From 730c7e5f53f21fec967c296ffc24002586fec200 Mon Sep 17 00:00:00 2001 From: Aniket Shinde Date: Wed, 15 Apr 2026 12:01:43 +0530 Subject: [PATCH 01/14] docs AST-146800: Add Cloud.md standardization file MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds the Cloud.md documentation file covering all essential sections: Project Overview, Architecture, Repository Structure, Technology Stack, Development Setup, Coding Standards, Project Rules, Testing Strategy, Known Issues — plus recommended sections: External Integrations, Deployment, Security & Access, Logging, and Debugging Steps. Co-Authored-By: Claude Sonnet 4.6 (1M context) --- Cloud.md | 346 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 346 insertions(+) create mode 100644 Cloud.md diff --git a/Cloud.md b/Cloud.md new file mode 100644 index 0000000..459c1fa --- /dev/null +++ b/Cloud.md @@ -0,0 +1,346 @@ +# Cloud.md — Checkmarx One Eclipse Plugin + +> Standardized Cloud MD file for [ast-eclipse-plugin](https://github.com/Checkmarx/ast-eclipse-plugin) +> Following the Cloud MD standardization template defined in epic AST-146793. + +--- + +## Project Overview + +The **Checkmarx One Eclipse Plugin** integrates the full Checkmarx One security platform directly into the Eclipse IDE. It enables developers to discover and remediate vulnerabilities without leaving their editor — embodying the shift-left AppSec philosophy. + +**Key capabilities:** +- Import scan results (SAST, SCA, IaC Security) from Checkmarx One directly into Eclipse +- Run new scans from the IDE before committing code +- Navigate from a vulnerability directly to the affected source line +- Triage results (adjust severity, state, add comments) without leaving the IDE +- Filter and group results by severity, state, or query name +- View vulnerability descriptions, attack vectors, and Codebashing remediation links +- Best Fix Location (BFL) highlighting for SAST findings + +**Supported Eclipse versions:** 2019-03 (4.11) and above +**Supported platforms:** Windows, macOS, Linux/GTK + +--- + +## Architecture + +The plugin follows a standard Eclipse **ViewPart** architecture backed by an **OSGi** bundle lifecycle. + +``` +┌─────────────────────────────────────────────────────┐ +│ Eclipse IDE │ +│ ┌──────────────────────────────────────────────┐ │ +│ │ CheckmarxView (ViewPart) │ │ +│ │ ┌──────────┐ ┌──────────┐ ┌────────────┐ │ │ +│ │ │ Project │ │ Branch │ │ Scan ID │ │ │ +│ │ │ Combo │ │ Combo │ │ Combo │ │ │ +│ │ └──────────┘ └──────────┘ └────────────┘ │ │ +│ │ ┌────────────────────────────────────────┐ │ │ +│ │ │ Results Tree (SWT TreeViewer) │ │ │ +│ │ │ Grouped by: Severity / Query / State │ │ │ +│ │ └────────────────────────────────────────┘ │ │ +│ │ ┌───────────────┐ ┌──────────────────────┐ │ │ +│ │ │ Description │ │ Attack Vector / │ │ │ +│ │ │ & Triage │ │ Package Data / │ │ │ +│ │ │ Panel │ │ BFL Panel │ │ │ +│ │ └───────────────┘ └──────────────────────┘ │ │ +│ └──────────────────────────────────────────────┘ │ +└─────────────────────────────────────────────────────┘ + │ EventBus (Guava) + ▼ +┌─────────────────────┐ ┌──────────────────────┐ +│ DataProvider │◄──────►│ ast-cli-java-wrapper │ +│ (Singleton) │ │ (Checkmarx One API) │ +└─────────────────────┘ └──────────────────────┘ +``` + +**Key architectural decisions:** +- **Event-driven UI:** Google Guava `EventBus` decouples UI actions (filter changes, scan loads) from the view rendering. Events: `FILTER_CHANGED`, `GET_RESULTS`, `CLEAN_AND_REFRESH`, `LOAD_RESULTS_FOR_SCAN`. +- **CLI wrapper:** All communication with the Checkmarx One platform is delegated to `ast-cli-java-wrapper`, which wraps the Checkmarx CLI binary. No direct REST calls from the plugin. +- **Singleton DataProvider:** Holds all loaded scan results, filter state, and project/branch/scan metadata for the current session. +- **Static FilterState:** Severity and state filter flags are stored as static fields persisted to Eclipse preferences via `GlobalSettings`. + +--- + +## Repository Structure + +``` +ast-eclipse-plugin/ +├── checkmarx-ast-eclipse-plugin/ # Main OSGi plugin bundle +│ ├── src/com/checkmarx/eclipse/ +│ │ ├── Activator.java # OSGi bundle lifecycle +│ │ ├── enums/ # Severity, State, ActionName enums +│ │ ├── properties/ # Eclipse preferences page & fields +│ │ ├── runner/ # Authentication runner +│ │ ├── utils/ # CxLogger, PluginUtils, PluginConstants +│ │ └── views/ +│ │ ├── CheckmarxView.java # Main ViewPart (~2600 lines) +│ │ ├── DataProvider.java # Singleton data/state manager +│ │ ├── DisplayModel.java # Tree node model +│ │ ├── GlobalSettings.java # Eclipse preference store wrapper +│ │ ├── actions/ # Toolbar actions (filters, scan, triage) +│ │ ├── filters/ # FilterState, ActionFilters +│ │ └── provider/ # TreeContentProvider, ColumnProvider +│ ├── META-INF/MANIFEST.MF # OSGi bundle descriptor +│ ├── plugin.xml # Eclipse extension points +│ ├── icons/ # Severity and UI icons +│ └── lib/ # Bundled JAR dependencies +├── checkmarx-ast-eclipse-plugin-tests/ # Test bundle +│ └── src/test/java/.../tests/ +│ ├── integration/ # Integration tests (auth) +│ ├── ui/ # SWTBot UI tests +│ └── unit/ # Unit tests +├── com.checkmarx.eclipse.feature/ # Eclipse feature descriptor +├── com.checkmarx.eclipse.site/ # Eclipse p2 update site +├── pom.xml # Root Maven/Tycho POM +├── ast-cli-java-wrapper.version # Pinned wrapper version +└── .github/workflows/ # CI/CD pipelines +``` + +--- + +## Technology Stack + +| Layer | Technology | Version | +|-------|-----------|---------| +| Language | Java | 17 (Temurin) | +| IDE Framework | Eclipse OSGi / RCP | 4.11+ | +| UI Toolkit | SWT / JFace | Bundled with Eclipse | +| Build System | Maven + Eclipse Tycho | Tycho 4.0.11 | +| Platform API | ast-cli-java-wrapper | 2.4.23 | +| Event Bus | Google Guava | Bundled with Eclipse | +| Git Integration | JGit | Bundled with Eclipse | +| JSON | Jackson | 2.21.1 | +| Utilities | Apache Commons Lang3 | 3.18.0 | +| Logging | SLF4J + Eclipse ILog (CxLogger) | 2.0.17 | + +--- + +## Development Setup + +### Prerequisites + +1. **Java 17** (Temurin recommended) +2. **Eclipse IDE for RCP and RAP Developers** (2019-03 or later) — includes PDE (Plugin Development Environment) +3. **Maven 3.x** with Tycho support +4. **Checkmarx One account** with an API key (`ast-scanner` + `default-roles` IAM roles) + +### Clone and Import + +```bash +git clone https://github.com/Checkmarx/ast-eclipse-plugin.git +cd ast-eclipse-plugin +``` + +Import into Eclipse: +- `File → Import → Maven → Existing Maven Projects` +- Select the repo root — all four modules will be detected + +### Build from CLI + +```bash +# Full build (plugin + feature + site + tests) +mvn clean verify + +# Build plugin only (skip tests) +mvn clean package -pl checkmarx-ast-eclipse-plugin -am -DskipTests +``` + +### Run in Development + +1. Open `checkmarx-ast-eclipse-plugin/plugin.xml` in Eclipse +2. Click **Launch an Eclipse Application** (creates a new Eclipse instance with the plugin loaded) +3. Configure credentials: `Window → Preferences → Checkmarx` + +### Run Tests + +```bash +# UI tests (requires Xvfb on Linux) +Xvfb -ac :99 -screen 0 1920x1080x16 & +mvn verify -Dtest.includes="**/ui/*.java" \ + -DCX_BASE_URI= -DCX_TENANT= \ + -DCX_APIKEY= -DCX_TEST_SCAN= + +# Unit tests only +mvn test -pl checkmarx-ast-eclipse-plugin-tests +``` + +--- + +## Coding Standards + +- **Java 17** language level — use modern constructs (streams, lambdas, records where appropriate) +- **Logging:** Always use `CxLogger` (Eclipse ILog wrapper), never raw `System.out` or SLF4J directly in plugin code. SLF4J is available only for passing to the CLI wrapper internals. +- **UI thread safety:** All SWT widget updates must happen on the UI thread. Use `UISynchronizeImpl.asyncExec()` for background-to-UI transitions. +- **EventBus events:** Post events via `pluginEventBus.post(new PluginListenerDefinition(...))