Skip to content

Commit

Permalink
Merge branch 'master' into release_2.9.1
Browse files Browse the repository at this point in the history
# Conflicts:
#	CHANGELOG.md
  • Loading branch information
bastiandoetsch committed Sep 12, 2024
2 parents 766bb59 + 4de8e11 commit bf0c54f
Show file tree
Hide file tree
Showing 88 changed files with 1,613 additions and 2,738 deletions.
24 changes: 24 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,29 @@
# Snyk Security Changelog

## [2.10.0]
### Changed
- save git folder config in settings
- propagate Jetbrains determined runtime environment to language server
- automatically propagate standard file path for CLI if empty on apply in settings
- guard base branch setting against being empty
- better error messaging when unexpected loop occurs during initialization
- switch downloads to downloads.snyk.io
- added support for net new scans
- allow annotations during IntelliJ indexing
- add gutter icons for Snyk issues
- add option to switch gutter icons on/off
- add color and highlighting setting for Snyk issues
- add dialog to choose reference branch when net new scanning
- always display info nodes
- add option in IntelliJ registry to display tooltips with issue information
- display documentation info when hovering over issue

### Fixes
- add name to code vision provider
- add flashes for auto-fixable Open Source Issues
- show code vision for Open Source also, when Snyk Code is still analysing
- clean-up old open source scan functionality

## [2.9.1]
### Fixed
- propagate IntelliJ environment to language server. This should mitigate the issue of not finding package managers during scans.
Expand Down
80 changes: 24 additions & 56 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,58 +2,30 @@
description: Use this documentation to get started with the JetBrains plugin.
---

# JetBrains plugins
<!-- Plugin description start -->
# JetBrains plugin

Snyk offers IDE integrations that allow you to use the functionality of Snyk in your Integrated Development Environment. This page describes the Snyk JetBrains plugins. For information about all of the IDE plugins and their use, see [Snyk for IDEs](https://docs.snyk.io/ide-tools) in the docs.
## **Scan early, fix as you develop: elevate your security posture**

Snyk supports JetBrains plugins from version 2020.2 for [IntelliJ IDEA](https://snyk.io/lp/intellij-ide-plugin/) and [WebStorm](https://snyk.io/lp/webstorm-ide-plugin/) as well as Android Studio, AppCode, GoLand, PhpStorm, PyCharm, Rider, and RubyMine.
Integrating security checks early in your development lifecycle helps you pass security reviews seamlessly and avoid expensive fixes down the line.

The Snyk JetBrains plugin allows you to analyze your code, open-source dependencies, Docker images, and Infrastructure as Code (IaC) configurations. With actionable insights directly in your IDE, you can address issues as they arise.

Snyk uses Python in order to scan and find your dependencies. If you are using multiple Python versions, use the -`-command` option to specify the correct Python command for execution. The plugin does not detect the Python version associated with the project.
**Key features:**

* **In-line issue highlighting:** Security issues are flagged directly within your code, categorized by type and severity for quick identification and resolution.
* **Comprehensive scanning:** The extension scans for a wide range of security issues, including:
* [**Open Source Security**](https://snyk.io/product/open-source-security-management/)**:** Detects vulnerabilities and license issues in both direct and transitive open-source dependencies. Automated fix suggestions simplify remediation. Explore more in the [Snyk Open Source documentation](https://docs.snyk.io/scan-using-snyk/snyk-open-source).
* [**Code Security**](https://snyk.io/product/snyk-code/)**:** Identifies security vulnerabilities in your custom code. Explore more in the [Snyk Code documentation](https://docs.snyk.io/scan-using-snyk/snyk-code).
* [**IaC Security**](https://snyk.io/product/infrastructure-as-code-security/)**:** Uncovers configuration issues in your Infrastructure as Code templates (Terraform, Kubernetes, CloudFormation, Azure Resource Manager). Explore more in the [IaC documentation](https://docs.snyk.io/scan-using-snyk/snyk-iac).
* [**Container Security**](https://snyk.io/product/container-vulnerability-management/): Finds security vulnerabilities in your base images; supports all the [operating system distributions supported by Snyk Container](https://docs.snyk.io/scan-using-snyk/snyk-container/how-snyk-container-works/operating-system-distributions-supported-by-snyk-container). See also the [Snyk Container](https://docs.snyk.io/scan-using-snyk/snyk-container) docs.
* **Broad language and framework support:** Snyk Open Source and Snyk Code cover a wide array of package managers, programming languages, and frameworks, with ongoing updates to support the latest technologies. For the most up-to-date information on supported languages, package managers, and frameworks, see the [supported language technologies pages](https://docs.snyk.io/supported-languages-package-managers-and-frameworks).

The Snyk JetBrains plugins provide analysis of your code, containers, and Infrastructure as Code configurations. The plugin is based on the Snyk CLI and also uses Snyk APIs. The plugin supports product features in the CLI for Snyk Open Source and Snyk Container as well as for Snyk Code and Snyk IaC with some limitations.
## How to install and set up the extension

Snyk scans for vulnerabilities and misconfigurations and returns results with security issues categorized by issue type and severity.

