Merge branch 'main' into feature/saraChen/telemetryAIEvents

Author: cx-itay-paz

src/main/wrapper/CxConstants.ts

@@ -1,4 +1,5 @@
 export enum CxConstants {
+    IGNORE__FILE_PATH = "--ignored-file-path",
     SOURCE = "-s",
     VERBOSE = "-v",
     PROJECT_NAME = "--project-name",

src/main/wrapper/CxWrapper.ts

@@ -149,20 +149,44 @@ export class CxWrapper {
         return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_ASCA);
     }
 
-    async ossScanResults(sourceFile: string): Promise<CxCommandOutput> {
-        const commands: string[] = [CxConstants.CMD_SCAN, CxConstants.CMD_OSS, CxConstants.SOURCE, sourceFile];
-        commands.push(...this.initializeCommands(false));
-        const exec = new ExecutionService();
-        return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_OSS);
+    async ossScanResults(sourceFile: string, ignoredFilePath?: string): Promise<CxCommandOutput> {
+    const commands: string[] = [
+        CxConstants.CMD_SCAN,
+        CxConstants.CMD_OSS,
+        CxConstants.SOURCE,
+        sourceFile
+    ];
+
+    if (ignoredFilePath) {
+        commands.push(CxConstants.IGNORE__FILE_PATH);
+        commands.push(ignoredFilePath);
     }
 
-    async secretsScanResults(sourceFile: string): Promise<CxCommandOutput> {
-        const commands: string[] = [CxConstants.CMD_SCAN, CxConstants.CMD_SECRETS, CxConstants.SOURCE, sourceFile];
-        commands.push(...this.initializeCommands(false));
-        const exec = new ExecutionService();
-        return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_SECRETS);
+    commands.push(...this.initializeCommands(false));
+
+    const exec = new ExecutionService();
+    return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_OSS);
+}
+
+    async secretsScanResults(sourceFile: string, ignoredFilePath?: string): Promise<CxCommandOutput> {
+    const commands: string[] = [
+        CxConstants.CMD_SCAN,
+        CxConstants.CMD_SECRETS,
+        CxConstants.SOURCE,
+        sourceFile
+    ];
+
+    if (ignoredFilePath) {
+        commands.push(CxConstants.IGNORE__FILE_PATH);
+        commands.push(ignoredFilePath);
     }
 
+    commands.push(...this.initializeCommands(false));
+
+    const exec = new ExecutionService();
+    return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_SECRETS);
+}
+
     async scanCancel(id: string): Promise<CxCommandOutput> {
         const commands: string[] = [CxConstants.CMD_SCAN, CxConstants.SUB_CMD_CANCEL, CxConstants.SCAN_ID, id];
         commands.push(...this.initializeCommands(false));

src/main/wrapper/resources/cx-linux

@@ -1,3 +1,2 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:21771d942fb89bbd90c919037cda83447a1203cd326830434337c32a3492dc0f
-size 75620536
+oid sha256:3dc4decd7c938c329a672b42f273e5a439e39294d60f7adb81e6e79b7187b333
+size 75718840

src/main/wrapper/resources/cx-mac

@@ -1,3 +1,2 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8ce7a37c2b110f904854ec9fad0af04fd23396ed752547892b414171dd85f2c7
-size 152195760
+oid sha256:c7ffcb8755b167b5b6cc2c4610bc4ebe664af6974df2127092ef30c2b7b17223
+size 152395216

src/main/wrapper/resources/cx.exe

@@ -1,3 +1,2 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4bbeacde274d8f70bc971071523ef2885bcaba7592a8f9108fe94af719028eac
-size 77585792
+oid sha256:14d343b959bcb155f03f2aa5f80fdb8e549b91827705051ef9455b6d67b12ad0
+size 77686208

src/tests/ScanTest.test.ts

@@ -2,6 +2,7 @@ import { CxWrapper } from '../main/wrapper/CxWrapper';
 import { CxCommandOutput } from "../main/wrapper/CxCommandOutput";
 import { CxParamType } from "../main/wrapper/CxParamType";
 import { BaseTest } from "./BaseTest";
+import {OssPackage} from "./data/ossTypes";
 
 describe("ScanCreate cases", () => {
     const cxScanConfig = new BaseTest();
@@ -173,21 +174,58 @@ describe("ScanCreate cases", () => {
         expect(Number.isInteger(scanObject.scanDetails[0].line)).toBe(true);
         expect(typeof scanObject.scanDetails[0].description).toBe('string');
     });
-    
+
     it('ScanOss Successful case', async () => {
         const wrapper = new CxWrapper(cxScanConfig);
-        const cxCommandOutput: CxCommandOutput = await wrapper.ossScanResults("tsc/tests/data/package.json");
+        const cxCommandOutput: CxCommandOutput = await wrapper.ossScanResults("tsc/tests/data/package.json","");
         console.log("Json object from scanOSS successful case: " + JSON.stringify(cxCommandOutput));
         expect(cxCommandOutput.payload).toBeDefined();
         expect(cxCommandOutput.exitCode).toBe(0);
     });
 