`. Subscribe with `@Subscribe`. Never call UI update methods directly from non-UI threads. +- **Constants:** Add all string literals used in UI or logic to `PluginConstants.java`. Never hardcode strings inline. +- **SWT layout:** Use `GridData`/`GridLayout` for all composites. Avoid fixed `widthHint` on combos that may contain variable-length content — use `SWT.FILL` with `grabExcessHorizontalSpace = true` instead. +- **Null safety:** Check `selectedItem.getResult()` and `selectedItem.getSeverity()` before accessing them — tree nodes may be group-level nodes with no attached result. + +--- + +## Project Rules + +- **All PRs target `main`** (or an integration branch when batching multiple bug fixes). +- **Branch naming:** + - Bug fixes: `bug/AST-XXXXX` + - Features: `feature/AST-XXXXX` + - Documentation: `docs/AST-XXXXX` + - Other: `other/AST-XXXXX` +- **Commit messages** must reference the Jira ticket: `Fix AST-XXXXX: ` +- **Never commit secrets.** Checkmarx credentials are injected via environment variables or Eclipse preferences at runtime — never hardcoded. +- **Wrapper version** is pinned in `ast-cli-java-wrapper.version`. Update this file and the JAR in `lib/` when upgrading the CLI wrapper. +- **Icons** must be placed in `checkmarx-ast-eclipse-plugin/icons/` and registered in `plugin.xml` if used as action images. +- **PR size:** Keep PRs focused on a single ticket. Use an integration branch to batch multiple related fixes before merging to main. + +--- + +## Testing Strategy + +### Test Types + +| Type | Location | Runner | Purpose | +|------|----------|--------|---------| +| Unit | `unit/` | JUnit | Test logic in isolation (DataProvider, FilterState, PluginUtils) | +| UI (SWTBot) | `ui/` | SWTBot + JUnit | Test full plugin behavior inside a headless Eclipse instance | +| Integration | `integration/` | JUnit | Test authentication and API connectivity against a real Checkmarx One tenant | + +### CI Triggers + +- All tests run on **every PR to `main`** via GitHub Actions (`.github/workflows/ci.yml`) +- UI tests run on **Ubuntu** with **Xvfb** (virtual display) +- Integration tests require secrets: `CX_BASE_URI`, `CX_TENANT`, `CX_APIKEY`, `CX_TEST_SCAN` + +### Coverage + +- JaCoCo coverage reports generated per run +- Reports uploaded as GitHub Actions artifacts +- Coverage badge auto-generated via `cicirello/jacoco-badge-generator` + +--- + +## External Integrations + +| Integration | Purpose | How | +|-------------|---------|-----| +| **Checkmarx One Platform** | Fetch projects, branches, scans, results; submit triage | Via `ast-cli-java-wrapper` (wraps the Checkmarx CLI binary) | +| **JGit** | Detect current git branch to auto-select in branch combo | `RefsChangedListener` on local repo | +| **Eclipse Marketplace** | Plugin distribution and install | p2 update site published on release | +| **Codebashing** | Remediation lesson links per vulnerability | REST call to Checkmarx Codebashing API | + +--- + +## Deployment + +### Release Process + +Releases are created via `.github/workflows/release.yml` (triggered manually or via `workflow_call`): + +1. Input: `tag` (semver), `jira_ticket`, optional `rbranch` for dev releases +2. Tycho builds the p2 update site into `com.checkmarx.eclipse.site/target/` +3. Site artifact is published as a GitHub Release +4. Dev releases are cleaned up automatically before publishing a stable release + +### Distribution + +- **Eclipse Marketplace:** [checkmarx-ast-plugin](https://marketplace.eclipse.org/content/checkmarx-ast-plugin) +- **p2 Update Site:** published as a GitHub Release asset + +### Install (End Users) + +``` +Help → Install New Software → Add repository URL (GitHub Release asset) +``` + +--- + +## Security & Access + +- **API Key authentication:** Users configure a Checkmarx One API key in `Window → Preferences → Checkmarx`. The key is stored in the Eclipse secure preferences store. +- **Required roles:** `ast-scanner` (composite role) + `default-roles` IAM role on the Checkmarx One tenant. +- **No credentials in code:** All secrets are injected at runtime via preferences or environment variables (CI). Never commit API keys or tokens. +- **TLS:** All communication with Checkmarx One is HTTPS, enforced by the CLI wrapper. +- **Triage permissions:** Triage actions (severity/state changes) require the user's API key to have write permissions on the project. + +--- + +## Logging + +The plugin uses two logging mechanisms — use the right one for the right context: + +| Logger | Class | Output | When to use | +|--------|-------|--------|-------------| +| `CxLogger` | `com.checkmarx.eclipse.utils.CxLogger` | Eclipse Error Log view + `.metadata/.log` | All plugin-level log messages | +| SLF4J | `org.slf4j.Logger` | No-op inside OSGi (dropped) | Only for passing to `CxWrapper` internals | + +**Usage:** +```java +CxLogger.info("Loading results for scan: " + scanId); +CxLogger.error("Failed to fetch projects: " + e.getMessage(), e); +CxLogger.warning("Could not fetch platform states: " + e.getMessage()); +``` + +**Viewing logs:** +- Eclipse IDE: `Window → Show View → Error Log` +- File: `/.metadata/.log` + +--- + +## Debugging Steps + +### Plugin not loading + +1. Check `Window → Show View → Error Log` for bundle activation errors +2. Verify Java 17 is set as the JRE: `Window → Preferences → Java → Installed JREs` +3. Confirm the plugin is enabled: `Help → About Eclipse → Installation Details` + +### Authentication failures + +1. Verify API key in `Window → Preferences → Checkmarx` — click **Authenticate** +2. Check Error Log for `CxLogger` messages containing `authentication` or `CxException` +3. Confirm the API key has `ast-scanner` + `default-roles` roles on the tenant + +### No results / empty tree + +1. Confirm project, branch, and scan ID are selected in the top combos +2. Check filter state — all severity filters may be disabled (toolbar toggle buttons) +3. Check Error Log for errors from `DataProvider.getResultsForScanId()` + +### UI not updating after filter change + +1. Confirm you are on a build that includes the AST-136035 fix +2. If the tree collapses entirely, check that `FILTER_CHANGED` calls `updateResultsTree(..., true)` + +### Custom state dropdown overflow + +1. Fixed in AST-137779 — ensure you are on a build that includes the `truncate()` fix in `ActionFilterStatePreference` + +### Running UI tests locally (Linux) + +```bash +Xvfb -ac :99 -screen 0 1920x1080x16 & +export DISPLAY=:99.0 +mvn verify -Dtest.includes="**/ui/*.java" \ + -DCX_BASE_URI=$CX_BASE_URI \ + -DCX_TENANT=$CX_TENANT \ + -DCX_APIKEY=$CX_APIKEY \ + -DCX_TEST_SCAN=$CX_TEST_SCAN +``` + +--- + +## Known Issues + +| Issue | Ticket | Status | +|-------|--------|--------| +| Severity filter clears description/attack vector panels | AST-136035 | Fixed | +| Severity filter collapses entire results tree | AST-136035 | Fixed | +| Authentication logs not routed to Eclipse Error Log | AST-136023 | Fixed | +| Custom State dropdown occupies entire screen | AST-137779 | Fixed | +| Scan ID combo overflows window on small screens | AST-136035 | Fixed | +| New scan ID not marked as latest in scan list after notification | AST-137779 | Open | + +--- + +*Generated for AST-146800 · Checkmarx Integrations Team* From 6310f05bebe62d57977db3a7de8efb0f20fa04a3 Mon Sep 17 00:00:00 2001 From: Aniket Shinde Date: Fri, 17 Apr 2026 11:30:58 +0530 Subject: [PATCH 02/14] AST-101305: Disable Branch and Scan dropdown when no project is selected - Add FocusListener to project combo viewer - When user clears project and clicks outside, branch combo is disabled - Resets currentProjectId to empty when project field is cleared - Preserves existing behavior for all other scenarios Co-Authored-By: Claude Haiku 4.5 --- .../eclipse/views/CheckmarxView.java | 23 ++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java index 43c16a4..7a78108 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java @@ -41,6 +41,8 @@ import org.eclipse.swt.custom.CLabel; import org.eclipse.swt.custom.ScrolledComposite; import org.eclipse.swt.custom.StyledText; +import org.eclipse.swt.events.FocusEvent; +import org.eclipse.swt.events.FocusListener; import org.eclipse.swt.events.SelectionAdapter; import org.eclipse.swt.events.SelectionEvent; import org.eclipse.swt.events.SelectionListener; @@ -904,7 +906,26 @@ protected IStatus