Merge pull request #369 from Checkmarx/feature/ASCA_realtime

Asca, IaC and Temetry changes (AST-107859)

Author: cx-anurag-dalke

README.md

@@ -7,32 +7,32 @@
 [![Stargazers][stars-shield]][stars-url]
 [![Issues][issues-shield]][issues-url]
 [![Install][install-shield]][install-url]
-[![APACHE License][license-shield]][license-url]
+[![License][license-shield]][license-url]
 
 </div>
 <br />
-
 <p align="center">
-  <a href="https://github.com/Checkmarx/ast-jetbrains-plugin">
-    <img src="https://raw.githubusercontent.com/Checkmarx/ci-cd-integrations/main/.images/cx_x_icon.png" alt="Logo" width="80" height="80" />
-  </a>
-
+<a href="https://github.com/Checkmarx/ast-jetbrains-plugin">
+<img src="https://raw.githubusercontent.com/Checkmarx/ci-cd-integrations/main/.images/cx_x_icon.png" alt="Logo" width="80" height="80" />
+</a>
 <h3 align="center">CHECKMARX-ONE-JETBRAINS-PLUGIN</h3>
-
 <p align="center">
-    The Checkmarx One JetBrains plugin enables you to import results from a Checkmarx One scan directly into your IDE and run new scans from the IDE.
-    <br />
-    <a href="https://docs.checkmarx.com/en/34965-68734-installing-and-setting-up-the-checkmarx-one-jetbrains-pluging.html"><strong>Explore the docs »</strong></a>
-    <br />
-    <a href="https://plugins.jetbrains.com/plugin/17672-checkmarx-ast"><strong>Marketplace »</strong></a>
-    <br />
-    <br />
-    <a href="https://github.com/Checkmarx/ast-jetbrains-plugin/issues/new">Report Bug</a>
-    ·
-    <a href="https://github.com/Checkmarx/ast-jetbrains-plugin/issues/new">Request Feature</a>
-  </p>
-
-
+<a href="https://docs.checkmarx.com/en/34965-68734-installing-and-setting-up-the-checkmarx-one-jetbrains-pluging.html"><strong>Explore the docs »</strong></a>
+<br />
+<a href="https://plugins.jetbrains.com/plugin/17672-checkmarx-ast"><strong>Marketplace »</strong></a>
+</p>
+</p>
+
+<p  align="center">
+The Checkmarx One JetBrains plugin enables you to import results from a Checkmarx One scan directly into your IDE and run new scans from the IDE.
+</p>
+<br  />
+<p  align="center">
+<a  href="https://github.com/Checkmarx/ast-jetbrains-plugin/issues/new">Report Bug</a>
+·
+<a  href="https://github.com/Checkmarx/ast-jetbrains-plugin/issues/new">Request Feature</a>
+</p>
+<br>
 
 <!-- TABLE OF CONTENTS -->
 <details>
@@ -55,70 +55,67 @@
 
 # Overview
 
-Checkmarx continues to spearhead the shift-left approach to AppSec by bringing our powerful AppSec tools into your IDE. This empowers developers to identify vulnerabilities and remediate them **as they code**. The Checkmarx One (AST) JetBrains plugin integrates seamlessly into your IDE, enabling you to access the full functionality of your Checkmarx One account (SAST, SCA, IaC Security) directly from your IDE.
+Checkmarx continues to spearhead the shift-left approach to AppSec by bringing our powerful AppSec tools into your IDE. This empowers developers to identify vulnerabilities and remediate them **as they code**. The Checkmarx One (AST) JetBrains plugin integrates seamlessly into your IDE, enabling you to access the full functionality of your Checkmarx One account (SAST, SCA, IaC Security and Secret Detection) directly from your IDE.
 
 You can run new scans, or import results from scans run in your Checkmarx One account. Checkmarx provides detailed info about each vulnerability, including remediation recommendations and examples of effective remediation. The plugin enables you to navigate from a vulnerability to the relevant source code, so that you can easily zero-in on the problematic code and start working on remediation.
 
