CM-41712 - Add support for Eclipse Theia (#114)

Author: MarshalX

CHANGELOG.md

@@ -2,6 +2,13 @@
 
 ## [Unreleased]
 
+## [v1.11.2]
+
+- Add support for Theia IDE
+- Add auto publishing the extension to the Open VSX Registry
+- Fix false positive status bar changes
+- Fix CLI output handling
+
 ## [v1.11.1]
 
 - Fix CliError parsing
@@ -107,6 +114,8 @@
 
 The first stable release with the support of Secrets, SCA, TreeView, Violation Card, and more.
 
+[v1.11.2]: https://github.com/cycodehq/vscode-extension/releases/tag/v1.11.2
+
 [v1.11.1]: https://github.com/cycodehq/vscode-extension/releases/tag/v1.11.1
 
 [v1.11.0]: https://github.com/cycodehq/vscode-extension/releases/tag/v1.11.0
@@ -147,4 +156,4 @@ The first stable release with the support of Secrets, SCA, TreeView, Violation C
 
 [v1.0.0]: https://github.com/cycodehq/vscode-extension/releases/tag/v1.0.0
 
-[Unreleased]: https://github.com/cycodehq/vscode-extension/compare/v1.11.1...HEAD
+[Unreleased]: https://github.com/cycodehq/vscode-extension/compare/v1.11.2...HEAD

package.json

@@ -1,15 +1,15 @@
 {
   "name": "cycode",
   "displayName": "Cycode",
-  "version": "1.11.1",
+  "version": "1.11.2",
   "publisher": "cycode",
   "description": "Boost security in your dev lifecycle via SAST, SCA, Secrets & IaC scanning.",
   "repository": {
     "type": "git",
     "url": "https://github.com/cycodehq/vscode-extension"
   },
   "homepage": "https://cycode.com/",
-  "license": "SEE LICENSE IN LICENSE.MD",
+  "license": "MIT",
   "icon": "resources/cycode124.png",
   "galleryBanner": {
     "theme": "dark",
@@ -43,12 +43,12 @@
         },
         {
           "command": "cycode.treeViewCollapseAllCommand",
-          "when": "view == cycode.view.tree",
+          "when": "cycode:env.isVsCode && view == cycode.view.tree",
           "group": "navigation@1"
         },
         {
           "command": "cycode.treeViewExpandAllCommand",
-          "when": "view == cycode.view.tree",
+          "when": "cycode:env.isVsCode && view == cycode.view.tree",
           "group": "navigation@1"
         },
         {

src/cli/cli-wrapper.ts

@@ -12,6 +12,7 @@ import { CliError, isCliError } from './models/cli-error';
 import { ExitCode } from './exit-code';
 import { CommandParameters } from './constants';
 import { getUserAgentArg } from './user-agent';
+import { captureException } from '../sentry';
 
 export class CliWrapper {
   public workDirectory?: string;
@@ -27,10 +28,19 @@ export class CliWrapper {
   ): CliResult<T> {
     if (classConst == null) {
       // in case when we do not expect any output and want just call command like "ignore" command
+      this.logger.debug('No classConst provided. Returning CliResultSuccess(null)');
       return new CliResultSuccess(null);
     }
 
-    const camelCasedObj = JSON_.parse(out);
+    let camelCasedObj;
+    try {
+      camelCasedObj = JSON_.parse(out);
+    } catch (e) {
+      captureException(e);
+      this.logger.debug('Failed to parse output as JSON. Returning CliResultPanic');
+      return new CliResultPanic(exitCode, out);
+    }
+
     if (isCliError(camelCasedObj)) {
       this.logger.debug('Found CliError in output. Returning CliResultError');
       const cliError = plainToInstance(CliError, camelCasedObj);
@@ -94,11 +104,11 @@ export class CliWrapper {
       childProcess.on('close', (code: number) => {
         // we receive all "data" events before close
         this.logger.debug(`Streams of a command have been closed with code: ${code}`);
-        resolve(this.parseCliResult(classConst, stdout, exitCode));
+        resolve(this.parseCliResult(classConst, stdout || stderr, exitCode));
       });
 
       childProcess.on('error', (error: { errno: number }) => {
-        resolve(this.parseCliResult(classConst, stderr, error.errno));
+        resolve(this.parseCliResult(classConst, stderr || stdout, error.errno));
       });
 
       childProcess.stdout.on('data', (data) => {

src/commands/index.ts

@@ -40,7 +40,11 @@ export enum VscodeCommands {
   TreeViewExpandAllCommand = 'cycode.treeViewExpandAllCommand',
   TreeViewCollapseAllCommand = 'cycode.treeViewCollapseAllCommand',
 
