formatters:chore - normalize not found files warn message

Previously the warning messages of files that was not found to execute
an analysis was different between formatters, and also the prefix
{HORUSEC_CLI} was being added on the middle of the message and not the
start.

This commit normalize these messages to have the same content for all
formatters and the {HORUSEC_CLI} prefix was fixed by adding on the start
of the message like all other log messages. A strings.ReplaceAll was
also added to remove the `;` suffix on these warning messages since
the commit 345c748 change these messages from errors to warnings (
strings.ReplaceAll already exists to remove `;`from error messages).

Signed-off-by: Matheus Alcantara <matheus.alcantara@zup.com.br>

internal/controllers/analyzer/analyzer.go

@@ -438,7 +438,7 @@ func (a *Analyzer) removeWarningsFromErrors() {
 
 	for _, err := range strings.SplitAfter(a.analysis.Errors, ";") {
 		if a.isWarning(err) {
-			a.analysis.AddWarning(err)
+			a.analysis.AddWarning(strings.ReplaceAll(err, ";", ""))
 		} else {
 			errors += err
 		}
@@ -449,7 +449,7 @@ func (a *Analyzer) removeWarningsFromErrors() {
 
 // isWarning workaround to check if the message it's form a warning until the formatters are refactored
 func (a *Analyzer) isWarning(err string) bool {
-	return strings.Contains(err, messages.MsgErrorPacketJSONNotFound) ||
+	return strings.Contains(err, messages.MsgErrorPackageLockJSONNotFound) ||
 		strings.Contains(err, messages.MsgErrorYarnLockNotFound) ||
 		strings.Contains(err, messages.MsgErrorGemLockNotFound) ||
 		strings.Contains(err, messages.MsgErrorNotFoundRequirementsTxt) ||

internal/helpers/messages/error.go

@@ -26,21 +26,14 @@ const (
 	MsgVulnerabilityTypeToShowInvalid           = "{HORUSEC_CLI} Error on validate vulnerability type is wrong type: "
 	MsgErrorRunToolInDocker                     = "{HORUSEC_CLI} Error to execute tool %s | analysisID -> %s | output -> %s"
 	MsgErrorInvalidWorkDir                      = "{HORUSEC_CLI} Workdir is nil! Check the configuration and try again"
-	MsgErrorParseStringToToolsConfig            = "{HORUSEC_CLI} Error when try parse tools config string to entity. " +
-		"Returning default values"
-	MsgErrorNotFoundRequirementsTxt = "{HORUSEC_CLI} Error The file requirements.txt not found in python project to " +
-		"start analysis. It would be a good idea to commit it so horusec can check for vulnerabilities"
-	MsgErrorPacketJSONNotFound = "{HORUSEC_CLI} Error It looks like your project doesn't have a package-lock.json " +
-		"file. If you use NPM to handle your dependencies, it would be a good idea to commit it so horusec can check " +
-		"for vulnerabilities"
-	MsgErrorYarnLockNotFound = "{HORUSEC_CLI} Error It looks like your project doesn't have a yarn.lock file. " +
-		"If you use Yarn to handle your dependencies, it would be a good idea to commit it so horusec " +
-		"can check for vulnerabilities"
-	MsgErrorYarnProcess     = "{HORUSEC_CLI} Error Yarn returned an error: "
-	MsgErrorGemLockNotFound = "{HORUSEC_CLI} Error It looks like your project doesn't have a gemfile.lock file, " +
-		"it would be a good idea to commit it so horusec can check for vulnerabilities"
-	MsgErrorGetFilenameByExt = "Could not get filename by extension: "
-	MsgErrorNancyRateLimit   = `{HORUSEC_CLI} Nancy tool failed to query the GitHub API for updates.
+	MsgErrorParseStringToToolsConfig            = "{HORUSEC_CLI} Error when try parse tools config string to entity. Returning default values"
+	MsgErrorNotFoundRequirementsTxt             = "The file requirements.txt was not found in your Python project. It would be a good idea to commit it so Horusec can check for vulnerabilities"
+	MsgErrorPackageLockJSONNotFound             = "The file package-lock.json was not found in your Javascript project. If you use NPM to handle your dependencies, it would be a good idea to commit it so Horusec can check for vulnerabilities"
+	MsgErrorYarnLockNotFound                    = "The file yarn.lock file was not found in your Javascript project. If you use Yarn to handle your dependencies, it would be a good idea to commit it so Horusec can check for vulnerabilities"
+	MsgErrorYarnProcess                         = "{HORUSEC_CLI} Yarn returned an error: "
+	MsgErrorGemLockNotFound                     = "The file gemfile.lock wast not found in your Ruby project. It would be a good idea to commit it so Horusec can check for vulnerabilities"
+	MsgErrorGetFilenameByExt                    = "Could not get filename by extension: "
+	MsgErrorNancyRateLimit                      = `{HORUSEC_CLI} Nancy tool failed to query the GitHub API for updates.
 This is most likely due to GitHub rate-limiting on unauthenticated requests.
 To make authenticated requests please:
   1. Generate a token at https://github.com/settings/tokens

internal/services/formatters/javascript/npmaudit/formatter.go

@@ -93,7 +93,7 @@ func (f *Formatter) parseOutput(containerOutput, projectSubPath string) error {
 
 func (f *Formatter) IsNotFoundError(containerOutput string) error {
 	if strings.Contains(containerOutput, "ERROR_PACKAGE_LOCK_NOT_FOUND") {
-		return errors.New(messages.MsgErrorPacketJSONNotFound)
+		return errors.New(messages.MsgErrorPackageLockJSONNotFound)
 	}
 
 	return nil

internal/services/formatters/service.go

@@ -126,9 +126,9 @@ func (s *Service) addAnalysisError(tool tools.Tool, err error) {
 	if err != nil {
 		buf := bytes.NewBufferString("")
 		if len(s.analysis.Errors) > 0 {
-			fmt.Fprintf(buf, "; ")
+			fmt.Fprintf(buf, ";")
 		}
-		fmt.Fprintf(buf, "Error while running tool %s: %v", tool, err)
+		fmt.Fprintf(buf, "{HORUSEC_CLI} Error while running tool %s: %v", tool, err)
 		s.analysis.Errors += buf.String()
 	}
 }