diff --git a/CHANGELOG.md b/CHANGELOG.md index d471a9425..e9b198ef2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,10 @@ # Snyk Security Changelog -## [2.16.1] +## [2.17.0] - updated the language server protocol version to 13 to support delta findings. - added setting for choosing authentication method +- renamed vulnerabilities to issues +- only display DeepCode AI fix tree node when issues were found ## [2.16.0] - Reorganize settings page into categorized sections: diff --git a/package.json b/package.json index 063248ebf..910236447 100644 --- a/package.json +++ b/package.json @@ -3,7 +3,7 @@ "//": "Changing display name requires change in general.ts", "displayName": "Snyk Security", "version": "0.0.0", - "description": "Easily find and fix vulnerabilities in your code, open source dependencies, infrastructure as code configurations with fast and accurate scans.", + "description": "Easily find and fix issues in your code, open source dependencies, infrastructure as code configurations with fast and accurate scans.", "icon": "media/images/readme/snyk_extension_icon.png", "publisher": "snyk-security", "homepage": "https://snyk.io", @@ -113,21 +113,21 @@ "order": 1, "type": "boolean", "title": "Snyk Open Source security issues", - "description": "Find and fix open source vulnerabilities.", + "description": "Find and fix open source dependency issues.", "default": true }, "snyk.features.codeSecurity": { "order": 2, "type": "boolean", "title": "Snyk Code security issues", - "description": "Find and fix vulnerabilities in your application code in real time.", + "description": "Find and fix security issues in your application code in real time.", "default": true }, "snyk.features.codeQuality": { "order": 3, "type": "boolean", "title": "Snyk Code quality issues", - "description": "Find and fix code quality issues in your application code in real time.", + "description": "Find and fix quality issues in your application code in real time.", "default": true }, "snyk.features.infrastructureAsCode": { @@ -200,7 +200,7 @@ "order": 2, "type": "boolean", "default": false, - "description": "Run Snyk Open Source Security vulnerability analysis in automatic mode.", + "description": "Run Snyk Open Source Security analysis in automatic mode.", "scope": "application" }, "snyk.yesBackgroundOssNotification": { @@ -208,7 +208,7 @@ "//": "Name starts with y to put it at the end, as configs are sorted alphabetically", "type": "boolean", "default": true, - "markdownDescription": "Show scan notification for critical Open Source Security vulnerabilities when Snyk view is hidden", + "markdownDescription": "Show scan notification for critical Open Source Security issues when Snyk view is hidden", "scope": "application" } } diff --git a/src/snyk/common/languageServer/settings.ts b/src/snyk/common/languageServer/settings.ts index 25033944c..f4863c147 100644 --- a/src/snyk/common/languageServer/settings.ts +++ b/src/snyk/common/languageServer/settings.ts @@ -85,7 +85,7 @@ export class LanguageServerSettings { deviceId: user.anonymousId, requiredProtocolVersion: `${PROTOCOL_VERSION}`, folderConfigs: configuration.getFolderConfigs(), - enableSnykOSSQuickFixCodeActions: `${configuration.getOssQuickFixCodeActionsEnabled()}`, + enableSnykOSSQuickFixCodeActions: `${configuration.getPreviewFeatures().ossQuickfixes}`, }; } } diff --git a/src/snyk/common/messages/learn.ts b/src/snyk/common/messages/learn.ts index 863829227..8ef2430de 100644 --- a/src/snyk/common/messages/learn.ts +++ b/src/snyk/common/messages/learn.ts @@ -1,4 +1,4 @@ export const messages = { getLessonError: 'Failed to get Snyk Learn lesson', - lessonButtonTitle: 'Learn about this