merge with main after conflicts

Author: cx-dmitri-rivin

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/Checkmarx/containers-resolver v1.0.11
 	github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63
 	github.com/Checkmarx/gen-ai-wrapper v1.0.2
-	github.com/Checkmarx/manifest-parser v0.0.9
+	github.com/Checkmarx/manifest-parser v0.1.0
 	github.com/Checkmarx/secret-detection v0.0.3-0.20250327150305-31c2c3be9edf
 	github.com/MakeNowJust/heredoc v1.0.0
 	github.com/bouk/monkey v1.0.0
@@ -140,7 +140,7 @@ require (
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.1 // indirect
 	github.com/go-restruct/restruct v1.2.0-alpha // indirect
-	github.com/go-viper/mapstructure/v2 v2.2.1 // indirect
+	github.com/go-viper/mapstructure/v2 v2.3.0 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect

go.sum

@@ -75,8 +75,8 @@ github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 h1:SCuTcE
 github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63/go.mod h1:MI6lfLerXU+5eTV/EPTDavgnV3owz3GPT4g/msZBWPo=
 github.com/Checkmarx/gen-ai-wrapper v1.0.2 h1:T6X40+4hYnwfDsvkjWs9VIcE6s1O+8DUu0+sDdCY3GI=
 github.com/Checkmarx/gen-ai-wrapper v1.0.2/go.mod h1:xwRLefezwNNnRGu1EjGS6wNiR9FVV/eP9D+oXwLViVM=
-github.com/Checkmarx/manifest-parser v0.0.9 h1:+H63riEKjhOuneTZ0eYzvwABHia04RZTuojtz2EJKz8=
-github.com/Checkmarx/manifest-parser v0.0.9/go.mod h1:hh5FX5FdDieU8CKQEkged4hfOaSylpJzub8PRFXa4kA=
+github.com/Checkmarx/manifest-parser v0.1.0 h1:swnzQpBFbJap7dgoj39oI6MaIqUlnVuBp5VJzeLVevQ=
+github.com/Checkmarx/manifest-parser v0.1.0/go.mod h1:hh5FX5FdDieU8CKQEkged4hfOaSylpJzub8PRFXa4kA=
 github.com/Checkmarx/secret-detection v0.0.3-0.20250327150305-31c2c3be9edf h1:lKiogedU3WzWBc/xI6Xj1BhX2Gp1QBJj8C+czY7CcaE=
 github.com/Checkmarx/secret-detection v0.0.3-0.20250327150305-31c2c3be9edf/go.mod h1:mtAHOm1mHGh7MVu6JdYUyitANsLcHNLUTBIh9pTERNI=
 github.com/CycloneDX/cyclonedx-go v0.9.2 h1:688QHn2X/5nRezKe2ueIVCt+NRqf7fl3AVQk+vaFcIo=
@@ -421,8 +421,8 @@ github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZ
 github.com/go-test/deep v1.0.4/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
 github.com/go-test/deep v1.1.1 h1:0r/53hagsehfO4bzD2Pgr/+RgHqhmf+k1Bpse2cTu1U=
 github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
-github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss=
-github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
+github.com/go-viper/mapstructure/v2 v2.3.0 h1:27XbWsHIqhbdR5TIC911OfYvgSaW93HM+dX7970Q7jk=
+github.com/go-viper/mapstructure/v2 v2.3.0/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
 github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
 github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
 github.com/gobwas/httphead v0.1.0/go.mod h1:O/RXo79gxV8G+RqlR/otEwx4Q36zl9rqC5u12GKvMCM=

internal/commands/data/manifests/requirements.txt

@@ -59,11 +59,11 @@ Django>=3.0,<4.0
 
 # Less than or equal
 
-requests<=2.25.1
+requests<=2.32.4
 
 # Compatible release (PEP 440)
 
-urllib3\~=1.26.0
+urllib3\~=2.5.0
 
 # Not equal
 

internal/commands/result.go

@@ -1785,13 +1785,7 @@ func exportJSONResults(targetFile string, results *wrappers.ScanResultsCollectio
 func exportJSONReportResults(jsonWrapper wrappers.ResultsJSONWrapper, summary *wrappers.ResultSummary, summaryRpt string, featureFlagsWrapper wrappers.FeatureFlagsWrapper) error {
 	jsonReportsPayload := &wrappers.JSONReportsPayload{}
 	pollingResp := &wrappers.JSONPollingResponse{}
-	flagResponse, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.NewScanReportEnabled)
-	newScanReportEnabled := flagResponse.Status
-	if newScanReportEnabled {
-		jsonReportsPayload.ReportName = reportNameImprovedScanReport
-	} else {
-		jsonReportsPayload.ReportName = reportNameScanReport
-	}
+	jsonReportsPayload.ReportName = reportNameImprovedScanReport
 
 	jsonOptionsSections, jsonOptionsEngines := parseJSONOptions(summary.EnginesEnabled, jsonReportsPayload.ReportName)
 
