add ignore file to secrets (#865)

cx-itay-paz · Itay Paz · web-flow · commit a7f7a2266738 · 2025-07-21T12:09:30.000+03:00
Co-authored-by: Itay Paz &lt;itaypaz@Itays-MacBook-Pro-2.local&gt;
diff --git a/src/main/wrapper/CxWrapper.ts b/src/main/wrapper/CxWrapper.ts
@@ -168,13 +168,25 @@ export class CxWrapper {
     return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_OSS);
 }
 
-    async secretsScanResults(sourceFile: string): Promise<CxCommandOutput> {
-        const commands: string[] = [CxConstants.CMD_SCAN, CxConstants.CMD_SECRETS, CxConstants.SOURCE, sourceFile];
-        commands.push(...this.initializeCommands(false));
-        const exec = new ExecutionService();
-        return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_SECRETS);
+    async secretsScanResults(sourceFile: string, ignoredFilePath?: string): Promise<CxCommandOutput> {
+    const commands: string[] = [
+        CxConstants.CMD_SCAN,
+        CxConstants.CMD_SECRETS,
+        CxConstants.SOURCE,
+        sourceFile
+    ];
+
+    if (ignoredFilePath) {
+        commands.push(CxConstants.IGNORE__FILE_PATH);
+        commands.push(ignoredFilePath);
     }
 
+    commands.push(...this.initializeCommands(false));
+
+    const exec = new ExecutionService();
+    return await exec.executeCommands(this.config.pathToExecutable, commands, CxConstants.SCAN_SECRETS);
+}
+
     async scanCancel(id: string): Promise<CxCommandOutput> {
         const commands: string[] = [CxConstants.CMD_SCAN, CxConstants.SUB_CMD_CANCEL, CxConstants.SCAN_ID, id];
         commands.push(...this.initializeCommands(false));
diff --git a/src/tests/ScanTest.test.ts b/src/tests/ScanTest.test.ts
@@ -205,9 +205,9 @@ describe("ScanCreate cases", () => {
     expect(hasCOA).toBe(false);
 });
 
-    it.skip('ScanSecrets Successful case', async () => {
+    it('ScanSecrets Successful case', async () => {
         const wrapper = new CxWrapper(cxScanConfig);
-        const cxCommandOutput: CxCommandOutput = await wrapper.secretsScanResults("src/tests/data/secret-exposed.txt");
+        const cxCommandOutput: CxCommandOutput = await wrapper.secretsScanResults("src/tests/data/secret-exposed.txt","");
         console.log("Json object from scanOSS successful case: " + JSON.stringify(cxCommandOutput));
         expect(cxCommandOutput.payload).toBeDefined();
         expect(cxCommandOutput.exitCode).toBe(0);
diff --git a/src/tests/data/ignoreFileSecrets.json b/src/tests/data/ignoreFileSecrets.json
@@ -0,0 +1,5 @@
+{
+    "Title": "github-pat",
+    "FilePath": "/Users/itaypaz/Library/CloudStorage/OneDrive-Checkmarx/Documents/jswrapper/ast-cli-javascript-wrapper/src/tests/data/secret-exposed.txt",
+    "Line": 3
+  }
