feat: add line content to 2ms results (#249)

To analyse the entire value of the line where the secret was detected, 2ms now takes the `Line` information from gitleaks. **Checklist** - [x] I covered my changes with tests. - [ ] I Updated the documentation that is affected by my changes: - [ ] Change in the CLI arguments - [ ] Change in the configuration file
Checkmarx · Oct 3, 2024 · 3ad660a · 3ad660a
1 parent cb8048a
commit 3ad660a
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 7 deletions.
diff --git a/engine/engine.go b/engine/engine.go
@@ -98,6 +98,7 @@ func (e *Engine) Detect(item plugins.ISourceItem, secretsChannel chan *secrets.S
 			EndLine:     endLine,
 			EndColumn:   value.EndColumn,
 			Value:       value.Secret,
+			LineContent: value.Line,
 		}
 		if !isSecretIgnored(secret, &e.ignoredIds, &e.allowedValues) {
 			secretsChannel <- secret

diff --git a/engine/engine_test.go b/engine/engine_test.go
@@ -2,6 +2,7 @@ package engine
 
 import (
 	"fmt"
+	"github.com/stretchr/testify/assert"
 	"sync"
 	"testing"
 
@@ -159,11 +160,10 @@ func TestSecrets(t *testing.T) {
 
 			s := <-secretsChan
 
-			if s == nil && secret.ShouldFind {
-				t.Errorf("secret \"%s\" not found", secret.Name)
-			}
-			if s != nil && !secret.ShouldFind {
-				t.Errorf("should not find")
+			if secret.ShouldFind {
+				assert.Equal(t, s.LineContent, secret.Content)
+			} else {
+				assert.Nil(t, s)
 			}
 		})
 	}

diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go
@@ -3,9 +3,9 @@ package reporting
 import (
 	"encoding/json"
 	"fmt"
-
 	"github.com/checkmarx/2ms/lib/config"
 	"github.com/checkmarx/2ms/lib/secrets"
+	"strings"
 )
 
 func writeSarif(report Report, cfg *config.Config) (string, error) {
@@ -92,6 +92,9 @@ func getLocation(secret *secrets.Secret) []Locations {
 					EndColumn:   secret.EndColumn,
 					Snippet: Snippet{
 						Text: secret.Value,
+						Properties: Properties{
+							"lineContent": strings.TrimSpace(secret.LineContent),
+						},
 					},
 				},
 			},
@@ -134,7 +137,8 @@ type Region struct {
 }
 
 type Snippet struct {
-	Text string `json:"text"`
+	Text       string     `json:"text"`
+	Properties Properties `json:"properties,omitempty"`
 }
 
 type PhysicalLocation struct {

diff --git a/lib/secrets/secret.go b/lib/secrets/secret.go
@@ -38,6 +38,7 @@ type Secret struct {
 	RuleID           string                 `json:"ruleId"`
 	StartLine        int                    `json:"startLine"`
 	EndLine          int                    `json:"endLine"`
+	LineContent      string                 `json:"lineContent"`
 	StartColumn      int                    `json:"startColumn"`
 	EndColumn        int                    `json:"endColumn"`
 	Value            string                 `json:"value"`