-This plugin provides easy integration with JetBrains and is compatible with all JetBrains IDE products (e.g., IntelliJ IDEA, PyCharm, WebStorm etc.).
-
-## Key Features
-
--   Access the full power of Checkmarx One (SAST, SCA, IaC Security, API Security, Container Security) directly from your IDE.
-
--   Run a new scan from your IDE even before committing the code, or import scan results from your Checkmarx One account.
-
--   Rescan an existing branch from your IDE or create a new branch in Checkmarx One for the local branch in your workspace.
+This extension also includes **​Checkmarx One Developer Assist**, an agentic AI tool that delivers real-time context-aware prevention, remediation, and guidance to developers inside the IDE.
 
--   Provides actionable results including remediation recommendations. Navigate from results panel directly to the highlighted vulnerable code in the editor and get right down to work on the remediation.
+> This plugin provides easy integration with JetBrains IDEs. It is officially supported for IntelliJ IDEA. It may work effectively for other JetBrains IDEs such as Rider, WebStorm, RubyMine, PyCharm, MPS, etc. However, Checkmarx does not guarantee full functionality and stability for these IDEs.
 
--   Group and filter results.
+**GIF - Triaging Results in the IDE**
+![Triaging Results in the IDE](https://raw.githubusercontent.com/Checkmarx/ci-cd-integrations/main/.images/JetBrains_Triaging_Results.gif "Triaging Results in the IDE")
 
--   Triage results (by adjusting the severity and state and adding comments) directly from the JetBrains console (currently supported for SAST and IaC Security).
+**GIF - Running a Scan from the IDE**
+![Running a Scan from the IDE](https://raw.githubusercontent.com/Checkmarx/ci-cd-integrations/main/.images/JetBrains_Running_Scans_From_IDE.gif "Running a Scan from the IDE")
 
--   Apply Auto Remediation to automatically remediate open source vulnerabilities, by updating to a non-vulnerable package version.
-
--   Links to Codebashing lessons.
-
--   AI Secure Coding Assistant (ASCA) - A lightweight scan engine that runs in the background while you work, enabling developers to identify and remediate secure coding best practice violations  **as they code**.
-
-## Checkmarx One Developer Assist – AI guided remediation
+## Key Features
+- Access the full power of Checkmarx One (SAST, SCA, IaC Security, API Security, Container Security) directly from your IDE.
+-   ASCA, a lightweight realtime source code scanner, enables developers to identify secure coding best practice violations in the file that they are working on **as they code**.
+- Run a new scan from your IDE even before committing the code, or import scan results from your Checkmarx One account.
+- Rescan an existing branch from your IDE or create a new branch in Checkmarx One for the local branch in your workspace.
+- Provides actionable results including remediation recommendations. Navigate from results panel directly to the highlighted vulnerable code in the editor and get right down to work on the remediation.
+- Connect to Checkmarx via API Key or OAuth user login flow
+- Group and filter results.
+- Triage results (by adjusting the severity and state and adding comments) directly from the JetBrains console (currently supported for SAST and IaC Security).
+- Apply Auto Remediation to automatically remediate open source vulnerabilities, by updating to a non-vulnerable package version.
+- Links to Codebashing lessons.
+#### **Checkmarx One Developer Assist – AI guided remediation**
 - An advanced security agent that delivers real-time context-aware prevention, remediation, and guidance to developers from the IDE.
 - OSS Realtime scanner identifies risks in open source packages used in your project.
+> COMING SOON - additional realtime scanners for identifying risks in container images, as well as exposed secrets and IaC risks.
 - MCP-based agentic AI remediation.
 - AI powered explanation of risk details
 
-  **COMING SOON** - additional realtime scanners for identifying risks in container images, as well as exposed secrets and IaC risks.
 