For open source, you receive automated algorithm-based fix suggestions for both direct and transitive dependencies. For containers, you can automate upgrades to the most secure base image to quickly resolve numerous vulnerabilities. This single plugin provides a Java vulnerability scanner, a custom code vulnerability scanner, an open-source security scanner, and an application security plugin.
The latest Snyk JetBrains plugin is supported by all JetBrains IDEs 2023.3 or newer.

Snyk scans for the following types of issues:

[**Open Source Security**](https://snyk.io/product/open-source-security-management/) - security vulnerabilities and license issues in both direct and in-direct (transitive) open-source dependencies pulled into the Snyk Project. See also the [Open Source docs](https://docs.snyk.io/products/snyk-open-source).

[**Code Security**](https://snyk.io/product/snyk-code/) - security vulnerabilities in your code. See also the [Snyk Code docs](https://docs.snyk.io/products/snyk-code).

[**Container Security**](https://snyk.io/product/container-vulnerability-management/) - security vulnerabilities in your base images. See also the [Snyk Container docs](https://docs.snyk.io/products/snyk-container).

[**Infrastructure as Code (IaC) Security**](https://snyk.io/product/infrastructure-as-code-security/) - configuration issues in your IaC templates: Terraform, Kubernetes, CloudFormation, and Azure Resource Manager. See also the [Snyk Infrastructure as Code docs](https://docs.snyk.io/products/snyk-infrastructure-as-code).

The JetBrains plugins also provide the [**Open Source Advisor**](https://snyk.io/advisor/) to help you find the best package for your next project. Information is provided on the package health of the direct dependencies you are using including popularity, maintenance, risk, and community insights.

After you complete the installation steps on this page and the [configuration](https://docs.snyk.io/ide-tools/jetbrains-plugins/configuration-environment-variables-and-proxy-for-the-jetbrains-plugins) and [authentication](https://docs.snyk.io/ide-tools/jetbrains-plugins/authentication-for-the-jetbrains-plugins) steps on the next two pages, continue by following the instructions in the other JetBrains plugins docs:

* [Run an analysis with the JetBrains plugins](https://docs.snyk.io/ide-tools/jetbrains-plugins/run-an-analysis-with-the-jetbrains-plugins)
* [JetBrains analysis results: Open Source](https://docs.snyk.io/ide-tools/jetbrains-plugins/jetbrains-analysis-results-snyk-open-source)
* [JetBrains analysis results: Snyk Code](https://docs.snyk.io/ide-tools/jetbrains-plugins/jetbrains-analysis-results-snyk-code)
* [JetBrains analysis results: Snyk IaC Configuration](https://docs.snyk.io/ide-tools/jetbrains-plugins/jetbrains-analysis-results-snyk-iac-configuration)
* [JetBrains analysis results: Snyk Container](https://docs.snyk.io/ide-tools/jetbrains-plugins/jetbrains-analysis-results-snyk-container)
* [How Snyk Container and Kubernetes JetBrains integration works](https://docs.snyk.io/ide-tools/jetbrains-plugins/how-snyk-container-and-kubernetes-jetbrains-integration-works)
* [Filter JetBrains results](https://docs.snyk.io/ide-tools/jetbrains-plugins/filter-jetbrains-results)
* [Troubleshooting for the JetBrains plugin](https://docs.snyk.io/ide-tools/jetbrains-plugins/troubleshooting-for-the-jetbrains-plugin)

<!-- Plugin description end -->
## Supported languages, package managers, and frameworks

* For Snyk Open Source, the JetBrains plugin supports the languages and package managers supported by Snyk Open Source and the CLI. For more information, see [Supported languages, frameworks, and feature availability overview, Open Source section](https://docs.snyk.io/scan-applications/supported-languages-and-frameworks/supported-languages-frameworks-and-feature-availability-overview#open-source-and-licensing-snyk-open-source).
* For Snyk Code, the JetBrains plugin supports all the languages and frameworks supported by Snyk Code. For more information, see [Supported languages, frameworks, and feature availability overview, Snyk Code section](https://docs.snyk.io/scan-applications/supported-languages-and-frameworks/supported-languages-frameworks-and-feature-availability-overview#code-analysis-snyk-code). Before scanning your repositories with Snyk Code, ensure you have [enabled Snyk Code](../../../scan-with-snyk/snyk-code/configure-snyk-code.md).&#x20;
* For Snyk Container: the JetBrains plugin supports all the [operating system distributions supported by Snyk Container](https://docs.snyk.io/products/snyk-container/snyk-container-security-basics/supported-operating-system-distributions).
* For Snyk IaC, the JetBrains plugin supports the following IaC templates: Terraform, Kubernetes, CloudFormation, and Azure Resource Manager.

## Supported operating systems and architecture


Snyk Plugins are not supported on any Operating System that has reached End Of Life (EOL) with the distributor.
An older plugin version is supported by JetBrains IDEs 2020.3 or newer.