run(IProgressMonitor monitor) { debounceTimer.schedule(pendingSearchTask, DEBOUNCE_DELAY_MS); } - }); + }); + + // Add FocusListener to disable branch combo when project is cleared and focus lost + projectComboViewer.getCombo().addFocusListener(new FocusListener() { + @Override + public void focusLost(FocusEvent e) { + // When user clicks outside project combo, check if project is empty + String enteredProject = projectComboViewer.getCombo().getText().trim(); + // If project field is empty or contains only the placeholder text, disable branch combo + if (enteredProject.isEmpty() || enteredProject.equals(PROJECT_COMBO_VIEWER_TEXT)) { + currentProjectId = PluginConstants.EMPTY_STRING; + PluginUtils.enableComboViewer(branchComboViewer, false); + } + } + + @Override + public void focusGained(FocusEvent e) { + // No action needed on focus gain + } + }); } /** From 644dae9093cb13b404b273e13db21772287bd2c8 Mon Sep 17 00:00:00 2001 From: Aniket Shinde Date: Mon, 20 Apr 2026 10:47:29 +0530 Subject: [PATCH 03/14] Fix: Route authentication logs to Eclipse Error Log (AST-136023) (#244) * Fix AST-136023: Route authentication logs to Eclipse Error Log Replace SLF4J log calls in Authenticator.doAuthentication() with CxLogger so auth success/failure messages appear in .metadata/.log and the Eclipse Error Log UI instead of being silently dropped. Co-Authored-By: Claude Sonnet 4.6 (1M context) * Fix AST-136023: Update unit tests to verify CxLogger static calls Replace SLF4J mockLogger verification with MockedStatic to match the updated Authenticator.doAuthentication() which now routes log output through CxLogger instead of the SLF4J instance. Co-Authored-By: Claude Sonnet 4.6 (1M context) * Refactor AST-136023: Use String.format for authentication status log message Replace string concatenation (AUTH_STATUS + cxValidateOutput) with String.format(PluginConstants.INFO_AUTHENTICATION_STATUS, cxValidateOutput) to be consistent with the error logging pattern. Updated the unit test assertion to verify the formatted string accordingly. Co-Authored-By: Claude Sonnet 4.6 (1M context) --------- Co-authored-by: Claude Sonnet 4.6 (1M context) --- .../tests/unit/runner/AuthenticatorTest.java | 40 +++++++++++-------- .../eclipse/runner/Authenticator.java | 4 +- 2 files changed, 25 insertions(+), 19 deletions(-) diff --git a/checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/unit/runner/AuthenticatorTest.java b/checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/unit/runner/AuthenticatorTest.java index 740e12a..3df473f 100644 --- a/checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/unit/runner/AuthenticatorTest.java +++ b/checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/unit/runner/AuthenticatorTest.java @@ -7,12 +7,14 @@ import org.junit.jupiter.api.Test; import org.mockito.MockedConstruction; +import org.mockito.MockedStatic; import org.mockito.Mockito; import org.slf4j.Logger; import com.checkmarx.ast.wrapper.CxException; import com.checkmarx.ast.wrapper.CxWrapper; import com.checkmarx.eclipse.runner.Authenticator; +import com.checkmarx.eclipse.utils.CxLogger; import com.checkmarx.eclipse.utils.PluginConstants; class AuthenticatorTest { @@ -24,14 +26,15 @@ void testDoAuthenticationSuccess() throws Exception { try (MockedConstruction mocked = Mockito.mockConstruction(CxWrapper.class, - (mock, context) -> when(mock.authValidate()).thenReturn("SUCCESS"))) { + (mock, context) -> when(mock.authValidate()).thenReturn("SUCCESS")); + MockedStatic mockedCxLogger = Mockito.mockStatic(CxLogger.class)) { Authenticator authenticator = new Authenticator(mockLogger); String result = authenticator.doAuthentication("dummyKey", "--param"); assertEquals("SUCCESS", result); - verify(mockLogger).info("Authentication Status: SUCCESS"); + mockedCxLogger.verify(() -> CxLogger.info(String.format(PluginConstants.INFO_AUTHENTICATION_STATUS, "SUCCESS"))); } } @@ -43,17 +46,18 @@ void testDoAuthenticationIOException() throws Exception { try (MockedConstruction mocked = Mockito.mockConstruction(CxWrapper.class, (mock, context) -> when(mock.authValidate()) - .thenThrow(new IOException("IO error")))) { + .thenThrow(new IOException("IO error"))); + MockedStatic mockedCxLogger = Mockito.mockStatic(CxLogger.class)) { Authenticator authenticator = new Authenticator(mockLogger); String result = authenticator.doAuthentication("dummyKey", "--param"); assertEquals("IO error", result); - verify(mockLogger).error( - eq(String.format(PluginConstants.ERROR_AUTHENTICATING_AST, "IO error")), - any(IOException.class) - ); + mockedCxLogger.verify(() -> CxLogger.error( + eq(String.format(PluginConstants.ERROR_AUTHENTICATING_AST, "IO error")), + any(IOException.class) + )); } } @@ -65,17 +69,18 @@ void testDoAuthenticationInterruptedException() throws Exception { try (MockedConstruction mocked = Mockito.mockConstruction(CxWrapper.class, (mock, context) -> when(mock.authValidate()) - .thenThrow(new InterruptedException("Interrupted")))) { + .thenThrow(new InterruptedException("Interrupted"))); + MockedStatic mockedCxLogger = Mockito.mockStatic(CxLogger.class)) { Authenticator authenticator = new Authenticator(mockLogger); String result = authenticator.doAuthentication("dummyKey", "--param"); assertEquals("Interrupted", result); - verify(mockLogger).error( - eq(String.format(PluginConstants.ERROR_AUTHENTICATING_AST, "Interrupted")), - any(InterruptedException.class) - ); + mockedCxLogger.verify(() -> CxLogger.error( + eq(String.format(PluginConstants.ERROR_AUTHENTICATING_AST, "Interrupted")), + any(InterruptedException.class) + )); } } @@ -87,17 +92,18 @@ void testDoAuthenticationCxException() throws Exception { try (MockedConstruction mocked = Mockito.mockConstruction(CxWrapper.class, (mock, context) -> when(mock.authValidate()) - .thenThrow(new CxException(1, "Cx error")))) { + .thenThrow(new CxException(1, "Cx error"))); + MockedStatic mockedCxLogger = Mockito.mockStatic(CxLogger.class)) { Authenticator authenticator = new Authenticator(mockLogger); String result = authenticator.doAuthentication("dummyKey", "--param"); assertEquals("Cx error", result); - verify(mockLogger).error( - eq(String.format(PluginConstants.ERROR_AUTHENTICATING_AST, "Cx error")), - any(CxException.class) - ); + mockedCxLogger.verify(() -> CxLogger.error( + eq(String.format(PluginConstants.ERROR_AUTHENTICATING_AST, "Cx error")), + any(CxException.class) + )); } } diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/runner/Authenticator.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/runner/Authenticator.java index 9484950..202baa9 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/runner/Authenticator.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/runner/Authenticator.java @@ -33,10 +33,10 @@ public String doAuthentication(String apiKey, String additionalParams) { try { CxWrapper wrapper = new CxWrapper(config, log); String cxValidateOutput = wrapper.authValidate(); - log.info(AUTH_STATUS + cxValidateOutput); + CxLogger.info(String.format(PluginConstants.INFO_AUTHENTICATION_STATUS, cxValidateOutput)); return cxValidateOutput; } catch (IOException | InterruptedException | CxException e) { - log.error(String.format(PluginConstants.ERROR_AUTHENTICATING_AST, e.getMessage()), e); + CxLogger.error(String.format(PluginConstants.ERROR_AUTHENTICATING_AST, e.getMessage()), e); return e.getMessage(); } } From 0260961ae7217622303a2e98f61d7b7f037060e6 Mon Sep 17 00:00:00 2001 From: Aniket Shinde Date: Mon, 20 Apr 2026 10:48:20 +0530 Subject: [PATCH 04/14] Fix: Clear detail panels on severity filter change (AST-136035) (#245) * Fix AST-136035: Clear detail panels on severity filter change; fix scan ID combo overflow - Hide resultViewComposite and attackVectorCompositePanel when filter changes so the description and attack vector windows no longer show stale content - Replace fixed widthHint=520 on scan ID combo with SWT.FILL/grabExcess layout so the combo is always visible without needing to maximize the window Co-Authored-By: Claude Sonnet 4.6 (1M context) * Fix AST-136035: Clear right panels only when displayed item's severity is filtered out Previously, toggling