 
 ## Prerequisites
 
--   You are running IntelliJ version 2022.2+ or another JetBrains IDE that is based on a supported version of IntelliJ.
-
--   You have access to Checkmarx One via:
-    - an **API key** (see [Generating an API Key](https://checkmarx.com/resource/documents/en/34965-68618-generating-an-api-key.html)), OR
-    - login credentials (Base URL, Tenant name, Username and Password).
-> The following are the minimum required  [roles](https://docs.checkmarx.com/en/34965-68603-managing-roles.html "Managing Roles")  for running an end-to-end flow of scanning a project and viewing results via the CLI or plugins:
-> -   CxOne composite role  `ast-scanner`
-> -   CxOne role  `view-policy-management`
-> -   IAM role  `default-roles`
-
-To use **Dev Assist**, you need the following additional prerequisites:
-- A Checkmarx One account with a Checkmarx One Assist license
-- The Checkmarx MCP must be activated for your tenant account in the Checkmarx One UI under Settings → Plugins. This must be done by an account admin.
-- You must have GitHub Copilot Chat (AI Agent) installed
+- You are running IntelliJ version 2022.2+
+> Early versions of our plugin (2.0.16 and below) support JetBrains version 2021.1+ as well.
+> If you are using a JetBrains IDE other than IntelliJ (**Note:** these are not officially supported), make sure that you are using a version based on IntelliJ version 2022.2+.
+- You have access to Checkmarx One via:
+- an **API key** (see [Generating an API Key](https://checkmarx.com/resource/documents/en/34965-68618-generating-an-api-key.html)), OR
+- login credentials (Base URL, Tenant name, Username and Password).
+> 🔑 **Note:** The following are the minimum required roles for accessing the full functionality of the IDE plugins:
+>  - Checkmarx One composite role ast-scanner
+>  - IAM role default-roles
+     To use **Dev Assist**, you need the following additional prerequisites:
+- A Checkmarx One account with a **Checkmarx One Assist** license
+- The **Checkmarx MCP** must be activated for your tenant account in the Checkmarx One UI under **Settings → Plugins**. This must be done by an account admin.
+- You must have **GitHub Copilot Chat  (AI Agent)** installed
 
 ## Initial Setup
-
--   Verify that all prerequisites are in place.
-
--   Install the **Checkmarx One** plugin and configure the settings as
-    described [here](https://docs.checkmarx.com/en/34965-68734-installing-and-setting-up-the-checkmarx-one-jetbrains-pluging-68734.html#UUID-8d3bdd51-782c-2816-65e2-38d7529651c8_section-idm449017032697283334758018635).
-
-**Note:** To use Dev Assist, you need to Start the Checkmarx MCP server.
+- Verify that all prerequisites are in place.
+- Install the **Checkmarx One** plugin and configure the settings as
+  described [here](https://docs.checkmarx.com/en/34965-68734-installing-and-setting-up-the-checkmarx-one-jetbrains-pluging-68734.html#UUID-8d3bdd51-782c-2816-65e2-38d7529651c8_section-idm449017032697283334758018635).
+> Note: To use Dev Assist, you may need to **Start** the Checkmarx MCP server.
+**GIF – Installing and Setting Up the Plugin**
+![Installing and Setting Up the Plugin](https://raw.githubusercontent.com/Checkmarx/ci-cd-integrations/main/.images/JetBrains_Installation_And_Initial_Setup.gif "Installing and Setting Up the Plugin")
 
 ## Usage
-
-To see how you can use our tool, please refer to the [Documentation](https://docs.checkmarx.com/en/34965-68734-installing-and-setting-up-the-checkmarx-one-jetbrains-pluging.html)
+* To see how you can use our tool, please refer to the [Documentation](https://docs.checkmarx.com/en/34965-68736-using-the-checkmarx-one-jetbrains-plugin.html#UUID-54985b7e-78ae-a5e7-4afc-0195ed2c18b3)
+* Learn about using Dev Assist [here](https://docs.checkmarx.com/en/34965-405960-checkmarx-one-developer-assist.html)
 