-    it.skip('ScanSecrets Successful case', async () => {
+    it.skip('ScanOss with ignored package should filter results', async () => {
+    const wrapper = new CxWrapper(cxScanConfig);
+    const sourceFile = "tsc/tests/data/package.json";
+    const ignoredFile = "tsc/tests/data/checkmarxIgnoredTempFile.json";
+
+    const cxCommandOutput: CxCommandOutput = await wrapper.ossScanResults(sourceFile, ignoredFile);
+
+    expect(cxCommandOutput.exitCode).toBe(0);
+    expect(cxCommandOutput.payload).toBeDefined();
+
+    const results = cxCommandOutput.payload as OssPackage[];
+
+    console.log("Filtered OSS packages:", results);
+
+    expect(results.length).toBe(1);
+
+    const hasCOA = results.some(pkg =>
+        pkg.PackageManager === "coa" && pkg.PackageVersion === "3.1.3"
+    );
+    expect(hasCOA).toBe(false);
+});
+
+    it('ScanSecrets Successful case', async () => {
         const wrapper = new CxWrapper(cxScanConfig);
-        const cxCommandOutput: CxCommandOutput = await wrapper.secretsScanResults("src/tests/data/secret-exposed.txt");
+        const cxCommandOutput: CxCommandOutput = await wrapper.secretsScanResults("src/tests/data/secret-exposed.txt","");
         console.log("Json object from scanOSS successful case: " + JSON.stringify(cxCommandOutput));
         expect(cxCommandOutput.payload).toBeDefined();
         expect(cxCommandOutput.exitCode).toBe(0);
     });
 
+    it.skip('ScanSecrets with ignore file filters the result', async () => {
+    const wrapper = new CxWrapper(cxScanConfig);
+    const cxCommandOutput: CxCommandOutput = await wrapper.secretsScanResults(
+        "src/tests/data/secret-exposed.txt",
+        "src/tests/data/ignoreFileSecrets.json"
+    );
+
+    console.log("Json object from scanSecrets with ignore file: " + JSON.stringify(cxCommandOutput));
+    expect(cxCommandOutput.payload).toBeDefined();
+    expect(Array.isArray(cxCommandOutput.payload)).toBe(true);
+    expect(cxCommandOutput.payload.length).toBe(0);
+    expect(cxCommandOutput.exitCode).toBe(0);
 });
+
+});
+

src/tests/data/ignoreFileSecrets.json

@@ -0,0 +1,7 @@
+[
+{
+    "Title": "github-pat",
+    "FilePath": "/Users/itaypaz/Library/CloudStorage/OneDrive-Checkmarx/Documents/jswrapper/ast-cli-javascript-wrapper/src/tests/data/secret-exposed.txt",
+    "Line": 3
+  }
+]

src/tests/data/ossTypes.ts

@@ -0,0 +1,21 @@
+export interface Location {
+    Line: number;
+    StartIndex: number;
+    EndIndex: number;
+}
+
+export interface Vulnerability {
+    CVE: string;
+    Description: string;
+    Severity: string;
+}
+
+export interface OssPackage {
+    PackageManager: string;
+    PackageName: string;
+    PackageVersion: string;
+    FilePath: string;
+    Locations: Location[];
+    Status: string;
+    Vulnerabilities: Vulnerability[];
+}

tsc/tests/data/checkmarxIgnoredTempFile.json

@@ -0,0 +1,7 @@
+[
+  {
+    "PackageManager": "npm",
+    "PackageName": "coa",
+    "PackageVersion": "3.1.3"
+  }
+]

tsc/tests/data/package.json

@@ -3,6 +3,7 @@
   "version": "0.0.1",
   "description": "AST CLI Javascript wrapper tests",
   "dependencies": {
-    "log4js": "^6.9.1"
+    "log4js": "^6.9.1",
+    "coa":"3.1.3"
   }
 }