any severity filter always hid the description and attack vector panels. Now the panels are only cleared when the currently displayed item belongs to a severity that was just disabled. If the item's severity is still active, the panels stay visible. Co-Authored-By: Claude Sonnet 4.6 (1M context) * Fix AST-136035: Preserve tree expansion state when severity filter changes - Capture expanded elements before clearing the model so the snapshot is accurate when restoring after refresh - Pass expand=true for FILTER_CHANGED (keep GET_RESULTS at false) so previously expanded group nodes are restored after filtering instead of collapsing the entire tree Co-Authored-By: Claude Sonnet 4.6 (1M context) --------- Co-authored-by: Claude Sonnet 4.6 (1M context) --- .../checkmarx/eclipse/views/CheckmarxView.java | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java index 43c16a4..b28a751 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java @@ -160,6 +160,7 @@ public class CheckmarxView extends ViewPart implements EventHandler { private Text commentText; private DisplayModel rootModel; private String selectedSeverity, selectedState; + private DisplayModel currentlyDisplayedItem; private Button triageButton; private SelectionAdapter triageButtonAdapter, codeBashingAdapter; private Shell shell = PlatformUI.getWorkbench().getActiveWorkbenchWindow().getShell(); @@ -1082,8 +1083,7 @@ private void createScanIdComboBox(Composite parent) { scanIdComboViewer.setContentProvider(ArrayContentProvider.getInstance()); scanIdComboViewer.setInput(new ArrayList<>()); - GridData gridData = new GridData(); - gridData.widthHint = 520; + GridData gridData = new GridData(SWT.FILL, SWT.CENTER, true, false); scanIdComboViewer.getCombo().setLayoutData(gridData); scanIdComboViewer.getCombo().addListener(SWT.DefaultSelection, new Listener() { @@ -1386,6 +1386,7 @@ protected IStatus run(IProgressMonitor arg0) { if (selectedItem.getResult() != null && selectedItem.getResult().getSimilarityId() != null) { sync.asyncExec(() -> { + currentlyDisplayedItem = selectedItem; createTriageSeverityAndStateCombos(selectedItem); populateTriageChanges(selectedItem); resultViewComposite.setVisible(true); @@ -2473,6 +2474,8 @@ private Image findSeverityImage(DisplayModel model) { private void listener(PluginListenerDefinition definition) { switch (definition.getListenerType()) { case FILTER_CHANGED: + updateResultsTree(definition.getResutls(), true); + break; case GET_RESULTS: updateResultsTree(definition.getResutls(), false); break; @@ -2489,9 +2492,15 @@ private void listener(PluginListenerDefinition definition) { private void updateResultsTree(List results, boolean expand) { sync.asyncExec(() -> { + if (currentlyDisplayedItem == null + || currentlyDisplayedItem.getSeverity() == null + || !FilterState.isSeverityEnabled(currentlyDisplayedItem.getSeverity())) { + resultViewComposite.setVisible(false); + attackVectorCompositePanel.setVisible(false); + } + Object[] expanded = resultsTree.getExpandedElements(); rootModel.children.clear(); rootModel.children.addAll(results); - Object[] expanded = resultsTree.getExpandedElements(); resultsTree.refresh(); if (expand) { Set expandedDMNames = new HashSet<>(); From 72be7a1a6ad5e35b226a61244c889dc09f75f376 Mon Sep 17 00:00:00 2001 From: Aniket Shinde Date: Mon, 20 Apr 2026 10:48:41 +0530 Subject: [PATCH 05/14] Fix: Truncate long custom state names in filter menu (AST-137779) (#246) * Fix AST-137779: Truncate long custom state names in filter menu and triage combo Custom states with very long names caused the state filter dropdown menu to expand across the entire screen. Fix truncates display text to 50 chars (with trailing "...") in both the state filter MenuItem and the triage state ComboViewer LabelProvider. The full state name is still used internally for filtering and triage submission. Co-Authored-By: Claude Sonnet 4.6 (1M context) * Fix AST-137779: Guard against null getResults() in cxProjectMatchesWorkspaceProject Results.getResults() can return null when no results have been loaded yet (e.g. fresh IDE session before any scan is imported). The prior check only guarded against a null Results object, causing an NPE on the first click of the Start Scan button and preventing scans from running. Co-Authored-By: Claude Sonnet 4.6 (1M context) --------- Co-authored-by: Claude Sonnet 4.6 (1M context) --- .../src/com/checkmarx/eclipse/views/CheckmarxView.java | 7 +++++++ .../eclipse/views/actions/ActionFilterStatePreference.java | 6 +++++- .../checkmarx/eclipse/views/actions/ActionStartScan.java | 2 +- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java index b28a751..ec897c1 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java @@ -627,6 +627,13 @@ private void createResultViewPanel(Composite resultsComposite) { combo_1.setLayoutData(gd_combo_1); triageStateComboViewer = new ComboViewer(triageView, SWT.READ_ONLY); + triageStateComboViewer.setLabelProvider(new LabelProvider() { + @Override + public String getText(Object element) { + String s = element instanceof String ? (String) element : super.getText(element); + return s.length() > 50 ? s.substring(0, 47) + "..." : s; + } + }); Combo combo_2 = triageStateComboViewer.getCombo(); combo_2.setEnabled(true); combo_2.setData(PluginConstants.DATA_ID_KEY, PluginConstants.TRIAGE_STATE_COMBO_ID); diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionFilterStatePreference.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionFilterStatePreference.java index f67d689..ecc6bbc 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionFilterStatePreference.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionFilterStatePreference.java @@ -89,7 +89,7 @@ public Menu getMenu(final Control parent) { for (String customState : customStates) { MenuItem item = new MenuItem(menu, SWT.CHECK); - item.setText(customState); + item.setText(truncate(customState)); item.setSelection(FilterState.isCustomStateSelected(customState)); item.addSelectionListener(new SelectionAdapter() { @Override @@ -127,4 +127,8 @@ public void widgetSelected(SelectionEvent e) { public Menu getMenu(final Menu parent) { return null; } + + private static String truncate(String text) { + return text.length() > 50 ? text.substring(0, 47) + "..." : text; + } } \ No newline at end of file diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionStartScan.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionStartScan.java index 43a5cb9..972a5d6 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionStartScan.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionStartScan.java @@ -220,7 +220,7 @@ private String getCurrentGitBranch() { */ private boolean cxProjectMatchesWorkspaceProject() { Results results = DataProvider.getInstance().getCurrentResults(); - boolean noResultsInScan = results == null || results.getResults().isEmpty(); + boolean noResultsInScan = results == null || results.getResults() == null || results.getResults().isEmpty(); boolean noFilesInWorkspace = ResourcesPlugin.getWorkspace().getRoot().getProjects().length == 0; if (noResultsInScan || noFilesInWorkspace) { From d30b7f0fb1194548290a80f5abc6822ecf932131 Mon Sep 17 00:00:00 2001 From: Aniket Shinde Date: Thu, 14 May 2026 11:38:11 +0530 Subject: [PATCH 06/14] Toolyip custom state --- .claude/settings.local.json | 9 ++++ .../eclipse/views/CheckmarxView.java | 12 +++++ .../actions/ActionFilterStatePreference.java | 52 +++++++++++++++++++ 3 files changed, 73 insertions(+) create mode 100644 .claude/settings.local.json diff --git a/.claude/settings.local.json b/.claude/settings.local.json new file mode 100644 index 0000000..88a95af --- /dev/null +++ b/.claude/settings.local.json @@ -0,0 +1,9 @@ +{ + "permissions": { + "allow": [ + "Bash(git log *)", + "Bash(git pull *)", + "Bash(git stash *)" + ] + } +} diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java index ec897c1..6458798 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java @@ -41,6 +41,8 @@ import org.eclipse.swt.custom.CLabel; import org.eclipse.swt.custom.ScrolledComposite; import org.eclipse.swt.custom.StyledText; +import org.eclipse.swt.events.MouseEvent; +import org.eclipse.swt.events.MouseTrackAdapter; import org.eclipse.swt.events.SelectionAdapter; import org.eclipse.swt.events.SelectionEvent; import org.eclipse.swt.events.SelectionListener; @@ -640,6 +642,16 @@ public String getText(Object element) { GridData gd_combo_2 = new GridData(SWT.FILL, SWT.FILL, true, true, 1, 1); // gd_combo_2.widthHint = 180; combo_2.setLayoutData(gd_combo_2); + combo_2.addMouseTrackListener(new MouseTrackAdapter() { + @Override + public void mouseHover(MouseEvent e) { + IStructuredSelection sel = (IStructuredSelection) triageStateComboViewer.getSelection(); + if (!sel.isEmpty()) { + String fullName = (String) sel.getFirstElement(); + combo_2.setToolTipText(fullName.length() > 50 ? fullName : ""); + } + } + }); triageButton = new Button(triageView, SWT.FLAT | SWT.CENTER); triageButton.setData(PluginConstants.DATA_ID_KEY, PluginConstants.TRIAGE_BUTTON_ID); diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionFilterStatePreference.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionFilterStatePreference.java index ecc6bbc..4482e6f 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionFilterStatePreference.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/actions/ActionFilterStatePreference.java @@ -5,16 +5,21 @@ import org.eclipse.jface.action.Action; import org.eclipse.jface.action.IMenuCreator; import org.eclipse.swt.SWT; +import org.eclipse.swt.events.MenuAdapter; +import org.eclipse.swt.events.MenuEvent; import org.eclipse.swt.events.SelectionAdapter; import org.eclipse.swt.events.SelectionEvent; import org.eclipse.swt.events.SelectionListener; import org.eclipse.swt.graphics.Point; import org.eclipse.swt.graphics.Rectangle; import org.eclipse.swt.widgets.Control; +import org.eclipse.swt.widgets.Display; import org.eclipse.swt.widgets.Event; +import org.eclipse.swt.widgets.Listener; import org.eclipse.swt.widgets.Menu; import org.eclipse.swt.widgets.MenuItem; import org.eclipse.swt.widgets.ToolItem; +import org.eclipse.swt.widgets.ToolTip; import com.checkmarx.eclipse.Activator; import com.checkmarx.eclipse.enums.ActionName; @@ -27,6 +32,9 @@ class ActionFilterStatePreference extends Action implements IMenuCreator { private Menu menu; + private ToolTip activeTip; + private Listener armFilter; + private Runnable tipTimer; private static final String ACTION_FILTER_STATE_TOOLTIP = "State"; private static final String ACTION_FILTER_STATE_ICON_PATH = "/icons/filter_ps.png"; private EventBus pluginEventBus; @@ -75,6 +83,12 @@ public Menu getMenu(final Control parent) { menu.dispose(); } menu = new Menu(parent); + menu.addMenuListener(new MenuAdapter() { + @Override + public void menuHidden(MenuEvent e) { + disposeActiveTip(); + } + }); createMenuItem(menu, FILTER_CONFIRMED, FilterState.confirmed, State.CONFIRMED); createMenuItem(menu, FILTER_NOT_EXPLOITABLE, FilterState.notExploitable, State.NOT_EXPLOITABLE); createMenuItem(menu, FILTER_PROPOSED_NON_EXPLOITABLE, FilterState.proposedNotExploitable, @@ -91,6 +105,17 @@ public Menu getMenu(final Control parent) { MenuItem item = new MenuItem(menu, SWT.CHECK); item.setText(truncate(customState)); item.setSelection(FilterState.isCustomStateSelected(customState)); + if (customState.length() > 50) { + item.addArmListener(e -> { + disposeActiveTip(); + activeTip = new ToolTip(menu.getShell(), SWT.NONE); + activeTip.setMessage(customState); + Point loc = Display.getCurrent().getCursorLocation(); + activeTip.setLocation(loc.x + 16, loc.y + 16); + activeTip.setVisible(true); + installArmFilter(item); + }); + } item.addSelectionListener(new SelectionAdapter() { @Override public void widgetSelected(SelectionEvent e) { @@ -128,6 +153,33 @@ public Menu getMenu(final Menu parent) { return null; } + private void installArmFilter(MenuItem armedItem) { + Display d = Display.getCurrent(); + if (armFilter != null) { + d.removeFilter(SWT.Arm, armFilter); + } + armFilter = event -> { if (event.widget != armedItem) disposeActiveTip(); }; + d.addFilter(SWT.Arm, armFilter); + tipTimer = this::disposeActiveTip; + d.timerExec(1800, tipTimer); + } + + private void disposeActiveTip() { + Display d = Display.getCurrent(); + if (armFilter != null) { + d.removeFilter(SWT.Arm, armFilter); + armFilter = null; + } + if (tipTimer != null) { + d.timerExec(-1, tipTimer); + tipTimer = null; + } + if (activeTip != null && !activeTip.isDisposed()) { + activeTip.dispose(); + } + activeTip = null; + } + private static String truncate(String text) { return text.length() > 50 ? text.substring(0, 47) + "..." : text; } From b02350996e2a622afc97c682529e9922d954ab4a Mon Sep 17 00:00:00 2001 From: Aniket Shinde Date: Thu, 14 May 2026 15:10:15 +0530 Subject: [PATCH 07/14] Parity and project combobox --- .../eclipse/plugin/tests/ui/BaseUITest.java | 2 +- checkmarx-ast-eclipse-plugin/plugin.xml | 4 +++ .../eclipse/properties/PreferencesPage.java | 11 ++++++- .../eclipse/startup/PluginStartup.java | 31 +++++++++++++++++++ .../eclipse/utils/PluginConstants.java | 2 ++ .../eclipse/views/CheckmarxView.java | 22 +++++++++++-- .../checkmarx/eclipse/views/DataProvider.java | 20 ++++++++++-- .../eclipse/views/filters/FilterState.java | 8 ++--- 8 files changed, 90 insertions(+), 10 deletions(-) create mode 100644 checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/startup/PluginStartup.java diff --git a/checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/ui/BaseUITest.java b/checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/ui/BaseUITest.java index 2211c71..175febc 100644 --- a/checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/ui/BaseUITest.java +++ b/checkmarx-ast-eclipse-plugin-tests/src/test/java/checkmarx/ast/eclipse/plugin/tests/ui/BaseUITest.java @@ -26,7 +26,7 @@ public abstract class BaseUITest { - private static final String INFO_SUCCESSFUL_CONNECTION = "Successfully authenticated to Checkmarx One server!"; + private static final String INFO_SUCCESSFUL_CONNECTION = "You are connected to Checkmarx One"; protected static final String ASSERT_FILTER_ACTIONS_IN_TOOLBAR = "All filter actions must be in the tool bar"; diff --git a/checkmarx-ast-eclipse-plugin/plugin.xml b/checkmarx-ast-eclipse-plugin/plugin.xml index 362a4c3..e0f787b 100644 --- a/checkmarx-ast-eclipse-plugin/plugin.xml +++ b/checkmarx-ast-eclipse-plugin/plugin.xml @@ -39,4 +39,8 @@ + + + + diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/properties/PreferencesPage.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/properties/PreferencesPage.java index 49cb12d..3c5af09 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/properties/PreferencesPage.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/properties/PreferencesPage.java @@ -137,7 +137,7 @@ public void widgetSelected(SelectionEvent e) { return t.getMessage(); } }).thenAccept((result) -> Display.getDefault().syncExec(() -> { - connectionLabel.setText(result); + connectionLabel.setText(mapAuthResult(result)); getFieldEditorParent().layout(); connectionButton.setEnabled(true); })); @@ -145,6 +145,15 @@ public void widgetSelected(SelectionEvent e) { }); } + + + private static String mapAuthResult(String result) { + if (result != null && result.contains(PluginConstants.AUTH_SUCCESS_PATTERN)) { + return PluginConstants.AUTH_SUCCESS_DISPLAY; + } + return result; + } + private FieldEditor space() { return new LabelFieldEditor("", getFieldEditorParent()); } diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/startup/PluginStartup.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/startup/PluginStartup.java new file mode 100644 index 0000000..e520f99 --- /dev/null +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/startup/PluginStartup.java @@ -0,0 +1,31 @@ +package com.checkmarx.eclipse.startup; + +import org.eclipse.ui.IStartup; +import org.eclipse.ui.IWorkbenchPage; +import org.eclipse.ui.IWorkbenchWindow; +import org.eclipse.ui.PartInitException; +import org.eclipse.ui.PlatformUI; + +import com.checkmarx.eclipse.utils.CxLogger; + +public class PluginStartup implements IStartup { + + private static final String VIEW_ID = "com.checkmarx.eclipse.views.CheckmarxView"; + + @Override + public void earlyStartup() { + PlatformUI.getWorkbench().getDisplay().asyncExec(() -> { + try { + IWorkbenchWindow window = PlatformUI.getWorkbench().getActiveWorkbenchWindow(); + if (window != null) { + IWorkbenchPage page = window.getActivePage(); + if (page != null && page.findView(VIEW_ID) == null) { + page.showView(VIEW_ID); + } + } + } catch (PartInitException e) { + CxLogger.error("Failed to open Checkmarx One view on startup: " + e.getMessage(), e); + } + }); + } +} diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/utils/PluginConstants.