-  // built-in or created automatically by vscode:
+  /*
+   * Warning: These commands do not exist in Theia API.
+   *
+   * Built-in or created automatically by vscode:
+   */
   WorkbenchShowProblemsTab = 'workbench.action.problems.focus',
   WorkbenchShowCycodeView = 'workbench.view.extension.cycode',
   WorkbenchTreeViewCollapseAll = 'workbench.actions.treeView.cycode.view.tree.collapseAll',

src/commands/open-violation-panel-command.ts

@@ -5,7 +5,7 @@ import { ExtensionServiceSymbol } from '../symbols';
 import { DetectionBase } from '../cli/models/scan-result/detection-base';
 import { CliScanType } from '../cli/models/cli-scan-type';
 
-export default (scanType: CliScanType, detection: DetectionBase) => {
+export default async (scanType: CliScanType, detection: DetectionBase) => {
   const extension = container.resolve<IExtensionService>(ExtensionServiceSymbol);
-  createAndInitPanel(extension.extensionContext, scanType, detection);
+  await createAndInitPanel(extension.extensionContext, scanType, detection);
 };

src/extension.ts

@@ -7,6 +7,7 @@ import './ioc';
 import * as vscode from 'vscode';
 import { extensionName } from './utils/texts';
 import statusBar from './utils/status-bar';
+import { config } from './utils/config';
 import { captureException, initSentry } from './sentry';
 import { container } from 'tsyringe';
 import { ICycodeService } from './services/cycode-service';
@@ -65,6 +66,11 @@ export function activate(context: vscode.ExtensionContext) {
     statusBar.showAuthIsRequired();
   }
 
+  if (config.isTheiaIde) {
+    stateService.globalState.EnvVsCode = false;
+    stateService.save();
+  }
+
   registerCommands(context);
   registerActivityBar(context);
   registerCodeLensProvider(context);

src/services/cli-service.ts

@@ -81,29 +81,31 @@ export class CliService implements ICliService {
   }
 
   private processCliResult<T>(result: CliResult<T>): CliResult<T> | null {
-    if (isCliResultError(result)) {
-      this.logger.error(result.result.message);
-      this.showErrorNotification(result.result.message);
-      return null;
-    }
-
     if (isCliResultPanic(result)) {
       if (result.exitCode === ExitCode.TERMINATION) {
         // don't notify user about user-requested terminations
         return null;
       }
 
-      this.logger.error(result.errorMessage);
+      this.logger.error(`[processCliResult] CLI panic: ${result.errorMessage}`);
       this.showErrorNotification(result.errorMessage);
       return null;
     }
 
+    if (isCliResultError(result)) {
+      this.logger.error(`[processCliResult] CLI error: ${result.result.message}`);
+      this.showErrorNotification(result.result.message);
+      return null;
+    }
+
     if (isCliResultSuccess(result) && result.result instanceof ScanResultBase) {
       const errors = result.result.errors;
       if (!errors.length) {
+        this.logger.info('[processCliResult] CLI scan results success');
         return result;
       }
 
+      this.logger.error('[processCliResult] CLI scan results success with errors');
       errors.forEach((error) => {
         this.logger.error(error.message);
         this.showErrorNotification(error.message);
@@ -113,6 +115,7 @@ export class CliService implements ICliService {
       return null;
     }
 
+    this.logger.error('[processCliResult] CLI success');
     return result;
   }
 
