Skip to content

Show gutter icon only on first line of multi-line ignored secrets (AST-128760) #1345

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
cx-rahul-pidde wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Show gutter icon only on first line of multi-line ignored secrets (AST-128760) #1345

cx-rahul-pidde wants to merge 2 commits into from

Conversation

@cx-rahul-pidde
Copy link
Contributor

@cx-rahul-pidde cx-rahul-pidde commented Jan 7, 2026
edited
Loading

PR Description

🐛 Problem

When ignoring multi-line secrets (e.g., RSA private keys, AWS credentials), the ignored gutter icon was appearing on every line of the secret, creating visual clutter and inconsistent behavior.

Example of the issue:

🔕 PRIVATE_KEY = """
🔕 -----BEGIN RSA PRIVATE KEY-----
🔕 MIIEpAIBAAKCAQEA7v8wF+SECRETKEYEXAMPLE
🔕 -----END RSA PRIVATE KEY-----
🔕 """

✅ Solution

Modified the secrets scanner service to display the ignored gutter icon only on the first line of multi-line secrets, while preserving hover data for all lines.

After the fix:

🔕 PRIVATE_KEY = """
   -----BEGIN RSA PRIVATE KEY-----
   MIIEpAIBAAKCAQEA7v8wF+SECRETKEYEXAMPLE
   -----END RSA PRIVATE KEY-----
   """

🔧 Changes Made

File: src/realtimeScanners/scanners/secrets/secretsScannerService.ts

  • Lines 128-160: Modified ignored decoration logic
    • Changed from creating decorations for all lines to only the first line
    • Ensures consistency with non-ignored secrets behavior (which also only show icons on the first line)

Follows VS Code conventions*: Gutter icons typically appear once per issue

🧪 Testing

Manual Testing:

  1. Open a file with a multi-line secret (e.g., RSA private key)
  2. Ignore the secret using the code action or AI chat
  3. Verify the ignored icon appears only on the first line
  4. Hover over any line of the secret to verify hover data is preserved

Test Cases

Test Case 1: Multi-line RSA Private Key - Ignored

Preconditions:

  • Secrets scanner is enabled
  • File contains a multi-line RSA private key

Test Data:

PRIVATE_KEY = """
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA7v8wF+SECRETKEYEXAMPLE+QIDAQABAoIBAQC0
-----END RSA PRIVATE KEY-----
"""

Steps:

  1. Open the file in VS Code
  2. Wait for secrets scanner to detect the secret
  3. Right-click on the secret → "Ignore this secret"
  4. Observe the gutter icons

Expected Result:

  • ✅ Ignored icon (🔕) appears only on the first line (PRIVATE_KEY = """)
  • ✅ No icons on lines 2-5
  • ✅ Hovering over any line shows the ignored secret details

Actual Result (Before Fix):

  • ❌ Ignored icon appears on all 5 lines

Test Case 2: Single-line Secret - Ignored

Test Data:

API_KEY = "ghp_1234567890abcdef1234567890abcdef12345678"

Steps:

  1. Open the file
  2. Ignore the secret
  3. Observe the gutter icon

Expected Result:

  • ✅ Ignored icon appears on the single line
  • ✅ Behavior unchanged from before

@cx-plugins-releases cx-plugins-releases added the bug Something isn't working label Jan 7, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Jan 7, 2026

Logo
Checkmarx One – Scan Summary & Details7bf9a7e0-b096-4f76-89a3-e47d74b50c04

Great job! No new security vulnerabilities introduced in this pull request

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cx-margarita-levitm cx-margarita-levitm cx-margarita-levitm left review comments

@cx-anurag-dalke cx-anurag-dalke Awaiting requested review from cx-anurag-dalke

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cx-rahul-pidde @cx-margarita-levitm @cx-plugins-releases