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/utils/PluginConstants.java index ad48cd2..524b113 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/utils/PluginConstants.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/utils/PluginConstants.java @@ -49,6 +49,8 @@ public class PluginConstants { public static final String INFO_CHANGE_SCAN_EVENT_NOT_TRIGGERED = "Change scan id event not triggered. Request already running: %s. Scan id results already retrieved: %s"; public static final String INFO_CHANGE_BRANCH_EVENT_NOT_TRIGGERED = "Change branch event not triggered. Branch already selected"; public static final String INFO_CHANGE_PROJECT_EVENT_NOT_TRIGGERED = "Change project event not triggered. Project already selected"; + public static final String AUTH_SUCCESS_PATTERN = "Successfully authenticated"; + public static final String AUTH_SUCCESS_DISPLAY = "You are connected to Checkmarx One"; /******************************** TREE MESSAGES ********************************/ public static final String TREE_INVALID_SCAN_ID_FORMAT = "Invalid scan id format."; diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java index 43c16a4..8c2b11d 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java @@ -1264,13 +1264,31 @@ protected IStatus run(IProgressMonitor arg0) { List projectList = getProjects(); if (projectList.isEmpty()) return null; - String projectName = getProjectFromId(projectList, projectId); + + // Fetch the project directly by ID — the full list may not contain it (e.g. pagination limits) + Project fetchedProject = DataProvider.getInstance().getProjectById(projectId); + + // Determine project name: prefer the directly-fetched result, fall back to list lookup + String projectName = (fetchedProject != null) + ? fetchedProject.getName() + : getProjectFromId(projectList, projectId); + + // If the project was not already in the list, prepend it so it's visible in the dropdown + if (fetchedProject != null && projectList.stream().noneMatch(p -> p.getId().equals(projectId))) { + projectList = new ArrayList<>(projectList); + projectList.add(0, fetchedProject); + } + final List finalProjectList = projectList; + currentProjectId = projectId; GlobalSettings.storeInPreferences(GlobalSettings.PARAM_PROJECT_ID, currentProjectId); sync.asyncExec(() -> { - projectComboViewer.setInput(projectList); + currentProjects = finalProjectList; + storeCurrentProjects = finalProjectList; + projectComboViewer.setInput(finalProjectList); PluginUtils.setTextForComboViewer(projectComboViewer, projectName); + PluginUtils.enableComboViewer(projectComboViewer, true); setSelectionForBranchComboViewer(scan.getBranch(), projectId); setSelectionForScanIdComboViewer(scan.getId(), scan.getBranch()); updateStartScanButton(true); diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/DataProvider.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/DataProvider.java index d022932..efe9f5e 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/DataProvider.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/DataProvider.java @@ -112,11 +112,27 @@ public List getProjects() throws Exception { return projectList; } + /** + * Fetch a single project directly by its ID using the project show command. + * Returns null if the project cannot be retrieved. + */ + public Project getProjectById(String projectId) { + try { + CxWrapper cxWrapper = getWrapper(); + if (cxWrapper != null && projectId != null && !projectId.isEmpty()) { + return cxWrapper.projectShow(UUID.fromString(projectId)); + } + } catch (Exception e) { + CxLogger.error(String.format(PluginConstants.ERROR_GETTING_PROJECTS, e.getMessage()), e); + } + return null; + } + /** * Get One projects filtered by name - * + * * @return - * @throws Exception + * @throws Exception */ public List getProjects(String projectName) throws Exception { List projectList = new ArrayList(); diff --git a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/filters/FilterState.java b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/filters/FilterState.java index a3c41d0..e595711 100644 --- a/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/filters/FilterState.java +++ b/checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/filters/FilterState.java @@ -15,8 +15,8 @@ public class FilterState { public static boolean critical = true; public static boolean high = true; public static boolean medium = true; - public static boolean low = false; - public static boolean info = false; + public static boolean low = true; + public static boolean info = true; public static boolean groupBySeverity = true; public static boolean groupByQueryName = false; public static boolean groupByStateName = false; @@ -42,8 +42,8 @@ public static void loadFiltersFromSettings() { critical = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.CRITICAL.name(), "true")); high = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.HIGH.name(), "true")); medium = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.MEDIUM.name(), "true")); - low = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.LOW.name(), "false")); - info = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.INFO.name(), "false")); + low = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.LOW.name(), "true")); + info = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.INFO.name(), "true")); groupBySeverity = Boolean .parseBoolean(GlobalSettings.getFromPreferences(Severity.GROUP_BY_SEVERITY.name(), "true")); groupByQueryName = Boolean From 992bf4156a01c9b58c6eadc8432c3d7d807516aa Mon Sep 17 00:00:00 2001 From: Noam Brendel <139764378+cx-noam-brendel@users.noreply.github.com> Date: Mon, 27 Apr 2026 12:18:25 +0300 Subject: [PATCH 08/14] CISO-920: remove broken Teams notify job (secret CXONE_SCAN_WEBHOOK_URL not set) (#250) The notify job references secrets.CXONE_SCAN_WEBHOOK_URL which does not exist in this repo or at org level, causing the step to fail silently. Ref: https://checkmarx.atlassian.net/browse/CISO-920 Ref: https://checkmarx.atlassian.net/browse/CISO-815 --- .github/workflows/ast-scan.yml | 18 +----------------- 1 file changed, 1 insertion(+), 17 deletions(-) diff --git a/.github/workflows/ast-scan.yml b/.github/workflows/ast-scan.yml index 7baed0d..8efc927 100644 --- a/.github/workflows/ast-scan.yml +++ b/.github/workflows/ast-scan.yml @@ -21,20 +21,4 @@ jobs: cx_tenant: ${{ secrets.AST_RND_SCANS_TENANT }} cx_client_id: ${{ secrets.AST_RND_SCANS_CLIENT_ID }} cx_client_secret: ${{ secrets.AST_RND_SCANS_CLIENT_SECRET }} - additional_params: --tags phoenix --file-filter !checkmarx-ast-eclipse-plugin-tests/ --threshold "sast-critical=1;sast-high=1;sast-medium=1;sast-low=1;iac-security-critical=1;iac-security-high=1;iac-security-medium=1;iac-security-low=1;sca-critical=1;sca-high=1;sca-medium=1;sca-low=1" - - - notify: - needs: cx-scan - uses: Checkmarx/plugins-release-workflow/.github/workflows/cxone-scan-teams-notify.yml@38cf7ab29e5021bb817ac38bdae3ac0fb210608c - if: always() - with: - cx_result: ${{ needs.cx-scan.result }} - repository: ${{ github.repository }} - ref_name: ${{ github.ref_name }} - actor: ${{ github.actor }} - event_name: ${{ github.event_name }} - run_id: ${{ github.run_id }} - server_url: ${{ github.server_url }} - secrets: - teams_webhook_url: ${{ secrets.CXONE_SCAN_WEBHOOK_URL }} + additional_params: --tags phoenix --file-filter !checkmarx-ast-eclipse-plugin-tests/ --threshold "sast-critical=1;sast-high=1;sast-medium=1;sast-low=1;iac-security-critical=1;iac-security-high=1;iac-security-medium=1;iac-security-low=1;sca-critical=1;sca-high=1;sca-medium=1;sca-low=1" From 