vulnerability', + lessonButtonTitle: 'Learn about this issue', }; diff --git a/src/snyk/common/views/issueTreeProvider.ts b/src/snyk/common/views/issueTreeProvider.ts index 3e8af90e7..c5db8e10f 100644 --- a/src/snyk/common/views/issueTreeProvider.ts +++ b/src/snyk/common/views/issueTreeProvider.ts @@ -39,12 +39,15 @@ export abstract class ProductIssueTreeProvider extends AnalysisTreeNodeProvid } abstract shouldShowTree(): boolean; + abstract filterIssues(issues: Issue[]): Issue[]; abstract getRunTestMessage(): string; + abstract getIssueTitle(issue: Issue): string; abstract getIssueRange(issue?: Issue): Range | undefined; + abstract getOpenIssueCommand( issue: Issue, folderPath: string, @@ -94,9 +97,12 @@ export abstract class ProductIssueTreeProvider extends AnalysisTreeNodeProvid new TreeNode({ text: this.getIssueFoundText(totalIssueCount, ignoredIssueCount), }), - this.getFixableIssuesNode(this.getFixableCount()), ]; + if (totalIssueCount > 0) { + topNodes.push(this.getFixableIssuesNode(this.getFixableCount())); + } + const noSeverityFiltersSelectedWarning = this.getNoSeverityFiltersSelectedTreeNode(); if (noSeverityFiltersSelectedWarning !== null) { topNodes.push(noSeverityFiltersSelectedWarning); diff --git a/src/snyk/snykCode/views/issueTreeProvider.ts b/src/snyk/snykCode/views/issueTreeProvider.ts index 43d0c131d..4cb055f40 100644 --- a/src/snyk/snykCode/views/issueTreeProvider.ts +++ b/src/snyk/snykCode/views/issueTreeProvider.ts @@ -84,7 +84,7 @@ export class IssueTreeProvider extends ProductIssueTreeProvider { private getAIFixableIssuesText(issuesCount: number): string { return issuesCount > 0 - ? `⚡️ ${issuesCount} ${issuesCount === 1 ? 'vulnerability' : 'vulnerabilities'} can be fixed by Snyk DeepCode AI` - : 'There are no vulnerabilities fixable by Snyk DeepCode AI'; + ? `⚡️ ${issuesCount} ${issuesCount === 1 ? 'issue' : 'issues'} can be fixed by Snyk DeepCode AI` + : 'There are no issues fixable by Snyk DeepCode AI'; } } diff --git a/src/snyk/snykCode/views/securityIssueTreeProvider.ts b/src/snyk/snykCode/views/securityIssueTreeProvider.ts index 5abce6f0a..643214e5a 100644 --- a/src/snyk/snykCode/views/securityIssueTreeProvider.ts +++ b/src/snyk/snykCode/views/securityIssueTreeProvider.ts @@ -38,7 +38,7 @@ export default class CodeSecurityIssueTreeProvider extends IssueTreeProvider { onDidChangeTreeData = this.viewManagerService.refreshCodeSecurityViewEmitter.event; protected getIssueDescriptionText(dir: string | undefined, issueCount: number): string | undefined { - return `${dir} - ${issueCount} ${issueCount === 1 ? 'vulnerability' : 'vulnerabilities'}`; + return `${dir} - ${issueCount} ${issueCount === 1 ? 'issue' : 'issues'}`; } protected getIssueFoundText(nIssues: number, ignoredIssueCount: number): string { @@ -48,7 +48,7 @@ export default class CodeSecurityIssueTreeProvider extends IssueTreeProvider { if (nIssues === 1) { text = `${nIssues} issue found by Snyk`; } else { - text = `✋ ${nIssues} vulnerabilities found by Snyk`; + text = `✋ ${nIssues} issues found by Snyk`; } const isIgnoresEnabled = configuration.getFeatureFlag(FEATURE_FLAGS.consistentIgnores); diff --git a/src/snyk/snykOss/constants/messages.ts b/src/snyk/snykOss/constants/messages.ts index a0af4b11c..5c8f7f63f 100644 --- a/src/snyk/snykOss/constants/messages.ts +++ b/src/snyk/snykOss/constants/messages.ts @@ -22,11 +22,11 @@ export const messages = { }, treeView: { cookingDependencies: 'Scanning...', - runTest: 'Run scan for Open Source security vulnerabilities.', + runTest: 'Run scan for Open Source security issues.', noVulnerabilitiesFound: ' ✅ Congrats! No issues found!', - singleVulnerabilityFound: 'Snyk found 1 vulnerability', - vulnerability: 