feat: add finding details actions

Author: bsamuels453

README.md

@@ -89,6 +89,7 @@ You can quickly navigate through all partially audited regions in your workspace
 
 You can fill detailed information about a finding by clicking on it in the _List of Findings_ view in the sidebar. The respective _Finding Details_ panel will open, where you can fill the information.
 The panel also shows a read-only provenance field (defaulting to "human").
+The action buttons at the top let you triage findings (True/False Positive), resolve notes, or open a GitHub issue.
 
 ![Finding Details](media/readme/finding_details.png)
 
@@ -106,7 +107,7 @@ You can add multiple regions to a single finding or note. Once you select the co
 
 ### Resolve and Restore
 
-Notes can be resolved from the _List of Findings_ panel. Findings are triaged instead: mark them as `True Positive` or `False Negative` from the same panel. Resolved notes and triaged findings are no longer highlighted in the editor but remain visible in the _Resolved Findings_ panel with a status badge. You can restore any resolved entry by clicking the corresponding `Restore` button in the _Resolved Findings_ panel.
+Notes can be resolved from the _List of Findings_ panel. Findings are triaged instead: mark them as `True Positive` or `False Positive` from the same panel. Resolved notes and triaged findings are no longer highlighted in the editor but remain visible in the _Resolved Findings_ panel with a status badge. You can restore any resolved entry by clicking the corresponding `Restore` button in the _Resolved Findings_ panel.
 
 ![Resolve and Restore](media/readme/gifs/resolve_finding.gif)
 

media/style.css

@@ -12,6 +12,13 @@
     flex: 1;
 }
 
+.detailsActions {
+    display: flex;
+    flex-wrap: wrap;
+    gap: 0.5em;
+    padding-bottom: 1em;
+}
+
 vscode-dropdown,
 vscode-text-area,
 vscode-text-field {

package.json

@@ -150,8 +150,8 @@
                 "icon": "$(check)"
             },
             {
-                "command": "weAudit.markFalseNegative",
-                "title": "Mark False Negative",
+                "command": "weAudit.markFalsePositive",
+                "title": "Mark False Positive",
                 "icon": "$(close)"
             },
             {
@@ -329,7 +329,7 @@
                     "when": "false"
                 },
                 {
-                    "command": "weAudit.markFalseNegative",
+                    "command": "weAudit.markFalsePositive",
                     "when": "false"
                 },
                 {
@@ -459,7 +459,7 @@
                     "group": "inline@5"
                 },
                 {
-                    "command": "weAudit.markFalseNegative",
+                    "command": "weAudit.markFalsePositive",
                     "when": "view == codeMarker && viewItem == finding",
                     "group": "inline@6"
                 },

src/codeMarker.ts

@@ -1759,8 +1759,13 @@ export class CodeMarker implements vscode.TreeDataProvider<TreeEntry> {
             this.markTruePositive(node);
         });
 
+        vscode.commands.registerCommand("weAudit.markFalsePositive", (node: FullEntry) => {
+            this.markFalsePositive(node);
+        });
+
+        // Legacy alias for backward compatibility.
         vscode.commands.registerCommand("weAudit.markFalseNegative", (node: FullEntry) => {
-            this.markFalseNegative(node);
+            this.markFalsePositive(node);
         });
 
         vscode.commands.registerCommand("weAudit.deleteFinding", (node: FullEntry) => {
@@ -2953,7 +2958,7 @@ export class CodeMarker implements vscode.TreeDataProvider<TreeEntry> {
     resolveFinding(entry: FullEntry): void {
         // Notes can be resolved; findings must be triaged as TP/FN.
         if (entry.entryType !== EntryType.Note) {
-            vscode.window.showInformationMessage("Findings cannot be resolved. Mark them as True Positive or False Negative instead.");
+            vscode.window.showInformationMessage("Findings cannot be resolved. Mark them as True Positive or False Positive instead.");
             return;
         }
         this.applyEntryResolution(entry, EntryResolution.Resolved, true);
@@ -2976,13 +2981,13 @@ export class CodeMarker implements vscode.TreeDataProvider<TreeEntry> {
      * Marks a finding as a false negative and moves it to the resolved entries list.
      * @param entry the finding to mark.
      */
-    private markFalseNegative(entry: FullEntry): void {
-        // Findings only: use FN to close the entry.
+    private markFalsePositive(entry: FullEntry): void {
+        // Findings only: use FP to close the entry.
         if (entry.entryType !== EntryType.Finding) {
-            vscode.window.showInformationMessage("Only findings can be marked as False Negative.");
+            vscode.window.showInformationMessage("Only findings can be marked as False Positive.");
             return;
         }
-        this.applyEntryResolution(entry, EntryResolution.FalseNegative, true);
+        this.applyEntryResolution(entry, EntryResolution.FalsePositive, true);
     }
 
