Merge branch 'main' into feature/AST-133880

Author: cx-margarita-levitm

packages/checkmarx/CHANGELOG.md

@@ -1,5 +1,9 @@
 # CHANGELOG
 
+## [Checkmarx-v2.47.1-asca-location-dev.0](https://github.com/Checkmarx/ast-vscode-extension/releases/tag/Checkmarx-v2.47.1-asca-location-dev.0) - 2026-02-12 08:33:32
+
+*No description*
+
 ## [DevAssist-v1.1.1-mcp_fallnack_changes.0](https://github.com/Checkmarx/ast-vscode-extension/releases/tag/DevAssist-v1.1.1-mcp_fallnack_changes.0) - 2026-02-09 16:06:36
 
 <!-- Release notes generated using configuration in .github/release.yml at main -->

packages/checkmarx/README.md

@@ -211,8 +211,8 @@ This tool enables VS Code users to initiate SCA scans directly from their VS Cod
 
 We appreciate feedback and contribution to the VsCode extension! Before you get started, please see the following:
 
-- [Checkmarx contribution guidelines](https://github.com/Checkmarx/ast-vscode-extension/blob/packages/checkmarx/contributing.md)
-- [Checkmarx Code of Conduct](https://github.com/Checkmarx/ast-vscode-extension/blob/packages/checkmarx/code_of_conduct.md)
+- [Checkmarx contribution guidelines](https://github.com/Checkmarx/ast-vscode-extension/blob/HEAD/packages/checkmarx/contributing.md)
+- [Checkmarx Code of Conduct](https://github.com/Checkmarx/ast-vscode-extension/blob/HEAD/packages/checkmarx/code_of_conduct.md)
 
 <!-- LICENSE -->
 ## License

packages/checkmarx/package-lock.json

@@ -8,7 +8,7 @@
     "type": "git",
     "url": "https://github.com/Checkmarx/ast-vscode-extension.git"
   },
-  "homepage": "https://github.com/Checkmarx/ast-vscode-extension#readme",
+  "homepage": "https://github.com/Checkmarx/ast-vscode-extension/blob/main/packages/checkmarx/README.md",
   "bugs": {
     "url": "https://github.com/Checkmarx/ast-vscode-extension/issues"
   },
@@ -22,6 +22,19 @@
   "categories": [
     "Other"
   ],
+  "keywords": [
+    "AppSec",
+    "SAST",
+    "OSS",
+    "IaC",
+    "Secrets",
+    "Containers",
+    "Secure Coding",
+    "Developer Assist",
+    "Real-time Scanning",
+    "Kics",
+    "SCA"
+  ],
   "activationEvents": [
     "*"
   ],
@@ -1097,5 +1110,8 @@
     "mocha": "^10.8.2",
     "typescript": "^5.3.3",
     "vscode-extension-tester": "8.17.0"
+  },
+  "overrides": {
+    "@isaacs/brace-expansion": "5.0.1"
   }
-}
+}

packages/checkmarx/package.json

@@ -15,7 +15,7 @@
     "@checkmarx/ast-cli-javascript-wrapper": "0.0.151",
     "@popperjs/core": "^2.11.8",
     "@vscode/codicons": "^0.0.36",
-    "axios": "1.12.2",
+    "axios": "1.13.5",
     "dotenv": "^16.4.7",
     "https-proxy-agent": "^7.0.6",
     "jsonstream-ts": "^1.3.6",