@@ -241,7 +244,7 @@ export class CliService implements ICliService {
         .showInformationMessage(
           `Cycode has detected ${detectionsCount} ${scanTypeDisplayName} 
           issues in your files. Check out your “Problems” tab to analyze.`,
-          TrayNotificationTexts.OpenProblemsTab,
+          this.state.EnvVsCode ? TrayNotificationTexts.OpenProblemsTab : '', // show button only in VSCode
         )
         .then((buttonPressed) => {
           if (buttonPressed === TrayNotificationTexts.OpenProblemsTab) {

src/services/cycode-service.ts

@@ -12,7 +12,6 @@ import { ProgressOptions } from 'vscode';
 import { ILoggerService } from './logger-service';
 import { getScanTypeDisplayName } from '../constants';
 import statusBar from '../utils/status-bar';
-import { TrayNotificationTexts } from '../utils/texts';
 import { captureException } from '../sentry';
 import { CliIgnoreType } from '../cli/models/cli-ignore-type';
 import { IScanResultsService } from './scan-results-service';
@@ -47,19 +46,15 @@ export class CycodeService implements ICycodeService {
     await vscode.window.withProgress(
       options,
       async (progress: ProgressBar, cancellationToken: vscode.CancellationToken) => {
-        progress.report({ message });
         try {
-          statusBar.showScanningInProgress();
+          progress.report({ message });
           await fn(cancellationToken);
-          statusBar.showScanComplete();
         } catch (error: unknown) {
           captureException(error);
           if (error instanceof Error) {
             this.logger.error(`Error during progress: ${error.message}`);
+            vscode.window.showErrorMessage(`Cycode error: ${error.message}`);
           }
-
-          statusBar.showScanError();
-          vscode.window.showErrorMessage(TrayNotificationTexts.ScanError);
         } finally {
           progress.report({ increment: 100 });
         }
@@ -121,19 +116,22 @@ export class CycodeService implements ICycodeService {
     };
 
     const scanMethod = scanMethods[scanType];
-    if (scanMethod) {
-      await this.withProgressBar(
-        `Cycode is scanning files for ${getScanTypeDisplayName(scanType)}...`,
-        async (cancellationToken: vscode.CancellationToken) => {
-          this.logger.debug(`[${scanType}] Start scanning paths: ${paths}`);
-          await scanMethod(cancellationToken);
-          this.logger.debug(`[${scanType}] Finish scanning paths: ${paths}`);
-        },
-        this.getScanProgressBarOptions(onDemand),
-      );
-    } else {
+    if (!scanMethod) {
       this.logger.error(`Unknown scan type: ${scanType}`);
+      return;
     }
+
+    await this.withProgressBar(
+      `Cycode is scanning files for ${getScanTypeDisplayName(scanType)}...`,
+      async (cancellationToken: vscode.CancellationToken) => {
+        this.logger.debug(`[${scanType}] Start scanning paths: ${paths}`);
+        statusBar.showScanningInProgress();
+        await scanMethod(cancellationToken);
+        statusBar.showScanComplete();
+        this.logger.debug(`[${scanType}] Finish scanning paths: ${paths}`);
+      },
+      this.getScanProgressBarOptions(onDemand),
+    );
   }
 
   private async applyDetectionIgnoreInUi(ignoreType: CliIgnoreType, value: string) {

src/services/state-service.ts

@@ -5,6 +5,7 @@ import { ILoggerService } from './logger-service';
 import { GlobalKeyValueStorage, LocalKeyValueStorage } from './key-value-storage-service';
 
 export class GlobalExtensionState {
+  public EnvVsCode = true;
   public CliInstalled = false;
   public CliAuthed = false;
   public CliVer: string | null = null;
@@ -24,12 +25,14 @@ const _GLOBAL_STATE_KEY = 'cycode:globalState';
 const _LOCAL_STATE_KEY = 'cycode:localState';
 
 enum VscodeStates {
+  IsVsCodeEnv = 'env.isVsCode',
   IsAuthorized = 'auth.isAuthed',
   IsInstalled = 'cli.isInstalled',
 }
 
 const _CONTEXT_EXPORTED_GLOBAL_STATE_KEYS: Record<string, string> = {
   // map global state keys to vscode context keys
+  EnvVsCode: VscodeStates.IsVsCodeEnv,
   CliAuthed: VscodeStates.IsAuthorized,
   CliInstalled: VscodeStates.IsInstalled,
 };
@@ -148,6 +151,7 @@ export class StateService implements IStateService {
   }
 