     /**
@@ -2999,7 +3004,7 @@ export class CodeMarker implements vscode.TreeDataProvider<TreeEntry> {
             return;
         }
 
-        if (resolution === EntryResolution.Open || resolution === EntryResolution.TruePositive || resolution === EntryResolution.FalseNegative) {
+        if (resolution === EntryResolution.Open || resolution === EntryResolution.TruePositive || resolution === EntryResolution.FalsePositive) {
             return resolution;
         }
         return;
@@ -3680,9 +3685,14 @@ export class CodeMarker implements vscode.TreeDataProvider<TreeEntry> {
             }
 
             // Legacy resolved findings default to Unclassified unless already triaged.
+            const resolutionValue = String(entry.details.resolution);
+            if (resolutionValue === "False Negative") {
+                entry.details.resolution = EntryResolution.FalsePositive;
+            }
+
             if (
                 entry.details.resolution !== EntryResolution.TruePositive &&
-                entry.details.resolution !== EntryResolution.FalseNegative &&
+                entry.details.resolution !== EntryResolution.FalsePositive &&
                 entry.details.resolution !== EntryResolution.Unclassified
             ) {
                 entry.details.resolution = EntryResolution.Unclassified;

src/panels/findingDetails.html

@@ -1,4 +1,13 @@
 <div id="container-div">
+    <div class="detailsActions" id="finding-actions">
+        <vscode-button id="action-mark-true-positive">Mark True Positive</vscode-button>
+        <vscode-button id="action-mark-false-positive">Mark False Positive</vscode-button>
+        <vscode-button id="action-open-github-issue">Open Github Issue</vscode-button>
+    </div>
+    <div class="detailsActions" id="note-actions">
+        <vscode-button id="action-resolve-note">Resolve</vscode-button>
+        <vscode-button id="action-open-github-issue-note">Open Github Issue</vscode-button>
+    </div>
     <div class="detailsDiv">
         <span class="detailSpan">Title:</span>
         <vscode-text-field id="label-area"></vscode-text-field>
@@ -13,7 +22,7 @@
         <vscode-dropdown position="below" id="resolution-finding-dropdown">
             <vscode-option>Open</vscode-option>
             <vscode-option>True Positive</vscode-option>
-            <vscode-option>False Negative</vscode-option>
+            <vscode-option>False Positive</vscode-option>
         </vscode-dropdown>
     </div>
 

src/panels/findingDetailsPanel.ts

@@ -133,6 +133,23 @@ class FindingDetailsProvider implements vscode.WebviewViewProvider {
                     case "update-entry":
                         vscode.commands.executeCommand("weAudit.updateCurrentSelectedEntry", message.field, message.value, message.isPersistent);
                         return;
+                    case "details-action": {
+                        switch (message.action) {
+                            case "mark-true-positive":
+                                vscode.commands.executeCommand("weAudit.updateCurrentSelectedEntry", "resolution", "True Positive", true);
+                                return;
+                            case "mark-false-positive":
+                                vscode.commands.executeCommand("weAudit.updateCurrentSelectedEntry", "resolution", "False Positive", true);
+                                return;
+                            case "resolve-note":
+                                vscode.commands.executeCommand("weAudit.updateCurrentSelectedEntry", "resolution", "Resolved", true);
+                                return;
+                            case "open-github-issue":
+                                vscode.commands.executeCommand("weAudit.openGithubIssueFromDetails");
+                                return;
+                        }
+                        return;
+                    }
                     case "webview-ready":
                         // When the webview reports it's ready, update with current data
                         vscode.commands.executeCommand("weAudit.showSelectedEntryInFindingDetails");