packages/core/package-lock.json

@@ -79,16 +79,33 @@ function decodeJwt(apiKey: string): DecodedJwt | null {
 }
 
 function getMcpConfigPath(): string {
+	const homeDir = os.homedir();
+
 	if (isIDE(constants.cursorAgent)) {
-		const homeDir = os.homedir();
 		return path.join(homeDir, ".cursor", "mcp.json");
 	}
 	if (isIDE(constants.windsurfAgent)) {
-		return path.join(os.homedir(), ".codeium", "windsurf", "mcp_config.json");
+		return path.join(homeDir, ".codeium", "windsurf", "mcp_config.json");
 	}
 	if (isIDE(constants.kiroAgent)) {
-		return path.join(os.homedir(), ".kiro", "settings", "mcp.json");
+		return path.join(homeDir, ".kiro", "settings", "mcp.json");
 	}
+	// VSCode - platform specific paths
+	if (isIDE(constants.vsCodeAgentOrginalName)) {
+		const platform = process.platform;
+		if (platform === 'win32') {
+			// Windows: %APPDATA%\Code\User\mcp.json
+			const appData = process.env.APPDATA || path.join(homeDir, 'AppData', 'Roaming');
+			return path.join(appData, 'Code', 'User', 'mcp.json');
+		} else if (platform === 'darwin') {
+			// macOS: ~/Library/Application Support/Code/User/mcp.json
+			return path.join(homeDir, 'Library', 'Application Support', 'Code', 'User', 'mcp.json');
+		} else {
+			// Linux: ~/.config/Code/User/mcp.json
+			return path.join(homeDir, '.config', 'Code', 'User', 'mcp.json');
+		}
+	}
+	return path.join(homeDir, '.vscode', 'mcp.json');
 }
 
 async function updateMcpJsonFile(mcpServer: McpServer | KiroMcpServer): Promise<void> {
@@ -105,11 +122,18 @@ async function updateMcpJsonFile(mcpServer: McpServer | KiroMcpServer): Promise<
 		}
 	}
 
-	if (!mcpConfig.mcpServers) {
-		mcpConfig.mcpServers = {};
+	if (isIDE(constants.vsCodeAgentOrginalName)) {
+		if (!mcpConfig.servers) {
+			mcpConfig.servers = {};
+		}
+		mcpConfig.servers[getCheckmarxMcpServerName()] = mcpServer as McpServer;
+	}
+	else {
+		if (!mcpConfig.mcpServers) {
+			mcpConfig.mcpServers = {};
+		}
+		mcpConfig.mcpServers[getCheckmarxMcpServerName()] = mcpServer;
 	}
-
-	mcpConfig.mcpServers[getCheckmarxMcpServerName()] = mcpServer;
 
 	try {
 		const dir = path.dirname(mcpConfigPath);
@@ -123,25 +147,33 @@ async function updateMcpJsonFile(mcpServer: McpServer | KiroMcpServer): Promise<
 	}
 }
 
-export async function uninstallMcp() {
-	try {
-
-		if (!isIDE(constants.vsCodeAgentOrginalName)) {
-			// Handle Cursor, Windsurf and Kiro: Remove from mcp json file 
-			const mcpConfigPath = getMcpConfigPath();
+async function removeMcpFromJsonFile(): Promise<void> {
+	const mcpConfigPath = getMcpConfigPath();
 
-			if (!fs.existsSync(mcpConfigPath)) {
-				return;
-			}
+	if (!fs.existsSync(mcpConfigPath)) {
+		return;
+	}
 
-			const fileContent = fs.readFileSync(mcpConfigPath, "utf-8");
-			const mcpConfig: McpConfig = JSON.parse(fileContent);
+	const fileContent = fs.readFileSync(mcpConfigPath, "utf-8");
+	const mcpConfig: McpConfig = JSON.parse(fileContent);
 
-			if (mcpConfig.mcpServers && mcpConfig.mcpServers[getCheckmarxMcpServerName()]) {
-				delete mcpConfig.mcpServers[getCheckmarxMcpServerName()];
+	// Remove from mcpServers (for Cursor, Windsurf, Kiro)
+	if (mcpConfig.mcpServers && mcpConfig.mcpServers[getCheckmarxMcpServerName()]) {
+		delete mcpConfig.mcpServers[getCheckmarxMcpServerName()];
+		fs.writeFileSync(mcpConfigPath, JSON.stringify(mcpConfig, null, 2), "utf-8");
+	}
+	// Remove from servers (for VSCode fallback)
+	else if (mcpConfig.servers && mcpConfig.servers[getCheckmarxMcpServerName()]) {
+		delete mcpConfig.servers[getCheckmarxMcpServerName()];
+		fs.writeFileSync(mcpConfigPath, JSON.stringify(mcpConfig, null, 2), "utf-8");
+	}
+}
 
