Skip to content

Commit

Permalink
Q3 integration branch 2023 (#57)
Browse files Browse the repository at this point in the history 
Fixed issues related to project level custom fields, sca proxy and path to sca resolver
  • Loading branch information
@RahulPidde23
RahulPidde23 authored Sep 4, 2023
1 parent 8483f02 commit 9d60364
Show file tree
Hide file tree
Showing 8 changed files with 30 additions and 12 deletions.
4 changes: 2 additions & 2 deletions CxScan/CxScanV20/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "cxsast",
"version": "2023.2.5",
"version": "2023.3.3",
"description": "Add Secure Static Source Code Analysis inside your build process",
"main": "index.js",
"repository": "https://github.com/checkmarx-ltd/VSTS-Plugin",
Expand All @@ -10,7 +10,7 @@
"author": "MajdM",
"license": "SEE LICENSE IN checkmarx-license-terms.md",
"dependencies": {
"@checkmarx/cx-common-js-client": "0.1.82",
"@checkmarx/cx-common-js-client": "0.1.83",
"degenerator": "3.0.4",
"azure-pipelines-task-lib": "^3.1.7",
"cookiejar": "2.1.4",
Expand Down
13 changes: 11 additions & 2 deletions CxScan/CxScanV20/services/configReader.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ export class ConfigReader {
private readonly devAzure = 'dev.azure.com';
private readonly MAX_SIZE_CXORIGINURL = 128;
private readonly SIZE_CXORIGIN = 50;
private readonly SCARESOLVER_FILENAME = "\\ScaResolver.exe";

constructor(private readonly log: Logger) {
}
Expand Down Expand Up @@ -246,6 +247,7 @@ export class ConfigReader {
} else {
proxyResult.proxyHost = proxy ? proxy.proxyUrl : '';
proxyResult.proxyPass = proxy ? proxy.proxyPassword : '';
proxyResult.proxyUrl = proxy.proxyUrl;
proxyResult.proxyPort = '';
proxyResult.proxyUser = proxy ? proxy.proxyUsername : '';
}
Expand Down Expand Up @@ -532,8 +534,15 @@ Vulnerability Threshold: ${config.scaConfig.vulnerabilityThreshold}
Enable SCA Resolver:${config.scaConfig.isEnableScaResolver}
`);
if(config.scaConfig.isEnableScaResolver) {

if (config.scaConfig.pathToScaResolver == ''){

var isScaResolverFileExists= fs.existsSync(config.scaConfig.pathToScaResolver.concat(this.SCARESOLVER_FILENAME) );

if (!isScaResolverFileExists && config.scaConfig.pathToScaResolver != '' )
{
this.log.warning(`SCA Resolver tool doesn't exists on given SCA Resolver path. Latest SCA Resolver would be auto downloaded for usage in user directory.`);
}

if (config.scaConfig.pathToScaResolver == '' || !isScaResolverFileExists){
config.scaConfig.pathToScaResolver = this.getPathToScaResolver(config.scaConfig.pathToScaResolver);
}
this.log.info(`Path To SCA Resolver:${config.scaConfig.pathToScaResolver}`);
Expand Down
15 changes: 12 additions & 3 deletions CxScan/CxScanV20/task.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@
"author": "Checkmarx",
"version": {
"Major": 2023,
"Minor": 2,
"Patch": 5
"Minor": 3,
"Patch": 3
},
"demands": [],
"minimumAgentVersion": "2.144.0",
Expand Down Expand Up @@ -503,10 +503,19 @@
"label": "Enable SCA Resolver",
"required": false,
"defaultValue": "false",
"helpMarkDown": "To perform SCA scan through SCA Resolver which provides option for exploitable path. It gets automatically downloaded in user directory.",
"helpMarkDown": "To perform SCA scan through SCA Resolver which provides option for exploitable path.",
"groupName": "dependencyScan",
"visibleRule": "enableDependencyScan = true"
},
{
"name": "pathToScaResolver",
"type": "string",
"label": "SCA Resolver Path",
"required": false,
"helpMarkDown": " Folder path on the Agent machine where ScaResolver is installed. For example: C:\\Users\\Installations\\ScaResolver-win64 or /opt/ScaResolver-linux64.If SCA Resolver Path is not provided or invalid then SCA Resolver automatically downloads in user directory.",
"groupName": "dependencyScan",
"visibleRule": "isEnableScaResolver = true"
},
{
"name": "scaResolverAddParameters",
"type": "string",
Expand Down
2 changes: 1 addition & 1 deletion azure-pipelines.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ steps:
inputs:
versionSpec: '10.x'
displayName: 'Install Node.js'

- task: Npm@1
inputs:
command: 'custom'
Expand Down
2 changes: 1 addition & 1 deletion vss-extension-TFS2017-dev.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"manifestVersion": 1,
"id": "cxsast",
"name": "Checkmarx SAST 9.x",
"version": "2023.2.5",
"version": "2023.3.3",
"publisher": "Checkmarx-Prerelease",
"targets": [
{
Expand Down
2 changes: 1 addition & 1 deletion vss-extension-TFS2017.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"manifestVersion": 1,
"id": "cxsast",
"name": "Checkmarx SAST 9.x",
"version": "2023.2.5",
"version": "2023.3.3",
"publisher": "Checkmarx",
"targets": [
{
Expand Down
2 changes: 1 addition & 1 deletion vss-extension-dev.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"manifestVersion": 1,
"id": "cxsast",
"name": "Checkmarx SAST 9.x",
"version": "2023.2.5",
"version": "2023.3.3",
"publisher": "Checkmarx-Prerelease",
"targets": [
{
Expand Down
2 changes: 1 addition & 1 deletion vss-extension.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
"manifestVersion": 1,
"id": "cxsast",
"name": "Checkmarx SAST 9.x",
"version": "2023.2.5",
"version": "2023.3.3",
"publisher": "Checkmarx",
"targets": [
{
Expand Down

0 comments on commit 9d60364

Please sign in to comment.