From a136bd1dbd52bcde150d9b9bd5d65946041bc790 Mon Sep 17 00:00:00 2001 From: elchananarb <110327842+cx-elchanan-arbiv@users.noreply.github.com> Date: Wed, 11 Jun 2025 09:25:38 +0300 Subject: [PATCH 1/5] Update CxOssResult to support multiple locations per package --- src/main/oss/CxOss.ts | 37 +++++++++++++++++++++++-------------- 1 file changed, 23 insertions(+), 14 deletions(-) diff --git a/src/main/oss/CxOss.ts b/src/main/oss/CxOss.ts index 6b49bde1..fe78a40f 100644 --- a/src/main/oss/CxOss.ts +++ b/src/main/oss/CxOss.ts @@ -1,14 +1,17 @@ import { CxManifestStatus } from './CxManifestStatus'; +export interface Location { + line: number; + startIndex: number; + endIndex: number; +} + export default class CxOssResult { packageManager: string; packageName: string; version: string; filepath: string; - lineStart: number; - lineEnd: number; - startIndex: number; - endIndex: number; + locations: Location[]; status: CxManifestStatus; vulnerabilities: { cve: string, description: string, severity: string }[]; @@ -20,12 +23,15 @@ export default class CxOssResult { const ossResult = new CxOssResult(); ossResult.packageManager = member.PackageManager; ossResult.packageName = member.PackageName; - ossResult.version = member.PackageVersion; + ossResult.version = member.Version; ossResult.filepath = member.FilePath; - ossResult.lineStart = member.LineStart; - ossResult.lineEnd = member.LineEnd; - ossResult.startIndex = member.StartIndex; - ossResult.endIndex = member.EndIndex; + ossResult.locations = Array.isArray(member.Locations) + ? member.Locations.map((loc: any) => ({ + line: loc.Line, + startIndex: loc.StartIndex, + endIndex: loc.EndIndex + })) + : []; ossResult.status = member.Status as CxManifestStatus; ossResult.vulnerabilities = Array.isArray(member.Vulnerabilities) ? member.Vulnerabilities.map((vul: any) => ({ @@ -40,12 +46,15 @@ export default class CxOssResult { const ossResult = new CxOssResult(); ossResult.packageManager = packages.PackageManager; ossResult.packageName = packages.PackageName; - ossResult.version = packages.PackageVersion; + ossResult.version = packages.Version; ossResult.filepath = packages.FilePath; - ossResult.lineStart = packages.LineStart; - ossResult.lineEnd = packages.LineEnd; - ossResult.startIndex = packages.StartIndex; - ossResult.endIndex = packages.EndIndex; + ossResult.locations = Array.isArray(packages.Locations) + ? packages.Locations.map((loc: any) => ({ + line: loc.Line, + startIndex: loc.StartIndex, + endIndex: loc.EndIndex + })) + : []; ossResult.status = packages.Status as CxManifestStatus; ossResult.vulnerabilities = Array.isArray(packages.Vulnerabilities) ? packages.Vulnerabilities.map((vul: any) => ({ From ef4196d3e27e11160da7036a27dc308e618be0d7 Mon Sep 17 00:00:00 2001 From: elchananarb <110327842+cx-elchanan-arbiv@users.noreply.github.com> Date: Wed, 11 Jun 2025 10:33:38 +0300 Subject: [PATCH 2/5] rm skip from test for oss --- src/tests/ScanTest.test.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/tests/ScanTest.test.ts b/src/tests/ScanTest.test.ts index 0c9221d7..84f99a3a 100644 --- a/src/tests/ScanTest.test.ts +++ b/src/tests/ScanTest.test.ts @@ -174,7 +174,7 @@ describe("ScanCreate cases", () => { expect(typeof scanObject.scanDetails[0].description).toBe('string'); }); - it.skip('ScanOss Successful case', async () => { + it('ScanOss Successful case', async () => { const wrapper = new CxWrapper(cxScanConfig); const cxCommandOutput: CxCommandOutput = await wrapper.ossScanResults("tsc/tests/data/package.json"); console.log("Json object from scanOSS successful case: " + JSON.stringify(cxCommandOutput)); @@ -182,7 +182,7 @@ describe("ScanCreate cases", () => { expect(cxCommandOutput.exitCode).toBe(0); }); - it.skip('ScanSecrets Successful case', async () => { + it('ScanSecrets Successful case', async () => { const wrapper = new CxWrapper(cxScanConfig); const cxCommandOutput: CxCommandOutput = await wrapper.secretsScanResults("tsc/tests/data/secret-exposed.txt"); console.log("Json object from scanOSS successful case: " + JSON.stringify(cxCommandOutput)); From 81ad45b0b40d6f7e83309daa2cdbb4f05bd9cedd Mon Sep 17 00:00:00 2001 From: elchananarb <110327842+cx-elchanan-arbiv@users.noreply.github.com> Date: Wed, 11 Jun 2025 10:44:59 +0300 Subject: [PATCH 3/5] Update ScanTest.test.ts --- src/tests/ScanTest.test.