Merge pull request #86 from bridgecrewio/PCSUP-24970-When-using-the-P…

…risma-Cloud-VS-Code-Extension,-CVE-fixes-are-not-applied-to-the-file-/-Worley-Parsons [PCSUP-24970] SCA fix dialog fixes
bridgecrewio · Oct 13, 2024 · 15738da · 15738da
2 parents 23ac8e1 + 3fb71e1
commit 15738da
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,7 @@
 
 - Fixed an issue where an error log wasn't triggered on extension activation failure
 - Fixed an issue where trailing slashes on Prisma URl configuration caused scan issues
+- Fixed an issue where clicking fix on an SCA finding showed the wrong message
 
 ## [1.0.21] - 2024-09-15
 

diff --git a/src/services/fixService.ts b/src/services/fixService.ts
@@ -4,12 +4,12 @@ import * as vscode from 'vscode';
 
 import { CONFIG } from '../config';
 import { CHECKOV_RESULT_CATEGORY } from '../constants';
+import { CategoriesService, CheckovExecutor } from '../services';
 import { CheckovResult } from '../types';
-import { CategoriesService, CheckovExecutor, ResultsService } from '../services';
+import { isPipInstall, isWindows } from '../utils';
 import { CheckovResultWebviewPanel } from '../views/interface/checkovResult';
-import { CustomPopupService } from './customPopupService';
 import { TreeDataProvidersContainer } from '../views/interface/primarySidebar/services/treeDataProvidersContainer';
-import { isPipInstall, isWindows } from '../utils';
+import { CustomPopupService } from './customPopupService';
 
 export class FixService {
     public static async fix(result: CheckovResult) {
@@ -28,15 +28,14 @@ export class FixService {
     }
 
     private static async applyScaFix({ vulnerability_details }: CheckovResult) {
-        const command = vulnerability_details.fix_command.cmds.join(EOL).replace(/`/g, '');
-        const message = `${vulnerability_details.fix_command.msg}:${EOL}${command}`;
-
-        if (vulnerability_details.fix_command.manualCodeFix) {
-            const { msg, cmds } = vulnerability_details.fix_command;
-            vscode.window.showInformationMessage(`${msg}: ${cmds.length > 1 ? cmds.join(', ') : cmds[0]}`);
-            return;
+        const { msg, cmds, manualCodeFix } = vulnerability_details.fix_command;
+        const command = (cmds.length > 1 ? cmds.join(EOL) : cmds[0]).replace(/`/g, '');
+        let message;
+        if (manualCodeFix) {
+            message = `To bump to the fixed version please manually change the version to ${vulnerability_details.lowest_fixed_version} and run the following command:${EOL}${command}`;
+        } else {
+            message = `${msg}:${EOL}${command}`;
         }
-
         const action = await vscode.window.showInformationMessage(
             CONFIG.userInterface.extensionTitle,
             {
@@ -47,7 +46,6 @@ export class FixService {
                 title: 'Copy Command',
             },
         );
-
         if (action) {
             if (action.title === 'Copy Command') {
                 vscode.env.clipboard.writeText(command);   

diff --git a/src/types/checkov.ts b/src/types/checkov.ts
@@ -25,6 +25,7 @@ export type CheckovResult = {
         package_name: string;
         package_version: string;
         license: string;
+        lowest_fixed_version: string;
         fix_command: {
             cmds: string[];
             manualCodeFix: boolean;