CM-48118 - Add detection sorting by line number in addition to severity (#87)

Author: MarshalX

CHANGELOG.md

@@ -4,6 +4,10 @@
 
 ## [Unreleased]
 
+## [2.6.0] - 2025-05-12
+
+- Add detection sorting by line number in addition to severity
+
 ## [2.5.0] - 2025-02-24
 
 - Add proper support for disabled modules
@@ -147,6 +151,8 @@
 
 The first public release of the plugin.
 
+[2.6.0]: https://github.com/cycodehq/intellij-platform-plugin/releases/tag/v2.6.0
+
 [2.5.0]: https://github.com/cycodehq/intellij-platform-plugin/releases/tag/v2.5.0
 
 [2.4.1]: https://github.com/cycodehq/intellij-platform-plugin/releases/tag/v2.4.1
@@ -207,4 +213,4 @@ The first public release of the plugin.
 
 [1.0.0]: https://github.com/cycodehq/intellij-platform-plugin/releases/tag/v1.0.0
 
-[Unreleased]: https://github.com/cycodehq/intellij-platform-plugin/compare/v2.5.0...HEAD
+[Unreleased]: https://github.com/cycodehq/intellij-platform-plugin/compare/v2.6.0...HEAD

CODEOWNERS

@@ -1 +1 @@
-* @MarshalX @MichalBor @MaorDavidzon @artem-fedorov @elsapet @gotbadger @cfabianski
+* @MarshalX @elsapet @gotbadger @cfabianski

gradle.properties

@@ -4,11 +4,11 @@ pluginGroup = com.cycode.plugin
 pluginName = Cycode
 pluginRepositoryUrl = https://github.com/cycodehq/intellij-platform-plugin
 # SemVer format -> https://semver.org
-pluginVersion = 2.5.0
+pluginVersion = 2.6.0
 
 # Supported build number ranges and IntelliJ Platform versions -> https://plugins.jetbrains.com/docs/intellij/build-number-ranges.html
 pluginSinceBuild = 231
-pluginUntilBuild = 251.*
+pluginUntilBuild = 252.*
 
 # IntelliJ Platform Properties -> https://plugins.jetbrains.com/docs/intellij/tools-gradle-intellij-plugin.html#configuration-intellij-extension
 platformType = IC

src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/IacApplier.kt

@@ -34,7 +34,7 @@ class IacApplier(private val scanResults: ScanResultsService) : AnnotationApplie
             val severity = convertSeverity(detection.severity)
 
             // IaC doesn't provide start and end positions, so we have to calculate them from the line number
-            val line = detection.detectionDetails.lineInFile - 1
+            val line = detection.detectionDetails.getLineNumber() - 1
             val startOffset = psiFile.text.lines().take(line).sumOf { it.length + 1 }
             val endOffset = startOffset + psiFile.text.lines()[line].length
 

src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/SastApplier.kt

@@ -33,7 +33,7 @@ class SastApplier(private val scanResults: ScanResultsService) : AnnotationAppli
             val severity = convertSeverity(detection.severity)
 
             // SAST doesn't provide start and end positions, so we have to calculate them from the line number
-            val line = detection.detectionDetails.lineInFile - 1
+            val line = detection.detectionDetails.getLineNumber() - 1
             val startOffset = psiFile.text.lines().take(line).sumOf { it.length + 1 }
             val endOffset = startOffset + psiFile.text.lines()[line].length
 

src/main/kotlin/com/cycode/plugin/annotators/annotationAppliers/ScaApplier.kt

@@ -44,7 +44,7 @@ class ScaApplier(private val scanResults: ScanResultsService) : AnnotationApplie
             val severity = convertSeverity(detection.severity)
 
             // SCA doesn't provide start and end positions, so we have to calculate them from the line number
-            val line = detection.detectionDetails.lineInFile - 1
+            val line = detection.detectionDetails.getLineNumber() - 1
             val startOffset = psiFile.text.lines().take(line).sumOf { it.length + 1 }
             val endOffset = startOffset + psiFile.text.lines()[line].length
 

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/ScanDetectionDetailsBase.kt