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/tests/ScanTest.test.ts b/src/tests/ScanTest.test.ts index 84f99a3a..d4b3e439 100644 --- a/src/tests/ScanTest.test.ts +++ b/src/tests/ScanTest.test.ts @@ -182,7 +182,7 @@ describe("ScanCreate cases", () => { expect(cxCommandOutput.exitCode).toBe(0); }); - it('ScanSecrets Successful case', async () => { + it.skip('ScanSecrets Successful case', async () => { const wrapper = new CxWrapper(cxScanConfig); const cxCommandOutput: CxCommandOutput = await wrapper.secretsScanResults("tsc/tests/data/secret-exposed.txt"); console.log("Json object from scanOSS successful case: " + JSON.stringify(cxCommandOutput)); From ebbfb660d34e9ee2d4da4c18ae1e46675720cd4a Mon Sep 17 00:00:00 2001 From: elchananarb <110327842+cx-elchanan-arbiv@users.noreply.github.com> Date: Wed, 11 Jun 2025 16:03:44 +0300 Subject: [PATCH 4/5] fix version --- package-lock.json | 4 ++-- package.json | 2 +- src/main/oss/CxOss.ts | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index df486a05..72b884d2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "@CheckmarxDev/ast-cli-javascript-wrapper", - "version": "0.0.131", + "version": "0.0.132", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "@CheckmarxDev/ast-cli-javascript-wrapper", - "version": "0.0.131", + "version": "0.0.132", "license": "ISC", "dependencies": { "log4js": "^6.9.1" diff --git a/package.json b/package.json index 5dbaecb9..c68a7ad2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@CheckmarxDev/ast-cli-javascript-wrapper", - "version": "0.0.131", + "version": "0.0.132", "description": "AST CLI Javascript wrapper", "main": "dist/main/wrapper/CxWrapper.js", "typings": "dist/main/wrapper/CxWrapper.d.ts", diff --git a/src/main/oss/CxOss.ts b/src/main/oss/CxOss.ts index fe78a40f..104b77ba 100644 --- a/src/main/oss/CxOss.ts +++ b/src/main/oss/CxOss.ts @@ -23,7 +23,7 @@ export default class CxOssResult { const ossResult = new CxOssResult(); ossResult.packageManager = member.PackageManager; ossResult.packageName = member.PackageName; - ossResult.version = member.Version; + ossResult.version = member.PackageVersion; ossResult.filepath = member.FilePath; ossResult.locations = Array.isArray(member.Locations) ? member.Locations.map((loc: any) => ({ @@ -46,7 +46,7 @@ export default class CxOssResult { const ossResult = new CxOssResult(); ossResult.packageManager = packages.PackageManager; ossResult.packageName = packages.PackageName; - ossResult.version = packages.Version; + ossResult.version = packages.PackageVersion; ossResult.filepath = packages.FilePath; ossResult.locations = Array.isArray(packages.Locations) ? packages.Locations.map((loc: any) => ({ From 47cdcd3319062aaf2b042e233cd5ac7367794c54 Mon Sep 17 00:00:00 2001 From: elchananarb <110327842+cx-elchanan-arbiv@users.noreply.github.com> Date: Wed, 11 Jun 2025 16:09:32 +0300 Subject: [PATCH 5/5] update version --- src/main/oss/CxOss.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/main/oss/CxOss.ts b/src/main/oss/CxOss.ts index fe78a40f..104b77ba 100644 --- a/src/main/oss/CxOss.ts +++ b/src/main/oss/CxOss.ts @@ -23,7 +23,7 @@ export default class CxOssResult { const ossResult = new CxOssResult(); ossResult.packageManager = member.PackageManager; ossResult.packageName = member.PackageName; - ossResult.version = member.Version; + ossResult.version = member.PackageVersion; ossResult.filepath = member.FilePath; ossResult.locations = Array.isArray(member.Locations) ? member.Locations.map((loc: any) => ({ @@ -46,7 +46,7 @@ export default class CxOssResult { const ossResult = new CxOssResult(); ossResult.packageManager = packages.PackageManager; ossResult.packageName = packages.PackageName; - ossResult.version = packages.Version; + ossResult.version = packages.PackageVersion; ossResult.filepath = packages.FilePath; ossResult.locations = Array.isArray(packages.Locations) ? packages.Locations.map((loc: any) => ({