src/resolvedFindings.ts

@@ -16,8 +16,9 @@ function getResolutionBadge(entry: FullEntry): string {
     if (entry.details?.resolution === EntryResolution.TruePositive) {
         return "TP";
     }
-    if (entry.details?.resolution === EntryResolution.FalseNegative) {
-        return "FN";
+    const resolutionValue = String(entry.details?.resolution);
+    if (resolutionValue === "False Positive" || resolutionValue === "False Negative") {
+        return "FP";
     }
     if (entry.details?.resolution === EntryResolution.Unclassified) {
         return "UNCLASSIFIED";

src/types.ts

@@ -21,7 +21,7 @@ export enum EntryResolution {
     Open = "Open",
     Resolved = "Resolved",
     TruePositive = "True Positive",
-    FalseNegative = "False Negative",
+    FalsePositive = "False Positive",
     Unclassified = "Unclassified",
 }
 
@@ -197,7 +197,10 @@ function validateEntryDetails(entryDetails: EntryDetails): boolean {
             typeof entryDetails.provenance.created === "string" &&
             (typeof entryDetails.provenance.campaign === "string" || entryDetails.provenance.campaign === null) &&
             typeof entryDetails.provenance.commitHash === "string");
-    const resolutionValid = entryDetails.resolution === undefined || isEntryResolution(entryDetails.resolution);
+    const resolutionValid =
+        entryDetails.resolution === undefined ||
+        isEntryResolution(entryDetails.resolution) ||
+        entryDetails.resolution === "False Negative";
     return (
         entryDetails.severity !== undefined &&
         entryDetails.difficulty !== undefined &&
@@ -264,7 +267,7 @@ export function isEntryResolution(value: string | undefined): value is EntryReso
         value === EntryResolution.Open ||
         value === EntryResolution.Resolved ||
         value === EntryResolution.TruePositive ||
-        value === EntryResolution.FalseNegative ||
+        value === EntryResolution.FalsePositive ||
         value === EntryResolution.Unclassified
     );
 }

src/webview/findingDetailsMain.ts

@@ -1,13 +1,20 @@
 /* eslint-disable @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access */
-import { provideVSCodeDesignSystem, vsCodeDropdown, vsCodeTextArea, vsCodeOption, vsCodeTextField } from "@vscode/webview-ui-toolkit";
-import { TextArea, Dropdown, TextField } from "@vscode/webview-ui-toolkit";
-import { UpdateEntryMessage } from "./webviewMessageTypes";
+import {
+    provideVSCodeDesignSystem,
+    vsCodeDropdown,
+    vsCodeTextArea,
+    vsCodeOption,
+    vsCodeTextField,
+    vsCodeButton,
+} from "@vscode/webview-ui-toolkit";
+import { TextArea, Dropdown, TextField, Button } from "@vscode/webview-ui-toolkit";
+import { DetailsActionMessage, UpdateEntryMessage } from "./webviewMessageTypes";
 
 // In order to use all the Webview UI Toolkit web components they
 // must be registered with the browser (i.e. webview) using the
 // syntax below.
 // provideVSCodeDesignSystem().register(allComponents);
-provideVSCodeDesignSystem().register(vsCodeDropdown(), vsCodeTextArea(), vsCodeOption(), vsCodeTextField());
+provideVSCodeDesignSystem().register(vsCodeDropdown(), vsCodeTextArea(), vsCodeOption(), vsCodeTextField(), vsCodeButton());
 
 const vscode = acquireVsCodeApi();
 
@@ -26,6 +33,20 @@ function main(): void {
 
     const provenanceValue = document.getElementById("provenance-value") as HTMLSpanElement;
 