@@ -2,4 +2,9 @@ package com.cycode.plugin.cli.models.scanResult
 
 interface ScanDetectionDetailsBase {
     fun getFilepath(): String
+    /**
+     * Gets the line number.
+     * @return The 1-based line number (first line is 1, not 0)
+     */
+    fun getLineNumber(): Int
 }

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/iac/IacDetection.kt

@@ -21,6 +21,6 @@ data class IacDetection(
     }
 
     override fun getFormattedNodeTitle(): String {
-        return CycodeBundle.message("iacNodeTitle", detectionDetails.lineInFile, getFormattedMessage())
+        return CycodeBundle.message("iacNodeTitle", detectionDetails.getLineNumber(), getFormattedMessage())
     }
 }

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/iac/IacDetectionDetails.kt

@@ -19,4 +19,8 @@ data class IacDetectionDetails(
     override fun getFilepath(): String {
         return fileName
     }
+
+    override fun getLineNumber(): Int {
+        return lineInFile
+    }
 }

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/sast/SastDetection.kt

@@ -21,6 +21,6 @@ data class SastDetection(
     }
 
     override fun getFormattedNodeTitle(): String {
-        return CycodeBundle.message("sastNodeTitle", detectionDetails.lineInFile, getFormattedMessage())
+        return CycodeBundle.message("sastNodeTitle", detectionDetails.getLineNumber(), getFormattedMessage())
     }
 }

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/sast/SastDetectionDetails.kt

@@ -21,4 +21,8 @@ data class SastDetectionDetails(
     override fun getFilepath(): String {
         return if (filePath.startsWith("/")) filePath else "/$filePath"
     }
+
+    override fun getLineNumber(): Int {
+        return lineInFile
+    }
 }

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/sca/ScaDetection.kt

@@ -29,7 +29,7 @@ data class ScaDetection(
     override fun getFormattedNodeTitle(): String {
         return CycodeBundle.message(
             "scaNodeTitle",
-            detectionDetails.lineInFile,
+            detectionDetails.getLineNumber(),
             getFormattedTitle(),
         )
     }

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/sca/ScaDetectionDetails.kt

@@ -23,4 +23,8 @@ data class ScaDetectionDetails(
     override fun getFilepath(): String {
         return fileName
     }
+
+    override fun getLineNumber(): Int {
+        return lineInFile
+    }
 }

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/secret/SecretDetection.kt

@@ -3,8 +3,6 @@ package com.cycode.plugin.cli.models.scanResult.secret
 import com.cycode.plugin.CycodeBundle
 import com.cycode.plugin.cli.models.scanResult.DetectionBase
 
-const val IDE_ENTRY_LINE_NUMBER = 1
-
 data class SecretDetection(
     override val id: String,
     override val severity: String,
@@ -23,6 +21,6 @@ data class SecretDetection(
     }
 
     override fun getFormattedNodeTitle(): String {
-        return CycodeBundle.message("secretsNodeTitle", detectionDetails.line + IDE_ENTRY_LINE_NUMBER, type)
+        return CycodeBundle.message("secretsNodeTitle", detectionDetails.getLineNumber(), type)
     }
 }

src/main/kotlin/com/cycode/plugin/cli/models/scanResult/secret/SecretDetectionDetails.kt

@@ -2,6 +2,8 @@ package com.cycode.plugin.cli.models.scanResult.secret
 
 import com.cycode.plugin.cli.models.scanResult.ScanDetectionDetailsBase
 
+const val IDE_ENTRY_LINE_NUMBER = 1
+
 data class SecretDetectionDetails(
     val sha512: String,
     val provider: String,
@@ -22,4 +24,8 @@ data class SecretDetectionDetails(
     override fun getFilepath(): String {
         return "$filePath$fileName"
     }
+
+    override fun getLineNumber(): Int {
+        return line + IDE_ENTRY_LINE_NUMBER
+    }
 }

src/main/kotlin/com/cycode/plugin/components/toolWindow/components/treeView/TreeView.kt