885d96aa61499dbb687a02472da67618d8c6b42b Mon Sep 17 00:00:00 2001 From: "stepsecurity-app[bot]" <188008098+stepsecurity-app[bot]@users.noreply.github.com> Date: Fri, 22 May 2026 12:41:11 -0400 Subject: [PATCH 09/14] [StepSecurity] Apply security best practices (#251) Signed-off-by: StepSecurity Bot Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com> --- .github/workflows/ast-scan.yml | 2 +- .github/workflows/auto-merge.yml | 2 +- .github/workflows/ci.yml | 30 +++++++++++------------ .github/workflows/delete-dev-releases.yml | 2 +- .github/workflows/manual-tag.yml | 9 +++++-- .github/workflows/nightly.yml | 2 +- .github/workflows/pr-label.yml | 2 +- .github/workflows/release.yml | 6 ++--- .github/workflows/update-cli.yml | 7 ++++-- 9 files changed, 35 insertions(+), 27 deletions(-) diff --git a/.github/workflows/ast-scan.yml b/.github/workflows/ast-scan.yml index 8efc927..22bd5da 100644 --- a/.github/workflows/ast-scan.yml +++ b/.github/workflows/ast-scan.yml @@ -10,7 +10,7 @@ on: jobs: cx-scan: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 steps: - name: Checkout uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml index 365aa5c..2d6b01e 100644 --- a/.github/workflows/auto-merge.yml +++ b/.github/workflows/auto-merge.yml @@ -6,7 +6,7 @@ permissions: jobs: dependabot-merge: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 if: contains(github.head_ref, 'other/update_java_wrapper') steps: - name: Enable auto-merge for Dependabot PRs diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ed289f2..164d587 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,18 +7,18 @@ on: jobs: ui-tests: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 steps: - - uses: actions/checkout@v3.5.2 + - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: lfs: true - name: Checkout LFS objects run: git lfs checkout - - uses: actions/setup-java@v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0 with: distribution: temurin java-version: 17 - - uses: actions/cache@v3 + - uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3.5.0 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} @@ -34,7 +34,7 @@ jobs: Xvfb -ac :99 -screen 0 1920x1080x16 & mvn verify -Dtest.includes="**/ui/*.java" - name: Upload Coverage Report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: jacoco-coverage-report-ui path: checkmarx-ast-eclipse-plugin-tests/target/site/jacoco-aggregate @@ -44,18 +44,18 @@ jobs: jacoco-csv-file: checkmarx-ast-eclipse-plugin-tests/target/site/jacoco-aggregate/jacoco.csv generate-summary: true integration-tests: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 steps: - - uses: actions/checkout@v3.5.2 + - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: lfs: true - name: Checkout LFS objects run: git lfs checkout - - uses: actions/setup-java@v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0 with: distribution: temurin java-version: 17 - - uses: actions/cache@v3 + - uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3.5.0 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} @@ -71,7 +71,7 @@ jobs: Xvfb -ac :99 -screen 0 1920x1080x16 & mvn verify -Dtest.includes="**/integration/*Test.java" - name: Upload Coverage Report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: jacoco-coverage-report-integration path: checkmarx-ast-eclipse-plugin-tests/target/site/jacoco-aggregate @@ -81,18 +81,18 @@ jobs: jacoco-csv-file: checkmarx-ast-eclipse-plugin-tests/target/site/jacoco-aggregate/jacoco.csv generate-summary: true unit-tests: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 steps: - - uses: actions/checkout@v3.5.2 + - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: lfs: true - name: Checkout LFS objects run: git lfs checkout - - uses: actions/setup-java@v4 + - uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0 with: distribution: temurin java-version: 17 - - uses: actions/cache@v3 + - uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3.5.0 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} @@ -108,7 +108,7 @@ jobs: Xvfb -ac :99 -screen 0 1920x1080x16 & mvn clean verify -Dtest.includes="**/unit/**/*Test.java" - name: Upload Coverage Report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: jacoco-coverage-report-unit path: checkmarx-ast-eclipse-plugin-tests/target/site/jacoco-aggregate diff --git a/.github/workflows/delete-dev-releases.yml b/.github/workflows/delete-dev-releases.yml index 77d64f7..d64be7a 100644 --- a/.github/workflows/delete-dev-releases.yml +++ b/.github/workflows/delete-dev-releases.yml @@ -20,7 +20,7 @@ permissions: jobs: delete: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 steps: - name: Delete releases and tags diff --git a/.github/workflows/manual-tag.yml b/.github/workflows/manual-tag.yml index cd27756..fb08413 100644 --- a/.github/workflows/manual-tag.yml +++ b/.github/workflows/manual-tag.yml @@ -7,12 +7,17 @@ on: description: 'Next release tag' required: true +permissions: + contents: read + jobs: tag-creation: - runs-on: ubuntu-latest + permissions: + contents: write # for Git to git push + runs-on: cx-public-ubuntu-x64 steps: - name: Checkout - uses: actions/checkout@v3.5.2 + uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2 with: token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - name: Tag diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 4335898..78956ca 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -7,7 +7,7 @@ on: jobs: set_tag: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 outputs: tag_name: ${{ steps.tagname.outputs.tag_name }} steps: diff --git a/.github/workflows/pr-label.yml b/.github/workflows/pr-label.yml index 188fa9c..6c09bd3 100644 --- a/.github/workflows/pr-label.yml +++ b/.github/workflows/pr-label.yml @@ -10,7 +10,7 @@ jobs: pr-labeler: permissions: pull-requests: write # for TimonVS/pr-labeler-action to add labels in PR - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 steps: - uses: TimonVS/pr-labeler-action@8b99f404a073744885d8021d1de4e40c6eaf38e2 # v4 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 07a13d3..c97bd1b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -38,7 +38,7 @@ jobs: secrets: inherit if: inputs.rbranch release: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 outputs: TAG_NAME: ${{ steps.generate_tag_name.outputs.TAG_NAME }} CLI_VERSION: ${{ steps.set_outputs.outputs.CLI_VERSION }} @@ -75,13 +75,13 @@ jobs: echo "TAG_NAME=$GH_RELEASE_TAG_NAME" >> $GITHUB_OUTPUT - name: Set up JDK 17 - uses: actions/setup-java@v4 + uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0 with: distribution: temurin java-version: 17 - name: Cache local Maven repository - uses: actions/cache@v3 + uses: actions/cache@6f8efc29b200d32929f49075959781ed54ec270c # v3.5.0 with: path: ~/.m2/repository key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml index 15bf280..367fc93 100644 --- a/.github/workflows/update-cli.yml +++ b/.github/workflows/update-cli.yml @@ -4,11 +4,14 @@ on: repository_dispatch: types: [java-wrapper-version-update] +permissions: + contents: read + jobs: update-checkmarx-cli: - runs-on: ubuntu-latest + runs-on: cx-public-ubuntu-x64 steps: - - uses: actions/checkout@v4.1.7 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: lfs: true From 2f1d99899f2d5781acc5ea06e87c7866a4bc80a9 Mon Sep 17 00:00:00 2001 From: "stepsecurity-app[bot]" <188008098+stepsecurity-app[bot]@users.noreply.github.com> Date: Fri, 29 May 2026 21:12:18 -0400 Subject: [PATCH 10/14] [StepSecurity] Apply security best practices (#252) Signed-off-by: StepSecurity Bot Co-authored-by: stepsecurity-app[bot] <188008098+stepsecurity-app[bot]@users.noreply.github.com> --- .github/workflows/auto-merge.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/update-cli.