Track the filepath where the secret and malicious/archived packages come from

[aponcedeleonch]

Add a CodeSnippet object to the stored alerts for secrets and malicious/archived packages. This would enable to know from which file a specific secret came from.

[lukehinds]

defer until after stacklok/codegate#454

[yrobla]

For secrets, I added code snippets to the alerts, so we can identify the path:

{"code":"from fabrice import task # type: ignore\n\n@task\ndef clone_private_repo(c):\n github_token = \"ghp_xxsx\"\n repo = \"stacklok/private-repo\" # Replace with the actual owner/repo\n\n repo_url = f\"https://github.com/{repo}.git\"\n\n # Using the token via an HTTP header configuration\n command = f'git -c http.extraHeader=\"Authorization: Bearer {github_token}\" clone {repo_url}'\n c.run(command)\n print(\"Repository cloned successfully!\")\n\n@task\ndef deploy(c):\n c.run(\"echo 'Deploying the app...'\")\n print(\"App deployed successfully!\")\n\n@task\ndef test(c):\n c.run(\"echo 'Running tests...'\")\n print(\"Tests passed successfully!\")\n\n\ndef getStatus():\n return \"OK\"\n\ndef process_results():\n response = getStatus()\n if response == \"OK\":\n clone_private_repo()\n deploy()\n test()\n print(\"All tasks completed successfully!\")\n else:\n print(\"Something went wrong{response}\")\n\n# main function\ndef main():\n process_results()\n\nif __name__ == \"__main__\":\n main()\n\n","language":"python","filepath":"file:///Users/yolanda/development/codegate-demonstration/python/fabric.py","libraries":[],"file_extension":".py"}

i will look at doing the same for packages

[yrobla]

I added codde snippets also to malicious packages. Now what's missing is to visualize that into the frontend