@@ -154,12 +154,11 @@ class TreeView(
         createNodeCallback: (detection: DetectionBase) -> DefaultMutableTreeNode
     ) {
         val filteredDetections = scanResults.detections.filter {
-            severityFilter?.getOrDefault(it.severity.lowercase(), true) ?: true
+            severityFilter?.getOrDefault(it.severity.lowercase(), true) != false
         }
-        val sortedDetections = filteredDetections.sortedByDescending { getSeverityWeight(it.severity) }
-        val detectionsByFile = sortedDetections.groupBy { it.detectionDetails.getFilepath() }
+        val detectionsByFile = filteredDetections.groupBy { it.detectionDetails.getFilepath() }
 
-        rootNodes.setNodeSummary(scanType, getDetectionSummary(sortedDetections))
+        rootNodes.setNodeSummary(scanType, getDetectionSummary(filteredDetections))
 
         val projectRoot = project.basePath?.let { File(it) } ?: File("")
 
@@ -173,7 +172,13 @@ class TreeView(
                 AllIcons.Actions.Annotate
 
             val fileNode = createNode(FileNode(projectRelativePath, summary, icon))
-            for (detection in detections) {
+
+            val sortedDetections = detections.sortedWith(
+                compareByDescending<DetectionBase> { getSeverityWeight(it.severity) }
+                    .thenBy { it.detectionDetails.getLineNumber() }
+            )
+
+            for (detection in sortedDetections) {
                 fileNode.add(createNodeCallback(detection))
             }
 

src/main/kotlin/com/cycode/plugin/components/toolWindow/components/treeView/utils.kt

@@ -10,9 +10,7 @@ import com.intellij.psi.PsiFile
 import com.intellij.psi.PsiManager
 import java.io.File
 
-const val DIFFERENCE_BETWEEN_SCA_LINE_NUMBERS = 1
-const val DIFFERENCE_BETWEEN_IAC_LINE_NUMBERS = 1
-const val DIFFERENCE_BETWEEN_SAST_LINE_NUMBERS = 1
+const val DIFFERENCE_BETWEEN_CYCODE_AND_IDE_LINE_NUMBER = 1
 
 fun getPsiFile(project: Project, filePath: String): PsiFile? {
     val virtualFile = VirtualFileManager.getInstance().findFileByUrl("file://$filePath") ?: return null
@@ -31,25 +29,25 @@ private fun openFileInEditor(project: Project, filePath: String, lineNumber: Int
 
 private fun openSecretDetectionInFile(project: Project, node: SecretDetectionNode) {
     val filePath = node.detection.detectionDetails.getFilepath()
-    val line = node.detection.detectionDetails.line
+    val line = node.detection.detectionDetails.getLineNumber() - DIFFERENCE_BETWEEN_CYCODE_AND_IDE_LINE_NUMBER
     openFileInEditor(project, filePath, line)
 }
 
 private fun openScaDetectionInFile(project: Project, node: ScaDetectionNode) {
     val filePath = node.detection.detectionDetails.getFilepath()
-    val line = node.detection.detectionDetails.lineInFile - DIFFERENCE_BETWEEN_SCA_LINE_NUMBERS
+    val line = node.detection.detectionDetails.getLineNumber() - DIFFERENCE_BETWEEN_CYCODE_AND_IDE_LINE_NUMBER
     openFileInEditor(project, filePath, line)
 }
 
 private fun openIacDetectionInFile(project: Project, node: IacDetectionNode) {
     val filePath = node.detection.detectionDetails.getFilepath()
-    val line = node.detection.detectionDetails.lineInFile - DIFFERENCE_BETWEEN_IAC_LINE_NUMBERS
+    val line = node.detection.detectionDetails.getLineNumber() - DIFFERENCE_BETWEEN_CYCODE_AND_IDE_LINE_NUMBER
     openFileInEditor(project, filePath, line)
 }
 
 private fun openSastDetectionInFile(project: Project, node: SastDetectionNode) {
     val filePath = node.detection.detectionDetails.getFilepath()
-    val line = node.detection.detectionDetails.lineInFile - DIFFERENCE_BETWEEN_SAST_LINE_NUMBERS
+    val line = node.detection.detectionDetails.getLineNumber() - DIFFERENCE_BETWEEN_CYCODE_AND_IDE_LINE_NUMBER
     openFileInEditor(project, filePath, line)
 }