-				fs.writeFileSync(mcpConfigPath, JSON.stringify(mcpConfig, null, 2), "utf-8");
-			}
+export async function uninstallMcp() {
+	try {
+		if (!isIDE(constants.vsCodeAgentOrginalName)) {
+			// Handle Cursor, Windsurf and Kiro: Remove from mcp json file
+			await removeMcpFromJsonFile();
 		} else {
 			// Handle VSCode: Remove from settings
 			const config = vscode.workspace.getConfiguration();
@@ -151,11 +183,17 @@ export async function uninstallMcp() {
 				// Create a new object without the Checkmarx server to avoid proxy issues
 				const updatedServers = { ...existingServers };
 				delete updatedServers[getCheckmarxMcpServerName()];
-				await config.update(
-					"mcp",
-					{ servers: updatedServers },
-					vscode.ConfigurationTarget.Global
-				);
+				try {
+					await config.update(
+						"mcp",
+						{ servers: updatedServers },
+						vscode.ConfigurationTarget.Global
+					);
+				} catch (error) {
+					const errorMessage = error instanceof Error ? error.message : String(error);
+					console.warn(`Failed to update MCP server details. Using fallback mechanism to configure mcp server details. Error: ${errorMessage}`);
+					await removeMcpFromJsonFile();
+				}
 			}
 		}
 	} catch (error) {
@@ -229,11 +267,17 @@ export async function initializeMcpConfiguration(apiKey: string) {
 			const updatedServers = { ...existingServers };
 			updatedServers[getCheckmarxMcpServerName()] = mcpServer;
 
-			await config.update(
-				"mcp",
-				{ servers: updatedServers },
-				vscode.ConfigurationTarget.Global
-			);
+			try {
+				await config.update(
+					"mcp",
+					{ servers: updatedServers },
+					vscode.ConfigurationTarget.Global
+				);
+			} catch (error) {
+				const errorMessage = error instanceof Error ? error.message : String(error);
+				console.warn(`Failed to update MCP server details. Using fallback mechanism to configure mcp server details. Error: ${errorMessage}`);
+				await updateMcpJsonFile(mcpServer);
+			}
 		}
 
 		vscode.window.showInformationMessage("MCP configuration saved successfully.");

packages/core/package.json

@@ -37,7 +37,7 @@
   </ol>
 </details>
 
-> This document relates to the standalone ​**Checkmarx Developer Assist**​ extension. Checkmarx One customers with a Developer Assist license should use the ​[**Checkmarx**](https://marketplace.visualstudio.com/items?itemName=checkmarx.cx-dev-assist) extension, which has Developer Assist bundeled together with the Checkmarx One platform tool. <br>The two extensions are **mutually exclusive**, so that if you want to use this extension, you must **first ​uninstall**​​ the Checkmarx extension.
+> This document relates to the standalone ​**Checkmarx Developer Assist**​ extension. Checkmarx One customers with a Developer Assist license should use the ​[**Checkmarx**](https://marketplace.visualstudio.com/items?itemName=checkmarx.ast-results) extension, which has Developer Assist bundeled together with the Checkmarx One platform tool. <br>The two extensions are **mutually exclusive**, so that if you want to use this extension, you must **first ​uninstall**​​ the Checkmarx extension.
 ## Overview
 Checkmarx Developer Assist delivers context-aware security guidance directly within your IDE, helping prevent vulnerabilities before they reach the pipeline. As developers write or refine AI-generated and existing code, it provides real-time detection, remediation, and actionable insights—ensuring security is built in from the start.
 <br>

packages/core/src/services/mcpSettingsInjector.ts

@@ -8,20 +8,33 @@
     "type": "git",
     "url": "https://github.com/Checkmarx/ast-vscode-extension.git"
   },
-  "homepage": "https://github.com/Checkmarx/ast-vscode-extension#readme",
+  "homepage": "https://github.com/Checkmarx/ast-vscode-extension/blob/main/packages/project-ignite/README.md",
   "bugs": {
     "url": "https://github.com/Checkmarx/ast-vscode-extension/issues"
   },
   "icon": "media/icon.png",
   "engines": {
-    "vscode": "^1.63.0"
+    "vscode": "^1.100.0"
   },
   "extensionKind": [
     "workspace"
   ],
   "categories": [
     "Other"
   ],
+  "keywords": [
+    "AppSec",
+    "SAST",
+    "OSS",
+    "IaC",
+    "Secrets",
+    "Containers",
+    "Secure Coding",
+    "Developer Assist",
+    "Real-time Scanning",
+    "Kics",
+    "SCA"
+  ],
   "activationEvents": [
     "onView:cx-dev-assist.cxDevAssist",
     "onStartupFinished"
@@ -190,4 +203,4 @@
     "copyfiles": "2.4.1",
     "typescript": "^5.3.3"
   }
-}
+}