@@ -1889,19 +1883,11 @@ func exportPdfResults(pdfWrapper wrappers.ResultsPdfWrapper, summary *wrappers.R
 	pdfOptions string, featureFlagsWrapper wrappers.FeatureFlagsWrapper) error {
 	pdfReportsPayload := &wrappers.PdfReportsPayload{}
 	pollingResp := &wrappers.PdfPollingResponse{}
-	flagResponse, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.NewScanReportEnabled)
-	newScanReportEnabled := flagResponse.Status
-	if newScanReportEnabled {
-		pdfReportsPayload.ReportName = reportNameImprovedScanReport
-	} else {
-		pdfReportsPayload.ReportName = reportNameScanReport
-	}
-
+	pdfReportsPayload.ReportName = reportNameImprovedScanReport
 	pdfOptionsSections, pdfOptionsEngines, err := parsePDFOptions(pdfOptions, summary.EnginesEnabled, pdfReportsPayload.ReportName)
 	if err != nil {
 		return err
 	}
-
 	pdfReportsPayload.ReportType = CliType
 	pdfReportsPayload.FileFormat = printer.FormatPDF
 	pdfReportsPayload.Data.ScanID = summary.ScanID

internal/commands/result_test.go

@@ -635,7 +635,6 @@ func TestRunGetBFLByScanIdAndQueryIdWithFormatList(t *testing.T) {
 
 func TestRunGetResultsGeneratingPdfReportWithInvalidEmail(t *testing.T) {
 	clearFlags()
-	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.NewScanReportEnabled, Status: false}
 	err := execCmdNotNilAssertion(t,
 		"results", "show",
 		"--report-format", "pdf",
@@ -646,7 +645,6 @@ func TestRunGetResultsGeneratingPdfReportWithInvalidEmail(t *testing.T) {
 
 func TestRunGetResultsGeneratingPdfReportWithInvalidOptions(t *testing.T) {
 	clearFlags()
-	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.NewScanReportEnabled, Status: false}
 	err := execCmdNotNilAssertion(t,
 		"results", "show",
 		"--report-format", "pdf",
@@ -657,7 +655,6 @@ func TestRunGetResultsGeneratingPdfReportWithInvalidOptions(t *testing.T) {
 
 func TestRunGetResultsGeneratingPdfReportWithInvalidImprovedOptions(t *testing.T) {
 	clearFlags()
-	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.NewScanReportEnabled, Status: false}
 	err := execCmdNotNilAssertion(t,
 		"results", "show",
 		"--report-format", "pdf",
@@ -668,7 +665,6 @@ func TestRunGetResultsGeneratingPdfReportWithInvalidImprovedOptions(t *testing.T
 
 func TestRunGetResultsGeneratingPdfReportWithEmailAndOptions(t *testing.T) {
 	clearFlags()
-	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.NewScanReportEnabled, Status: false}
 	cmd := createASTTestCommand()
 	err := executeTestCommand(cmd,
 		"results", "show",
@@ -681,7 +677,6 @@ func TestRunGetResultsGeneratingPdfReportWithEmailAndOptions(t *testing.T) {
 
 func TestRunGetResultsGeneratingPdfReportWithOptionsImprovedMappingHappens(t *testing.T) {
 	clearFlags()
-	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.NewScanReportEnabled, Status: true}
 	cmd := createASTTestCommand()
 	err := executeTestCommand(cmd,
 		"results", "show",
@@ -694,7 +689,6 @@ func TestRunGetResultsGeneratingPdfReportWithOptionsImprovedMappingHappens(t *te
 
 func TestRunGetResultsGeneratingPdfReportWithInvalidOptionsImproved(t *testing.T) {
 	clearFlags()
-	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.NewScanReportEnabled, Status: true}
 	cmd := createASTTestCommand()
 	err := executeTestCommand(cmd,
 		"results", "show",
@@ -707,7 +701,6 @@ func TestRunGetResultsGeneratingPdfReportWithInvalidOptionsImproved(t *testing.T
 
 func TestRunGetResultsGeneratingPdfReportWithOptions(t *testing.T) {
 	clearFlags()
-	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.NewScanReportEnabled, Status: false}
 	cmd := createASTTestCommand()
 	err := executeTestCommand(cmd,
 		"results", "show",
@@ -726,7 +719,6 @@ func TestRunGetResultsGeneratingPdfReportWithOptions(t *testing.T) {
 
 func TestRunGetResultsGeneratingJsonV2Report(t *testing.T) {
 	clearFlags()
-	mock.Flag = wrappers.FeatureFlagResponseModel{Name: wrappers.NewScanReportEnabled, Status: false}
 	cmd := createASTTestCommand()
 	err := executeTestCommand(cmd,
 		"results", "show",

internal/commands/scan.go

@@ -19,6 +19,7 @@ import (
 	"strconv"
 	"strings"
 	"time"
+	"unicode"
 