'vulnerability', - vulnerabilities: 'vulnerabilities', - multipleVulnerabilitiesFound: (issueCount: number): string => `Snyk found ${issueCount} vulnerabilities`, + issue: 'issue', + issues: 'issues', + singleVulnerabilityFound: 'Snyk found 1 issue', + multipleVulnerabilitiesFound: (issueCount: number): string => `Snyk found ${issueCount} issues`, }, }; diff --git a/src/snyk/snykOss/editor/editorDecorator.ts b/src/snyk/snykOss/editor/editorDecorator.ts index eb155843b..3fd9e4850 100644 --- a/src/snyk/snykOss/editor/editorDecorator.ts +++ b/src/snyk/snykOss/editor/editorDecorator.ts @@ -57,7 +57,7 @@ export class EditorDecorator { module.line - 1, this.editorLastCharacterIndex, ), - renderOptions: getRenderOptions('Fetching vulnerabilities...', this.themeColorAdapter), + renderOptions: getRenderOptions('Fetching issues...', this.themeColorAdapter), }; } diff --git a/src/snyk/snykOss/providers/ossDetailPanelProvider.ts b/src/snyk/snykOss/providers/ossDetailPanelProvider.ts index b4b3bf2b9..927f694fb 100644 --- a/src/snyk/snykOss/providers/ossDetailPanelProvider.ts +++ b/src/snyk/snykOss/providers/ossDetailPanelProvider.ts @@ -54,7 +54,7 @@ export class OssDetailPanelProvider } else { this.panel = vscode.window.createWebviewPanel( SNYK_VIEW_SUGGESTION_OSS, - 'Snyk OSS Vulnerability', + 'Snyk OSS issue', { viewColumn: vscode.ViewColumn.Two, preserveFocus: true, diff --git a/src/snyk/snykOss/providers/ossIssueCommandHelper.ts b/src/snyk/snykOss/providers/ossIssueCommandHelper.ts index c5eb05aa4..e068c025e 100644 --- a/src/snyk/snykOss/providers/ossIssueCommandHelper.ts +++ b/src/snyk/snykOss/providers/ossIssueCommandHelper.ts @@ -14,7 +14,7 @@ export function getOssIssueCommandArg( // TODO: marked.parse does not sanitize the HTML. See: https://marked.js.org/#usage overviewHtml = marked.parse(vuln.additionalData.description) as string; } catch (error) { - overviewHtml = '

There was a problem rendering the vulnerability overview

'; + overviewHtml = '

There was a problem rendering the issue overview

'; } return { diff --git a/src/snyk/snykOss/services/vulnerabilityCount/ossVulnerabilityCountService.ts b/src/snyk/snykOss/services/vulnerabilityCount/ossVulnerabilityCountService.ts index 0477b1b04..1c6f42b07 100644 --- a/src/snyk/snykOss/services/vulnerabilityCount/ossVulnerabilityCountService.ts +++ b/src/snyk/snykOss/services/vulnerabilityCount/ossVulnerabilityCountService.ts @@ -106,7 +106,7 @@ export class OssVulnerabilityCountService implements Disposable { } emitter.on(VulnerabilityCountEvents.Error, e => { - this.logger.error(`Error counting module vulnerabilities: ${e}`); + this.logger.error(`Error counting module issues: ${e}`); this.editorDecorator.resetDecorations(fileName); }); diff --git a/src/test/integration/issueTreeProvider.test.ts b/src/test/integration/issueTreeProvider.test.ts index 9e34dc72e..d685ab26c 100644 --- a/src/test/integration/issueTreeProvider.test.ts +++ b/src/test/integration/issueTreeProvider.test.ts @@ -76,7 +76,7 @@ suite('Code Issue Tree Provider', () => { const rootChildren = issueTreeProvider.getRootChildren(); strictEqual(rootChildren.length, 2); strictEqual(rootChildren[0].label, 'Snyk found 1 issue'); - strictEqual(rootChildren[1].label, 'There are no vulnerabilities fixable by Snyk DeepCode AI'); + strictEqual(rootChildren[1].label, 'There are no issues fixable by Snyk DeepCode AI'); }); test('getRootChildren returns a root child for no results', () => { @@ -98,9 +98,8 @@ suite('Code Issue Tree Provider', () => { sinon.stub(issueTreeProvider, 'getResultNodes').returns([]); const rootChildren = issueTreeProvider.getRootChildren(); - strictEqual(rootChildren.length, 2); + strictEqual(rootChildren.length, 