 
 ## Feedback

build.gradle

@@ -12,6 +12,7 @@ def javaWrapperVersion = System.getenv('JAVA_WRAPPER_VERSION')
 def remoteRobotVersion = '0.11.23'
 
 repositories {
+
     mavenCentral()
     maven {
         url = 'https://packages.jetbrains.team/maven/p/ij/intellij-dependencies'
@@ -49,7 +50,7 @@ dependencies {
     implementation 'com.miglayout:miglayout-swing:11.3'
 
     if (javaWrapperVersion == "" || javaWrapperVersion == null) {
-        implementation('com.checkmarx.ast:ast-cli-java-wrapper:2.4.16'){
+        implementation('com.checkmarx.ast:ast-cli-java-wrapper:2.4.16.2-telemetry'){
             exclude group: 'junit', module: 'junit'
         }
     } else {

src/main/java/com/checkmarx/intellij/Constants.java

@@ -2,8 +2,6 @@
 
 import org.jetbrains.annotations.NonNls;
 
-import java.util.List;
-
 /**
  * Non-translatable constants.
  */
@@ -18,7 +16,6 @@ private Constants() {
     public static final String BUNDLE_PATH = "messages.CxBundle";
 
     public static final String LOGGER_CAT_PREFIX = "CX#";
-    public static final String CXONE_ASSIST = "CxOne Assist";
 
     public static final String GLOBAL_SETTINGS_ID = "settings.ast";
     public static final String TOOL_WINDOW_ID = "Checkmarx";
@@ -126,106 +123,6 @@ private AuthConstants() {
         public static final int TIME_OUT_SECONDS = 120;
     }
 