+    const findingActionsRow = document.getElementById("finding-actions") as HTMLDivElement;
+    const noteActionsRow = document.getElementById("note-actions") as HTMLDivElement;
+    const markTruePositiveButton = document.getElementById("action-mark-true-positive") as Button | null;
+    const markFalsePositiveButton = document.getElementById("action-mark-false-positive") as Button | null;
+    const openGithubIssueButton = document.getElementById("action-open-github-issue") as Button | null;
+    const resolveNoteButton = document.getElementById("action-resolve-note") as Button | null;
+    const openGithubIssueNoteButton = document.getElementById("action-open-github-issue-note") as Button | null;
+
+    registerActionButton(markTruePositiveButton, "mark-true-positive");
+    registerActionButton(markFalsePositiveButton, "mark-false-positive");
+    registerActionButton(openGithubIssueButton, "open-github-issue");
+    registerActionButton(resolveNoteButton, "resolve-note");
+    registerActionButton(openGithubIssueNoteButton, "open-github-issue");
+
     const resolutionFindingRow = document.getElementById("resolution-row-finding") as HTMLDivElement;
     const resolutionNoteRow = document.getElementById("resolution-row-note") as HTMLDivElement;
     const resolutionFindingDropdown = document.getElementById("resolution-finding-dropdown") as Dropdown;
@@ -66,6 +87,8 @@ function main(): void {
     containerDiv.style.display = "none";
     resolutionFindingRow.style.display = "none";
     resolutionNoteRow.style.display = "none";
+    findingActionsRow.style.display = "none";
+    noteActionsRow.style.display = "none";
 
     // handle the message inside the webview
     window.addEventListener("message", (event) => {
@@ -79,6 +102,8 @@ function main(): void {
                 setResolutionControls(
                     message.entryType as string | undefined,
                     message.resolution as string | undefined,
+                    findingActionsRow,
+                    noteActionsRow,
                     resolutionFindingRow,
                     resolutionNoteRow,
                     resolutionFindingDropdown,
@@ -98,6 +123,8 @@ function main(): void {
                 provenanceValue.textContent = "";
                 resolutionFindingRow.style.display = "none";
                 resolutionNoteRow.style.display = "none";
+                findingActionsRow.style.display = "none";
+                noteActionsRow.style.display = "none";
                 break;
         }
     });
@@ -109,15 +136,19 @@ function main(): void {
 function setResolutionControls(
     entryType: string | undefined,
     resolution: string | undefined,
+    findingActionsRow: HTMLDivElement,
+    noteActionsRow: HTMLDivElement,
     resolutionFindingRow: HTMLDivElement,
     resolutionNoteRow: HTMLDivElement,
     resolutionFindingDropdown: Dropdown,
     resolutionNoteDropdown: Dropdown,
 ): void {
     const isFinding = entryType === "finding";
-    const findingResolution = coerceResolutionValue(resolution, ["Open", "True Positive", "False Negative"], "Open");
+    const findingResolution = coerceResolutionValue(resolution, ["Open", "True Positive", "False Positive"], "Open");
     const noteResolution = coerceResolutionValue(resolution, ["Open", "Resolved"], "Open");
 
+    findingActionsRow.style.display = isFinding ? "flex" : "none";
+    noteActionsRow.style.display = isFinding ? "none" : "flex";
     resolutionFindingRow.style.display = isFinding ? "flex" : "none";
     resolutionNoteRow.style.display = isFinding ? "none" : "flex";
     resolutionFindingDropdown.value = findingResolution;
@@ -155,3 +186,26 @@ function handleFieldChange(e: Event, isPersistent: boolean): void {
     };
     vscode.postMessage(message);
 }
+
+/**
+ * Registers a button click listener that posts a details action message.
+ */
+function registerActionButton(button: Button | null, action: DetailsActionMessage["action"]): void {
+    if (!button) {
+        return;
+    }
+    button.addEventListener("click", () => {
+        postDetailsAction(action);
+    });
+}
+
+/**
+ * Posts a details action message to the extension host.
+ */
+function postDetailsAction(action: DetailsActionMessage["action"]): void {
+    const message: DetailsActionMessage = {
+        command: "details-action",
+        action: action,
+    };
+    vscode.postMessage(message);
+}

src/webview/webviewMessageTypes.ts

@@ -1,5 +1,6 @@
 export type WebviewMessage =
     | UpdateEntryMessage
+    | DetailsActionMessage
     | UpdateRepositoryMessage
     | UpdateSyncConfigMessage
     | SyncNowMessage
@@ -15,6 +16,11 @@ export interface UpdateEntryMessage {
     isPersistent: boolean;
 }
 
+export interface DetailsActionMessage {
+    command: "details-action";
+    action: "mark-true-positive" | "mark-false-positive" | "resolve-note" | "open-github-issue";
+}
+
 export interface UpdateRepositoryMessage {
     command: "update-repository-config";
     rootLabel: string;