You can use the Snyk JetBrains plugin in the following environments:
Expand All @@ -63,23 +35,19 @@ You can use the Snyk JetBrains plugin in the following environments:
* Windows: 386, AMD64, and ARM64
* MacOS: AMD64 and ARM64

## **Install the JetBrains plugin**
Install the plugin at any time free of charge from the [JetBrains marketplace](https://plugins.jetbrains.com/plugin/10972-snyk-vulnerability-scanner) and use it with any Snyk account, including the Free plan. For more information, see the [IDEA plugin installation guide](https://www.jetbrains.com/help/idea/managing-plugins.html).

The Snyk JetBrains plugin is available for installation on the [JetBrains marketplace](https://plugins.jetbrains.com/plugin/10972-snyk-vulnerability-scanner).
When the extension is installed, it automatically downloads the [Snyk CLI,](https://docs.snyk.io/snyk-cli) which includes the [Language Server](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/snyk-language-server).

Install using the IDE plugins library:
Continue by following the instructions in the other JetBrains plugin docs:

1. Open the **Preferences** window in the IDE.
2. Navigate to the **Plugins** tab.
3. In the **Plugins** tab, search for **Snyk**.
4. Select the **Snyk vulnerability scanning** plugin.
5. Click on the **Install** button.
6. When the installation is complete, restart the IDE.

<figure><img src="https://github.com/snyk/user-docs/raw/HEAD/docs/.gitbook/assets/Screen Shot 2022-03-09 at 5.06.13 PM (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1 (7).png" alt="Select the Snyk vulnerability scanning plugin"><figcaption><p>Select the Snyk vulnerability scanning plugin</p></figcaption></figure>

Continue with the steps on the JetBrains [configuration](https://docs.snyk.io/ide-tools/jetbrains-plugins/configuration-environment-variables-and-proxy-for-the-jetbrains-plugins) page.
* [Configuration, environment variables, and proxy for the JetBrains plugins](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/jetbrains-plugins/configuration-environment-variables-and-proxy-for-the-jetbrains-plugins)
* [JetBrains plugin authentication](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/jetbrains-plugins/authentication-for-the-jetbrains-plugins)
* [JetBrains plugin folder trust](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/jetbrains-plugins/jetbrains-plugin-folder-trust)
* [Run an analysis with the JetBrains plugins](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/jetbrains-plugins/run-an-analysis-with-the-jetbrains-plugins)

## Support

For troubleshooting and known issues, see [Troubleshooting for the JetBrains plugin](https://docs.snyk.io/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/jetbrains-plugins/troubleshooting-for-the-jetbrains-plugin).

If you need help, submit a [request](https://support.snyk.io/hc/en-us/requests/new) to Snyk Support.
2 changes: 1 addition & 1 deletion build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -175,7 +175,7 @@ tasks {
untilBuild.set(properties("pluginUntilBuild"))

val content = File("$projectDir/README.md").readText()
val startIndex = content.indexOf("# JetBrains plugins")
val startIndex = content.indexOf("# JetBrains plugin")
val descriptionFromReadme = content.substring(startIndex).lines().joinToString("\n").run { markdownToHTML(this) }
pluginDescription.set(descriptionFromReadme)

Expand Down
9 changes: 0 additions & 9 deletions src/main/kotlin/io/snyk/plugin/Severity.kt
Original file line number Diff line number Diff line change
Expand Up @@ -72,15 +72,6 @@ enum class Severity {
private const val SEVERITY_MEDIUM = "medium"
private const val SEVERITY_LOW = "low"

fun getFromIndex(index: Int): Severity =
when (index) {
4 -> CRITICAL
3 -> HIGH
2 -> MEDIUM
1 -> LOW
else -> UNKNOWN
}

fun getFromName(name: String): Severity =
when (name) {
SEVERITY_CRITICAL -> CRITICAL
Expand Down
7 changes: 0 additions & 7 deletions src/main/kotlin/io/snyk/plugin/SnykFile.kt
Original file line number Diff line number Diff line change
@@ -1,20 +1,13 @@
package io.snyk.plugin

import com.intellij.openapi.application.ApplicationManager
import com.intellij.openapi.project.Project
import com.intellij.openapi.util.Iconable
import com.intellij.openapi.vfs.VirtualFile
import snyk.common.RelativePathHelper
import javax.swing.Icon

data class SnykFile(val project: Project, val virtualFile: VirtualFile) {
var icon: Icon? = null
val relativePath = RelativePathHelper().getRelativePath(virtualFile, project)
init {
ApplicationManager.getApplication().runReadAction {
virtualFile.getPsiFile(project)?.getIcon(Iconable.ICON_FLAG_READ_STATUS)
}
}
}

fun toSnykFileSet(project: Project, virtualFiles: Set<VirtualFile>) =
Expand Down
2 changes: 1 addition & 1 deletion src/main/kotlin/io/snyk/plugin/SnykPostStartupActivity.kt
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ class SnykPostStartupActivity : ProjectActivity {
settings.lastTimeFeedbackRequestShown = Date.from(Instant.now())
}

if (isContainerEnabled()) {
if (settings.containerScanEnabled) {
getKubernetesImageCache(project)?.cacheKubernetesFileFromProject()
}

Expand Down
Loading

0 comments on commit bf0c54f

Please sign in to comment.