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml index 2d6b01e..9347843 100644 --- a/.github/workflows/auto-merge.yml +++ b/.github/workflows/auto-merge.yml @@ -15,6 +15,6 @@ jobs: GITHUB_TOKEN: ${{secrets.PERSONAL_ACCESS_TOKEN }} run: gh pr merge --auto --squash "$PR_URL" - name: Auto approve dependabot PRs - uses: hmarr/auto-approve-action@f0939ea97e9205ef24d872e76833fa908a770363 #v4 + uses: step-security/auto-approve-action@0c28339628c8e79ab2f6813291e7e6cd584b4d30 # v4.0.0 with: github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c97bd1b..3056146 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -106,7 +106,7 @@ jobs: echo "::set-output name=CLI_VERSION::${{ env.CLI_VERSION }}" - name: Release - uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1 + uses: step-security/action-gh-release@277bfa82abcfdb73e5bbb19e213fd76532ee2be5 # v3.0.0 with: tag_name: ${{ env.GH_RELEASE_TAG_NAME }} generate_release_notes: true diff --git a/.github/workflows/update-cli.yml b/.github/workflows/update-cli.yml index 367fc93..0bc3247 100644 --- a/.github/workflows/update-cli.yml +++ b/.github/workflows/update-cli.yml @@ -76,7 +76,7 @@ jobs: - name: Create Pull Request if: steps.ast-cli-java-wrapper.outputs.current_tag != steps.ast-cli-java-wrapper.outputs.release_tag - uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c #v6.1.0 + uses: step-security/create-pull-request@50c103da2b9ca12cd5bc013fc6931051a5aa872b # v8.1.1 with: token: ${{ secrets.AUTOMATION_TOKEN }} commit-message: Update ast-cli-java-wrapper to ${{ steps.ast-cli-java-wrapper.outputs.release_tag }} From 33b6352227b25a50a44ddb0ba90f882875f3b663 Mon Sep 17 00:00:00 2001 From: Alon Rosenhek <80337069+cx-alon-rosenhek@users.noreply.github.com> Date: Tue, 16 Jun 2026 20:30:13 +0300 Subject: [PATCH 11/14] remove dependabot (#254) --- .github/workflows/auto-merge.yml | 20 -------------------- 1 file changed, 20 deletions(-) delete mode 100644 .github/workflows/auto-merge.yml diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml deleted file mode 100644 index 9347843..0000000 --- a/.github/workflows/auto-merge.yml +++ /dev/null @@ -1,20 +0,0 @@ -name: Post-Check Actions -on: [pull_request] - -permissions: - contents: write - -jobs: - dependabot-merge: - runs-on: cx-public-ubuntu-x64 - if: contains(github.head_ref, 'other/update_java_wrapper') - steps: - - name: Enable auto-merge for Dependabot PRs - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.PERSONAL_ACCESS_TOKEN }} - run: gh pr merge --auto --squash "$PR_URL" - - name: Auto approve dependabot PRs - uses: step-security/auto-approve-action@0c28339628c8e79ab2f6813291e7e6cd584b4d30 # v4.0.0 - with: - github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} From b1fe437692f258190c20716efc3c3aa5b32f42b1 Mon Sep 17 00:00:00 2001 From: Nisan Ben Abu Date: Wed, 24 Jun 2026 19:21:01 +0300 Subject: [PATCH 12/14] rerun From f0fe389b5712ee2271bb78d8f00a89ca20c3d3b6 Mon Sep 17 00:00:00 2001 From: atishj99 Date: Thu, 25 Jun 2026 11:50:18 +0530 Subject: [PATCH 13/14] Bumped java wrapper version --- .claude/settings.local.json | 9 --------- ast-cli-java-wrapper.version | 2 +- checkmarx-ast-eclipse-plugin/.classpath | 2 +- checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF | 2 +- checkmarx-ast-eclipse-plugin/build.properties | 2 +- checkmarx-ast-eclipse-plugin/lib/.gitattributes | 14 ++++++++++++++ .../lib/ast-cli-java-wrapper-2.4.23.jar | 3 --- 7 files changed, 18 insertions(+), 16 deletions(-) delete mode 100644 .claude/settings.local.json delete mode 100644 checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.23.jar diff --git a/.claude/settings.local.json b/.claude/settings.local.json deleted file mode 100644 index 88a95af..0000000 --- a/.claude/settings.local.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "permissions": { - "allow": [ - "Bash(git log *)", - "Bash(git pull *)", - "Bash(git stash *)" - ] - } -} diff --git a/ast-cli-java-wrapper.version b/ast-cli-java-wrapper.version index 88b796b..0cb980f 100644 --- a/ast-cli-java-wrapper.version +++ b/ast-cli-java-wrapper.version @@ -1 +1 @@ -2.4.23 +2.4.24 diff --git a/checkmarx-ast-eclipse-plugin/.classpath b/checkmarx-ast-eclipse-plugin/.classpath index 11e9156..13cfdfc 100644 --- a/checkmarx-ast-eclipse-plugin/.classpath +++ b/checkmarx-ast-eclipse-plugin/.classpath @@ -12,7 +12,7 @@ - + diff --git a/checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF b/checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF index 5cfffce..d19780e 100644 --- a/checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF +++ b/checkmarx-ast-eclipse-plugin/META-INF/MANIFEST.MF @@ -30,6 +30,6 @@ Bundle-ClassPath: ., lib/jackson-core-2.21.1.jar, lib/jackson-databind-2.21.1.jar, lib/commons-lang3-3.18.0.jar, - lib/ast-cli-java-wrapper-2.4.23.jar, + lib/ast-cli-java-wrapper-2.4.24.jar, lib/org.eclipse.mylyn.commons.ui_4.9.0.v20251121-0615.jar, lib/org-eclipse-mylyn-commons-core.jar diff --git a/checkmarx-ast-eclipse-plugin/build.properties b/checkmarx-ast-eclipse-plugin/build.properties index d8501be..680259c 100644 --- a/checkmarx-ast-eclipse-plugin/build.properties +++ b/checkmarx-ast-eclipse-plugin/build.properties @@ -8,7 +8,7 @@ bin.includes = plugin.xml,\ lib/jackson-annotations-2.21.jar,\ lib/jackson-core-2.21.1.jar,\ lib/commons-lang3-3.18.0.jar,\ - lib/ast-cli-java-wrapper-2.4.23.jar,\ + lib/ast-cli-java-wrapper-2.4.24.jar,\ lib/org.eclipse.mylyn.commons.ui_4.9.0.v20251121-0615.jar,\ lib/jackson-databind-2.21.1.jar,\ .,\ diff --git a/checkmarx-ast-eclipse-plugin/lib/.gitattributes b/checkmarx-ast-eclipse-plugin/lib/.gitattributes index 34a1268..b9b6fd8 100644 --- a/checkmarx-ast-eclipse-plugin/lib/.gitattributes +++ b/checkmarx-ast-eclipse-plugin/lib/.gitattributes @@ -1 +1,15 @@ checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.1.8.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.0.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.1.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.2.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.3.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.4.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.9.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.14-oss.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.15.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.16-dev.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.18.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.20.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.21.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.23.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.24.jar filter=lfs diff=lfs merge=lfs -text diff --git a/checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.23.jar b/checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.23.jar deleted file mode 100644 index 7097bf5..0000000 --- a/checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.23.jar +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:dcb4f3c947c76a2499e99e0550623e05a7773ab614eb6793432f7ffb9638c787 -size 135802454 From 6581d2f1bcf962280560e58d51cd4250f74b95fb Mon Sep 17 00:00:00 2001 From: atishj99 Date: Wed, 24 Jun 2026 17:53:36 +0530 Subject: [PATCH 14/14] bump java wrapper version to 2.4.24 --- .gitattributes | 1 + .../lib/ast-cli-java-wrapper-2.4.24.jar | 3 +++ 2 files changed, 4 insertions(+) create mode 100644 checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.24.jar diff --git a/.gitattributes b/.gitattributes index 433866f..b9b6fd8 100644 --- a/.gitattributes +++ b/.gitattributes @@ -12,3 +12,4 @@ checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.18.jar filter=lfs diff checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.20.jar filter=lfs diff=lfs merge=lfs -text checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.21.jar filter=lfs diff=lfs merge=lfs -text checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.23.jar filter=lfs diff=lfs merge=lfs -text +checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.24.jar filter=lfs diff=lfs merge=lfs -text diff --git a/checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.24.jar b/checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.24.jar new file mode 100644 index 0000000..b4e1e93 --- /dev/null +++ b/checkmarx-ast-eclipse-plugin/lib/ast-cli-java-wrapper-2.4.24.jar @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e664771fd767accd5bd47057c5a6d4cc86d292c93191200d061ded6e3e527bdf +size 135732567