@@ -84,6 +84,38 @@ export function activate(context: vscode.ExtensionContext) {
8484 actions . push ( fix ) ;
8585 }
8686 }
87+ if ( code === 'COOKIE002' ) {
88+ const fix = new vscode . CodeAction ( 'Add HttpOnly; Secure to cookie' , vscode . CodeActionKind . QuickFix ) ;
89+ fix . edit = new vscode . WorkspaceEdit ( ) ;
90+ const lineText = document . lineAt ( range . start . line ) . text ;
91+ // Append flags before closing quote/paren if not present
92+ let replaced = lineText ;
93+ if ( ! / H t t p O n l y / i. test ( replaced ) ) replaced = replaced . replace ( / ( [ ' " ] ) \s * \) \s * ; ? $ / , '; HttpOnly$1)' ) ;
94+ if ( ! / S e c u r e / i. test ( replaced ) ) replaced = replaced . replace ( / ( [ ' " ] ) \s * \) \s * ; ? $ / , '; Secure$1)' ) ;
95+ fix . edit . replace (
96+ document . uri ,
97+ new vscode . Range ( new vscode . Position ( range . start . line , 0 ) , new vscode . Position ( range . start . line , lineText . length ) ) ,
98+ replaced
99+ ) ;
100+ fix . diagnostics = [ diag ] ;
101+ actions . push ( fix ) ;
102+ }
103+ if ( code === 'LOG001' ) {
104+ const fix = new vscode . CodeAction ( 'Redact secret in console log' , vscode . CodeActionKind . QuickFix ) ;
105+ fix . edit = new vscode . WorkspaceEdit ( ) ;
106+ const lineText = document . lineAt ( range . start . line ) . text ;
107+ const redacted = lineText
108+ . replace ( / s k - [ A - Z a - z 0 - 9 _ - ] { 8 , } / g, 'sk-********' )
109+ . replace ( / e y J [ A - Z a - z 0 - 9 . _ - ] { 20 , } / g, 'eyJ********' )
110+ . replace ( / A K I A [ 0 - 9 A - Z ] { 16 } / g, 'AKIA**************' ) ;
111+ fix . edit . replace (
112+ document . uri ,
113+ new vscode . Range ( new vscode . Position ( range . start . line , 0 ) , new vscode . Position ( range . start . line , lineText . length ) ) ,
114+ redacted
115+ ) ;
116+ fix . diagnostics = [ diag ] ;
117+ actions . push ( fix ) ;
118+ }
87119 }
88120 return actions ;
89121 }
0 commit comments