-    /**
-     * The RealTimeConstants class defines a collection of constant values
-     * related to real-time scanning functionalities, including support for
-     * different scanning engines and associated configurations.
-     */
-    public static final class RealTimeConstants {
-
-        private RealTimeConstants() {
-            throw new UnsupportedOperationException("Cannot instantiate RealTimeConstants class");
-        }
-
-        // Tab Name Constants
-        public static final String DEVASSIST_TAB = "CxOne Assist Findings";
-
-        // OSS Scanner Constants
-        public static final String ACTIVATE_OSS_REALTIME_SCANNER = "Activate OSS-Realtime";
-        public static final String OSS_REALTIME_SCANNER = "Checkmarx Open Source Realtime Scanner (OSS-Realtime)";
-        public static final String OSS_REALTIME_SCANNER_START = "Realtime OSS Scanner Engine started";
-        public static final String OSS_REALTIME_SCANNER_DISABLED = "Realtime OSS Scanner Engine disabled";
-        public static final String OSS_REALTIME_SCANNER_DIRECTORY = "Cx-oss-realtime-scanner";
-        public static final String ERROR_OSS_REALTIME_SCANNER = "Failed to handle OSS Realtime scan";
-
-        public static final String ACTIVATE_CONTAINER_REALTIME_SCANNER = "Activate Containers-Realtime";
-        public static final String CONTAINER_REALTIME_SCANNER = "Checkmarx Containers Realtime Scanner (Containers-Realtime)";
-        public static final String CONTAINER_REALTIME_SCANNER_START = "Realtime Containers Scanner Engine started";
-        public static final String CONTAINER_REALTIME_SCANNER_DISABLED = "Realtime Containers Scanner Engine disabled";
-        public static final String CONTAINER_REALTIME_SCANNER_DIRECTORY = "Cx-containers-realtime-scanner";
-        public static final String ERROR_CONTAINER_REALTIME_SCANNER = "Failed to handle Containers Realtime scan";
-
-        // Secrets Scanner Constants
-        public static final String ACTIVATE_SECRETS_REALTIME_SCANNER = "Activate Secrets-Realtime";
-        public static final String SECRETS_REALTIME_SCANNER = "Checkmarx Secrets Realtime Scanner (Secrets-Realtime)";
-        public static final String SECRETS_REALTIME_SCANNER_START = "Realtime Secrets Scanner Engine started";
-        public static final String SECRETS_REALTIME_SCANNER_DISABLED = "Realtime Secrets Scanner Engine disabled";
-        public static final String SECRETS_REALTIME_SCANNER_DIRECTORY = "Cx-secrets-realtime-scanner";
-        public static final String ERROR_SECRETS_REALTIME_SCANNER = "Failed to handle Secrets Realtime scan";
-
-        //Dev Assist Fixes Constants
-        public static final String FIX_WITH_CXONE_ASSIST = "Copy fix prompt";
-        public static final String VIEW_DETAILS_FIX_NAME = "View details";
-        public static final String IGNORE_THIS_VULNERABILITY_FIX_NAME = "Ignore this vulnerability";
-        public static final String IGNORE_ALL_OF_THIS_TYPE_FIX_NAME = "Ignore all of this type";
-
-        // Manifest file patterns constant
-        public static final List<String> MANIFEST_FILE_PATTERNS = List.of(
-                "**/Directory.Packages.props",
-                "**/packages.config",
-                "**/pom.xml",
-                "**/package.json",
-                "**/requirements.txt",
-                "**/go.mod",
-                "**/*.csproj"
-        );
-
-        public static final List<String> CONTAINERS_FILE_PATTERNS = List.of(
-                "**/dockerfile",
-                "**/dockerfile-*",
-                "**/dockerfile.*",
-                "**/docker-compose.yml",
-                "**/docker-compose.yaml",
-                "**/docker-compose-*.yml",
-                "**/docker-compose-*.yaml"
-        );
-
-        public static final List<String> CONTAINER_HELM_EXTENSION = List.of("yml",
-                "yaml");
-
-
-        public static final List<String> CONTAINER_HELM_EXCLUDED_FILES = List.of("chart.yml",
-                "chart.yaml");
-
-        // Container filetype constants
-
-        public static final String DOCKERFILE = "dockerfile";
-        public static final String DOCKER_COMPOSE = "docker-compose";
-        public static final String HELM = "helm";
-        public static final String UNKNOWN = "unknown";
-
-        //Container Image description constants
-        public static final String MALICIOUS_RISK_CONTAINER = "Malicious-risk container image";
-        public static final String CRITICAL_RISK_CONTAINER = "Critical-risk container image";
-        public static final String HIGH_RISK_CONTAINER = "High-risk container image";
-        public static final String MEDIUM_RISK_CONTAINER = "Medium-risk container imagee";
-        public static final String LOW_RISK_CONTAINER = "Low-risk container image";
-
-
-        //Tooltip description constants
-        public static final String RISK_PACKAGE = "risk package";
-        public static final String SEVERITY_PACKAGE = "Severity Package";
-        public static final String PACKAGE_DETECTED = "package detected";
-        public static final String THEME = "THEME";
-        // Dev Assist Remediation
-        public static final String CX_AGENT_NAME = "Checkmarx One Assist";
-        // Files generated by the agent (Copilot)
-        public static final List<String> AGENT_DUMMY_FILES = List.of("/Dummy.txt", "/");
-        public static final String RISK_IMAGE = "risk image";
-        public static final String SEVERITY_IMAGE = "Severity Image";
-        public static final String SEPERATOR = ":";
-    }
-
     /**
      * Constant class to hold image paths.
      */

src/main/java/com/checkmarx/intellij/Resource.java

@@ -150,7 +150,7 @@ public enum Resource {
     MCP_NOT_FOUND,
     MCP_INSTALL_ERROR,
     CHECKING_MCP_STATUS,
-    STARTING_CHECKMARX_OSS_SCAN,
+    STARTING_CHECKMARX_SCAN,
     FAILED_OSS_SCAN_INITIALIZATION,
     DEV_ASSIST_COPY_FIX_PROMPT,
     DEV_ASSIST_COPY_VIEW_DETAILS_PROMPT,