fix: ignore determination should rely on Status property and ensure IAW FF enabled (#330)

Author: ShawkyZ

.gitleaksignore

@@ -19,3 +19,7 @@ d5da1e7b3eb6676acca2021e4f3da07b1ff0d9a6:pkg/app/app_test.go:jwt:97
 5a4b6d6a75be3cbfc5122dd7d6d4ead5142b6429:pkg/app/app_test.go:jwt:95
 internal/auth/oauth_test.go:jwt:29
 d5da1e7b3eb6676acca2021e4f3da07b1ff0d9a6:pkg/auth/oauth_test.go:jwt:30
+6e8e7f338974aaf63b5974ceb29b76a1ee7867b6:internal/presenters/testdata/with-ignores-with-status.json:generic-api-key:539
+6e8e7f338974aaf63b5974ceb29b76a1ee7867b6:internal/presenters/testdata/with-ignores-with-status.json:generic-api-key:159
+6e8e7f338974aaf63b5974ceb29b76a1ee7867b6:internal/presenters/testdata/with-ignores-with-status.json:generic-api-key:224
+6e8e7f338974aaf63b5974ceb29b76a1ee7867b6:internal/presenters/testdata/with-ignores-with-status.json:generic-api-key:474

internal/presenters/__snapshots__/presenter_local_finding_test.snap

@@ -474,3 +474,61 @@ Open Issues
 
 
 ---
+
+[TestPresenterLocalFinding_IncludeIgnored_WithStatusProperty - 1]
+
+Testing /path/to/project ...
+
+Open Issues
+
+ ✗ [LOW] Hardcoded Secret
+   Path: test/service-tests/service-utils/knex.service-spec.ts, line 72
+   Info: Avoid hardcoding values that are meant to be secret. Found a hardcoded string used in here.
+
+ ✗ [LOW] Hardcoded Secret
+   Path: test/service-tests/service-utils/knex.service-spec.ts, line 76
+   Info: Avoid hardcoding values that are meant to be secret. Found a hardcoded string used in here.
+
+ ✗ [MEDIUM] Cleartext Transmission of Sensitive Information
+   Path: src/main.ts, line 59
+   Info: http.createServer uses HTTP which is an insecure protocol and should not be used in code due to cleartext transmission of information. Data in cleartext in a communication channel can be sniffed by unauthorized actors. Consider using the https module instead.
+
+ ✗ [HIGH] Hardcoded Secret
+   Path: scripts/db/migrations/20230811153738_add_generated_grouping_columns_to_collections_table.ts, line 4
+   Info: Avoid hardcoding values that are meant to be secret. Found a hardcoded string used in here.
+
+─────────────────────────────────────────────────────
+
+Ignored Issues
+
+ ! [ IGNORED ] [MEDIUM] Cleartext Transmission of Sensitive Information
+   Path: src/main.ts, line 58
+   Info: http.createServer uses HTTP which is an insecure protocol and should not be used in code due to cleartext transmission of information. Data in cleartext in a communication channel can be sniffed by unauthorized actors. Consider using the https module instead.
+
+   Expiration: 15 days
+   Category:   wont-fix
+   Ignored on: February 23, 2024
+   Ignored by: Neil M
+   Reason:     False positive
+
+
+
+💡 Tip
+
+   Ignores are currently managed in the Snyk Web UI.              
+   To edit or remove the ignore please go to: https://app.snyk.io/
+                                                                  
+
+╭────────────────────────────────────────────────────╮
+│ Test Summary                                       │
+│                                                    │
+│   Organization:      test-org                      │
+│   Test type:         Static code analysis          │
+│   Project path:      /path/to/project              │
+│                                                    │
+│   Total issues:   5                                │
+│   Ignored issues: 1 [ 0 HIGH  1 MEDIUM  0 LOW ]    │
+│   Open issues:    4 [ 1 HIGH  1 MEDIUM  2 LOW ]    │
+╰────────────────────────────────────────────────────╯
+    
+---

internal/presenters/funcs.go

@@ -12,10 +12,10 @@ import (
 
 	"github.com/charmbracelet/lipgloss"
 
-	"github.com/snyk/go-application-framework/internal/utils/sarif"
 	"github.com/snyk/go-application-framework/pkg/configuration"
 	"github.com/snyk/go-application-framework/pkg/local_workflows/local_models"
 	"github.com/snyk/go-application-framework/pkg/runtimeinfo"
+	"github.com/snyk/go-application-framework/pkg/utils/sarif"
 )
 
 func add(a, b int) int {

internal/presenters/presenter_local_finding_test.go

@@ -16,10 +16,10 @@ import (
 	"github.com/stretchr/testify/require"
 
 	"github.com/snyk/go-application-framework/internal/presenters"
-	sarif_utils "github.com/snyk/go-application-framework/internal/utils/sarif"
 	"github.com/snyk/go-application-framework/pkg/configuration"
 	localworkflows "github.com/snyk/go-application-framework/pkg/local_workflows"
 	"github.com/snyk/go-application-framework/pkg/local_workflows/local_models"
+	sarif_utils "github.com/snyk/go-application-framework/pkg/utils/sarif"
 )
 
 func sarifToLocalFinding(t *testing.T, filename string) (localFinding *local_models.LocalFinding, err error) {
@@ -231,6 +231,37 @@ func TestPresenterLocalFinding_IncludeIgnored(t *testing.T) {
 	snaps.MatchSnapshot(t, result)
 }
 
+func TestPresenterLocalFinding_IncludeIgnored_WithStatusProperty(t *testing.T) {
+	input, err := sarifToLocalFinding(t, "testdata/with-ignores-with-status.json")
+	require.Nil(t, err)
+
+	lipgloss.SetColorProfile(termenv.Ascii)
+	config := configuration.NewInMemory()
+	config.Set(configuration.ORGANIZATION_SLUG, "test-org")
+	config.Set(configuration.FLAG_INCLUDE_IGNORES, true)
+	writer := new(bytes.Buffer)
+
+	p := presenters.NewLocalFindingsRenderer(
+		[]*local_models.LocalFinding{input},
+		config,
+		writer,
+	)
+
+	err = p.RenderTemplate(presenters.DefaultTemplateFiles, presenters.DefaultMimeType)
+	result := writer.String()
+
+	require.Nil(t, err)
+
+	require.Contains(t, result, "Ignored Issues")
+	require.Contains(t, result, "[ IGNORED ] [MEDIUM]")
+	require.Contains(t, result, "src/main.ts, line 58")
+	require.Contains(t, result, "Ignores are currently managed in the Snyk Web UI.")
+	require.NotContains(t, result, "Empty ignore issues state")
+	require.NotContains(t, result, "To view ignored and open issues, use the --include-ignores option.pre")
+
+	snaps.MatchSnapshot(t, result)
+}
+
 func TestPresenterLocalFinding_IncludeIgnoredEmpty(t *testing.T) {
 	input, err := sarifToLocalFinding(t, "testdata/3-low-issues.json")
 	require.Nil(t, err)