   private mergeGlobalState(extensionState: GlobalExtensionState): void {
+    if (extensionState.EnvVsCode !== undefined) (this._globalState.EnvVsCode = extensionState.EnvVsCode);
     if (extensionState.CliInstalled !== undefined) (this._globalState.CliInstalled = extensionState.CliInstalled);
     if (extensionState.CliAuthed !== undefined) (this._globalState.CliAuthed = extensionState.CliAuthed);
     if (extensionState.CliVer !== undefined) (this._globalState.CliVer = extensionState.CliVer);

src/ui/panels/violation/js.ts

@@ -9,7 +9,7 @@ export default (detectionType: CliScanType) => `
     const vscode = acquireVsCodeApi();
     const prevState = vscode.getState();
 
-    let severityIcons = (prevState && prevState.severityIcons) || {};
+    let severityIcons = (prevState && prevState.severityIcons) || undefined;
     let detection = (prevState && prevState.detection) || undefined; 
     let uniqueDetectionId = (prevState && prevState.uniqueDetectionId) || undefined; 
 
@@ -60,12 +60,12 @@ export default (detectionType: CliScanType) => `
     ${detectionType === CliScanType.Iac ? iacRenderer : ''}
     ${detectionType === CliScanType.Sast ? sastRenderer : ''}
 <script>
-    if (detection) {
+    if (severityIcons && detection) {
         renderDetection(detection);
     }
 
     const updateState = () => {
-        vscode.setState({ severityIcons: severityIcons, detection: detection });
+        vscode.setState({ severityIcons, detection });
     };
 
     const messageHandler = event => {
@@ -81,11 +81,18 @@ export default (detectionType: CliScanType) => `
         } else if (message.detection) {
             detection = message.detection;
             updateState();
+        }
 
-            renderDetection(message.detection);
+        if (severityIcons && detection) {
+            renderDetection(detection);
         }
     };
 
     window.addEventListener('message', messageHandler);
+    window.onload = () => {
+        vscode.postMessage({
+            command: 'ready',
+        });
+    }
 </script>
 `;

src/ui/panels/violation/renderer/iac.ts

@@ -11,8 +11,7 @@ const _resetDomState = () => {
 const renderDetection = detection => {
   _resetDomState();
 
-  const severityFirstLetter = detection.severity;
-  ge('severity-icon').src = severityIcons[severityFirstLetter];
+  ge('severity-icon').src = severityIcons[detection.severity];
 
   ge('title').innerText = detection.message;
   ge('short-details').innerText = detection.severity;

src/ui/panels/violation/renderer/sast.ts

@@ -11,8 +11,7 @@ const _resetDomState = () => {
 const renderDetection = detection => {
   _resetDomState();
 
-  const severityFirstLetter = detection.severity;
-  ge('severity-icon').src = severityIcons[severityFirstLetter];
+  ge('severity-icon').src = severityIcons[detection.severity];
 
   ge('title').innerText = detection.detectionDetails.policyDisplayName;
 

src/ui/panels/violation/renderer/sca.ts

@@ -20,8 +20,7 @@ const _resetDomState = () => {
 const renderDetection = detection => {
   _resetDomState();
 
-  const severityFirstLetter = detection.severity;
-  ge('severity-icon').src = severityIcons[severityFirstLetter];
+  ge('severity-icon').src = severityIcons[detection.severity];
   ge('package').innerText = detection.detectionDetails.packageName;
   ge('version').innerText = detection.detectionDetails.packageVersion;
   ge('dependency-path-value').innerText = detection.detectionDetails.dependencyPaths;

src/ui/panels/violation/renderer/secret.ts

@@ -15,8 +15,7 @@ const renderDetection = detection => {
     vscode.postMessage({ command: 'ignoreSecretByValue', uniqueDetectionId });
   };
 
-  const severityFirstLetter = detection.severity;
-  ge('severity-icon').src = severityIcons[severityFirstLetter];
+  ge('severity-icon').src = severityIcons[detection.severity];
 
   ge('title').innerText = 'Hardcoded ' + detection.type + ' is used';
   ge('short-details').innerText = detection.severity;