,
+      scanResult.detection,
     ],
   };
   openViolationCardAction.diagnostics = diagnostics;
   openViolationCardAction.isPreferred = true;
 
   return openViolationCardAction;
 };
-
@@ -1,15 +1,12 @@
 import * as vscode from 'vscode';
 import {DiagnosticCode} from '../../services/common';
-import {createIgnorePathAction, createIgnoreRuleAction, createOpenViolationCardAction} from './commonActions';
+import {createOpenViolationCardAction} from './commonActions';
 
 export const createCommandCodeActions = (
-    document: vscode.TextDocument,
     diagnostics: vscode.Diagnostic[],
     diagnosticCode: DiagnosticCode,
 ): vscode.CodeAction[] => {
   return [
     createOpenViolationCardAction(diagnostics, diagnosticCode),
-    createIgnoreRuleAction(diagnostics, diagnosticCode, document),
-    createIgnorePathAction(diagnostics, diagnosticCode, document),
   ];
 };
@@ -1,15 +1,12 @@
 import * as vscode from 'vscode';
 import {DiagnosticCode} from '../../services/common';
-import {createIgnorePathAction, createIgnoreRuleAction, createOpenViolationCardAction} from './commonActions';
+import {createOpenViolationCardAction} from './commonActions';
 
 export const createCommandCodeActions = (
-    document: vscode.TextDocument,
     diagnostics: vscode.Diagnostic[],
     diagnosticCode: DiagnosticCode,
 ): vscode.CodeAction[] => {
   return [
     createOpenViolationCardAction(diagnostics, diagnosticCode),
-    createIgnoreRuleAction(diagnostics, diagnosticCode, document),
-    createIgnorePathAction(diagnostics, diagnosticCode, document),
   ];
 };
@@ -1,15 +1,12 @@
 import * as vscode from 'vscode';
 import {DiagnosticCode} from '../../services/common';
-import {createIgnorePathAction, createIgnoreRuleAction, createOpenViolationCardAction} from './commonActions';
+import {createOpenViolationCardAction} from './commonActions';
 
 export const createCommandCodeActions = (
-    document: vscode.TextDocument,
     diagnostics: vscode.Diagnostic[],
     diagnosticCode: DiagnosticCode,
 ): vscode.CodeAction[] => {
   return [
     createOpenViolationCardAction(diagnostics, diagnosticCode),
-    createIgnoreRuleAction(diagnostics, diagnosticCode, document),
-    createIgnorePathAction(diagnostics, diagnosticCode, document),
   ];
 };
@@ -1,49 +1,12 @@
 import * as vscode from 'vscode';
 import {DiagnosticCode} from '../../services/common';
-import {VscodeCommands} from '../../utils/commands';
-import {CommandParameters} from '../../cli-wrapper/constants';
-import {IgnoreCommandConfig} from '../../types/commands';
-import {createIgnorePathAction, createIgnoreRuleAction, createOpenViolationCardAction} from './commonActions';
-import {ScanType} from '../../constants';
-
-const createIgnoreValueAction = (
-    diagnostics: vscode.Diagnostic[], range: vscode.Range | vscode.Selection, document: vscode.TextDocument
-): vscode.CodeAction => {
-  const value = document.getText(range);
-
-  const ignoreValueAction = new vscode.CodeAction(
-      `ignore value ${value}`,
-      vscode.CodeActionKind.QuickFix
-  );
-  ignoreValueAction.command = {
-    command: VscodeCommands.IgnoreCommandId,
-    title: `Ignore value: ${value}`,
-    tooltip: 'This will always ignore this value',
-    arguments: [
-      {
-        scanType: ScanType.Secrets,
-        ignoreBy: CommandParameters.ByValue,
-        param: value,
-        filePath: document.fileName,
-      } as IgnoreCommandConfig,
-    ],
-  };
-  ignoreValueAction.diagnostics = diagnostics;
-  ignoreValueAction.isPreferred = true;
-
-  return ignoreValueAction;
-};
+import {createOpenViolationCardAction} from './commonActions';
 
 export const createCommandCodeActions = (
-    document: vscode.TextDocument,
-    range: vscode.Range | vscode.Selection,
     diagnostics: vscode.Diagnostic[],
     diagnosticCode: DiagnosticCode,
 ): vscode.CodeAction[] => {
   return [
     createOpenViolationCardAction(diagnostics, diagnosticCode),
-    createIgnoreValueAction(diagnostics, range, document),
-    createIgnoreRuleAction(diagnostics, diagnosticCode, document),
-    createIgnorePathAction(diagnostics, diagnosticCode, document),
   ];
 };