 	"github.com/checkmarx/ast-cli/internal/commands/asca"
 	"github.com/checkmarx/ast-cli/internal/commands/scarealtime"
@@ -1546,9 +1547,9 @@ func runScaResolver(sourceDir, scaResolver, scaResolverParams, projectName strin
 			scaResolverResultsFile,
 		}
 		if scaResolverParams != "" {
-			args = append(args, scaResolverParams)
+			parsedscaResolverParams := parseArgs(scaResolverParams)
+			args = append(args, parsedscaResolverParams...)
 		}
-
 		log.Println(fmt.Sprintf("Using SCA resolver: %s %v", scaResolver, args))
 		out, err := exec.Command(scaResolver, args...).Output()
 		logger.PrintIfVerbose(string(out))
@@ -1719,6 +1720,7 @@ func getScaResolverFlags(cmd *cobra.Command) (scaResolverParams, scaResolver str
 		scaResolver = ""
 		scaResolverParams = ""
 	}
+	logger.PrintfIfVerbose("Sca-Resolver params:: %v", scaResolverParams)
 	return scaResolverParams, scaResolver
 }
 
@@ -2971,3 +2973,34 @@ func validateBooleanString(value string) error {
 	}
 	return nil
 }
+
+func parseArgs(input string) []string {
+	var args []string
+	var current strings.Builder
+	var quote rune
+	inQuotes := false
+
+	for i, r := range input {
+		switch {
+		case (r == '\'' || r == '"') && !inQuotes:
+			inQuotes = true
+			quote = r
+		case r == quote && inQuotes:
+			inQuotes = false
+		case unicode.IsSpace(r) && !inQuotes:
+			if current.Len() > 0 {
+				args = append(args, current.String())
+				current.Reset()
+			}
+		default:
+			current.WriteRune(r)
+		}
+
+		// Append last token if input ends
+		if i == len(input)-1 && current.Len() > 0 {
+			args = append(args, current.String())
+		}
+	}
+
+	return args
+}

internal/commands/scan_test.go

@@ -2326,3 +2326,40 @@ func TestValidateScanTypes(t *testing.T) {
 		})
 	}
 }
+
+func TestCreateScanWith_ScaResolver_Source_as_Zip(t *testing.T) {
+	clearFlags()
+	baseArgs := []string{
+		"scan",
+		"create",
+		"--project-name",
+		"MOCK",
+		"-s",
+		"data/sources.zip",
+		"-b",
+		"dummy_branch",
+		"--sca-resolver",
+		"ScaResolver.exe",
+	}
+	err := execCmdNotNilAssertion(t, baseArgs...)
+	assert.Assert(t, strings.Contains(err.Error(), ScaResolverZipNotSupportedErr), err.Error())
+}
+
+func Test_parseArgs(t *testing.T) {
+	tests := []struct {
+		inputString string
+		lenOfArgs   int
+	}{
+		{"--log-level Debug --break-on-manifest-failure", 3},
+		{`test test1`, 2},
+		{"--gradle-parameters='-Prepository.proxy.url=123 -Prepository.proxy.username=123 -Prepository.proxy.password=123' --log-level Debug", 3},
+	}
+
+	for _, test := range tests {
+		fmt.Println("test ::", test)
+		result := parseArgs(test.inputString)
+		if len(result) != test.lenOfArgs {
+			t.Errorf(" test case failed for params %v", test)
+		}
+	}
+}

internal/wrappers/feature-flags.go

@@ -13,7 +13,6 @@ const CVSSV3Enabled = "CVSS_V3_ENABLED"
 const MinioEnabled = "MINIO_ENABLED"
 const SastCustomStateEnabled = "SAST_CUSTOM_STATES_ENABLED"
 const SCSEngineCLIEnabled = "NEW_2MS_SCORECARD_RESULTS_CLI_ENABLED"
-const NewScanReportEnabled = "NEW_SAST_SCAN_REPORT_ENABLED"
 const RiskManagementEnabled = "RISK_MANAGEMENT_IDES_PROJECT_RESULTS_SCORES_API_ENABLED"
 const OssRealtimeEnabled = "OSS_REALTIME_ENABLED"
 const maxRetries = 3
@@ -55,15 +54,6 @@ var FeatureFlagsBaseMap = []CommandFlags{
 			},
 		},
 	},
-	{
-		CommandName: "cx results show",
-		FeatureFlags: []FlagBase{
-			{
-				Name:    NewScanReportEnabled,
-				Default: false,
-			},
-		},
-	},
 	{
 		CommandName: "cx triage update",
 		FeatureFlags: []FlagBase{

test/integration/data/manifests/requirements.txt

@@ -59,11 +59,11 @@ Django>=3.0,<4.0
 
 # Less than or equal
 
-requests<=2.25.1
+requests<=2.32.4
 
 # Compatible release (PEP 440)
 
-urllib3\~=1.26.0
+urllib3\~=2.5.0
 
 # Not equal