1); strictEqual(rootChildren[0].label, '✅ Congrats! No issues found!'); - strictEqual(rootChildren[1].label, 'There are no vulnerabilities fixable by Snyk DeepCode AI'); }); test('getRootChildren returns a root child for only open but not visible issues', async () => { @@ -141,7 +140,7 @@ suite('Code Issue Tree Provider', () => { const rootChildren = issueTreeProvider.getRootChildren(); strictEqual(rootChildren.length, 3); strictEqual(rootChildren[0].label, 'Snyk found 1 issue'); - strictEqual(rootChildren[1].label, 'There are no vulnerabilities fixable by Snyk DeepCode AI'); + strictEqual(rootChildren[1].label, 'There are no issues fixable by Snyk DeepCode AI'); strictEqual(rootChildren[2].label, 'Adjust your Issue View Options to see open issues.'); await vscode.workspace.getConfiguration().update(ISSUE_VIEW_OPTIONS_SETTING, { openIssues: true, @@ -186,7 +185,7 @@ suite('Code Issue Tree Provider', () => { const rootChildren = issueTreeProvider.getRootChildren(); strictEqual(rootChildren.length, 3); strictEqual(rootChildren[0].label, 'Snyk found 1 issue'); - strictEqual(rootChildren[1].label, 'There are no vulnerabilities fixable by Snyk DeepCode AI'); + strictEqual(rootChildren[1].label, 'There are no issues fixable by Snyk DeepCode AI'); strictEqual(rootChildren[2].label, 'Adjust your Issue View Options to see ignored issues.'); await vscode.workspace.getConfiguration().update(ISSUE_VIEW_OPTIONS_SETTING, { openIssues: true, @@ -231,7 +230,7 @@ suite('Code Issue Tree Provider', () => { const rootChildren = issueTreeProvider.getRootChildren(); strictEqual(rootChildren.length, 3); strictEqual(rootChildren[0].label, 'Snyk found 1 issue'); - strictEqual(rootChildren[1].label, 'There are no vulnerabilities fixable by Snyk DeepCode AI'); + strictEqual(rootChildren[1].label, 'There are no issues fixable by Snyk DeepCode AI'); strictEqual(rootChildren[2].label, 'Adjust your Issue View Options to see all issues.'); await vscode.workspace.getConfiguration().update(ISSUE_VIEW_OPTIONS_SETTING, { openIssues: true, diff --git a/src/test/unit/common/languageServer/languageServer.test.ts b/src/test/unit/common/languageServer/languageServer.test.ts index 277250b88..40b32f7fc 100644 --- a/src/test/unit/common/languageServer/languageServer.test.ts +++ b/src/test/unit/common/languageServer/languageServer.test.ts @@ -61,9 +61,6 @@ suite('Language Server', () => { isAutomaticDependencyManagementEnabled() { return true; }, - getOssQuickFixCodeActionsEnabled() { - return false; - }, getFeaturesConfiguration() { return defaultFeaturesConfigurationStub; }, @@ -256,7 +253,7 @@ suite('Language Server', () => { const initOptions = await languageServer.getInitializationOptions(); strictEqual(initOptions.activateSnykCodeQuality, `true`); - strictEqual(initOptions.activateSnykCodeQuality, `true`); + strictEqual(initOptions.activateSnykCodeSecurity, `true`); }); ['auto', 'manual'].forEach(expectedScanningMode => { diff --git a/src/test/unit/snykOss/providers/vulnerabilityCountProvider.test.ts b/src/test/unit/snykOss/providers/vulnerabilityCountProvider.test.ts index 92cd60afa..df42b0df7 100644 --- a/src/test/unit/snykOss/providers/vulnerabilityCountProvider.test.ts +++ b/src/test/unit/snykOss/providers/vulnerabilityCountProvider.test.ts @@ -118,7 +118,7 @@ suite('OSS VulnerabilityCountProvider', () => { }); test('Gets TS/JS imported module vulnerability results correctly', async () => { - const text = 'Vulnerabilities: 2 | Critical: 1, High 1, Medium: 0, Low: 0 | Most Severe: npm:adm-zip:20180415'; + const text = 'issues: 2 | Critical: 1, High 1, Medium: 0, Low: 0 | Most Severe: npm:adm-zip:20180415'; sampleInlineValueText = [ { text,