[pull] main from snyk:main #188
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![pull[bot]](https://avatars.githubusercontent.com/in/12910?s=60&v=4){kind=small}
* chore: read OSS settings for LS initialisation options * feat: Language Server based OSS tree view (#386) * feat: add new OSS (LS) panel in Snyk UI * feat: configure new views and activation events for LS OSS treeview * feat: Derive Vulnerability Count from LS results [HEAD-942] (#388) * feat: enable LS based Vulnerability Count Service * chore: remove dependency to old OSSService * chore: cleanup redundant files [HEAD-1020] (#390) * fix: show most severe vulnerability action is displayed (#402) --------- Signed-off-by: Bastian Doetsch <[email protected]> Co-authored-by: Peter Schäfer <[email protected]> Co-authored-by: Bastian Doetsch <[email protected]>
* fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6032459 * chore: fix misspelling * chore: update imports order due to lint * fix: set `Authorization` instead of overriding headers This change ensures compatibility with Axios 1.x's AxiosRequestHeaders type and resolves TypeScript type mismatch issues. --------- Co-authored-by: snyk-bot <[email protected]> Co-authored-by: Catalina Oyaneder <[email protected]>
* fix: package.json & package-lock.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116 * chore: remove unused import * fix: replace `glob.sync` with `globSync` from glog upgrade version * fix: use async/await with glob for file resolution in integration tests Refactored the test runner to handle promises returned by glob using async/await. Previously, the glob function's callback pattern was used, which did not properly handle the promises. * chore: upgrade glob types --------- Co-authored-by: snyk-bot <[email protected]> Co-authored-by: Catalina Oyaneder <[email protected]>
Snyk has created this PR to upgrade rxjs from 7.5.5 to 7.8.1. See this package in npm: https://www.npmjs.com/package/rxjs See this project in Snyk: https://app.snyk.io/org/yaronomer/project/7dd93246-213b-408f-8672-0ee1dcbc5680?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]>
) Snyk has created this PR to upgrade @amplitude/experiment-node-server from 1.3.0 to 1.7.8. See this package in npm: https://www.npmjs.com/package/@amplitude/experiment-node-server See this project in Snyk: https://app.snyk.io/org/yaronomer/project/7dd93246-213b-408f-8672-0ee1dcbc5680?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]>
Snyk has created this PR to upgrade glob from 9.0.0 to 9.3.5. See this package in npm: https://www.npmjs.com/package/glob See this project in Snyk: https://app.snyk.io/org/yaronomer/project/7dd93246-213b-408f-8672-0ee1dcbc5680?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]>
Snyk has created this PR to upgrade @snyk/code-client from 4.12.4 to 4.23.2. See this package in npm: https://www.npmjs.com/package/@snyk/code-client See this project in Snyk: https://app.snyk.io/org/yaronomer/project/7dd93246-213b-408f-8672-0ee1dcbc5680?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]>
Signed-off-by: Bastian Doetsch <[email protected]> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
* feat: add detail section to code webview * feat: add collapsible section for suggestion details - Added a 'Read more' button to toggle the display of full suggestion details. * chore: add CHANGELOG * chore: remove extra space between text and button * fix: prevent multiple event listener bindings on the 'Read more' button * fix: move call to `showSuggestionDetails` for correct execution flow
…416) Previously, the encoding was done inline using `map`, which could lead to confusion due to the side effect of mutating the `lines` objects within `exampleCommitFixes`. Since `map` should ideally be used to create a new array without side effects, this was not the advised use of the method.
* fix: upgrade axios from 1.6.0 to 1.6.2 Snyk has created this PR to upgrade axios from 1.6.0 to 1.6.2. See this package in npm: https://www.npmjs.com/package/axios See this project in Snyk: https://app.snyk.io/org/yaronomer/project/7dd93246-213b-408f-8672-0ee1dcbc5680?utm_source=github&utm_medium=referral&page=upgrade-pr * fix: upgrade vscode-languageserver-textdocument from 1.0.8 to 1.0.10 Snyk has created this PR to upgrade vscode-languageserver-textdocument from 1.0.8 to 1.0.10. See this package in npm: https://www.npmjs.com/package/vscode-languageserver-textdocument See this project in Snyk: https://app.snyk.io/org/yaronomer/project/7dd93246-213b-408f-8672-0ee1dcbc5680?utm_source=github&utm_medium=referral&page=upgrade-pr * fix: upgrade string-argv from 0.3.1 to 0.3.2 Snyk has created this PR to upgrade string-argv from 0.3.1 to 0.3.2. See this package in npm: https://www.npmjs.com/package/string-argv See this project in Snyk: https://app.snyk.io/org/yaronomer/project/7dd93246-213b-408f-8672-0ee1dcbc5680?utm_source=github&utm_medium=referral&page=upgrade-pr --------- Co-authored-by: snyk-bot <[email protected]>
* fix(suggestion-details): correct visibility toggling of details section - Resolved an issue where the suggestion details section in the webview was not properly toggling visibility. - Replaced the previous inline styling method with a CSS class. * fix: cache elements references to minimize repetitive DOM queries * chore: add CHANGELOG Snyk Code webview fixes
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-AXIOS-6124857 Co-authored-by: snyk-bot <[email protected]>
Co-authored-by: acke <[email protected]>
* feat: display Priority Score in Snyk Code suggestions Priority Score is rendered dynamically within the issue details. Co-authored-by: Jason Luong <[email protected]> * refactor: encapsulate metadata rendering logic in a separate function `showSuggestionMeta` handles the dynamic generation of issue type, CWE links, issue position, and priority score. * refactor: reduce DOM queries by caching elements in an object * refactor: improve type safety when getting current severity Updated `severity` property in the `Suggestion` from a generic `string` to a specific union type: `'Low' | 'Medium' | 'High'`. This ensures that severity can only be one of these three explicit values. * refactor: handle severity icon visibility in a dedicated function The `toggleSeverityIcons` function updates the visibility of severity icons based on the `currentSeverity`. If `currentSeverity` is undefined, all icons are hidden. * refactor: remove redundant query when clearing description element * refactor: rename DOM element variables for clarity in `showCurrentSuggestion` This change aims to make clear that these variables are references to DOM elements, not values or other types of objects. * refactor: use `classList` for conditional class manipulation This change aims to avoid overwriting existing classes list by directly manipulating `className`. * fix: remove extra divider in Configuration Issue panel * fix: update styling for high contrast theme in VSCode - Adjusted colors for 'added' and 'removed' elements to improve visibility in high contrast mode. - Ensured consistent background color for 'code' elements within 'added' and 'removed' sections. This commit addresses visual issues in the high contrast theme of VSCode. --------- Co-authored-by: Jason Luong <[email protected]>
Ensure `htmlEncoder` function only encodes each line once, preventing double encoding on subsequent function calls.
* refactor: pass in configuration as an argument * fix: check analytics permitted in enqueueEvent * fix: add userId argument to identify function * fix: check analytics permitted in identify * refactor: move check in a function * chore: update CHANGELOG
…431) * Fix links to incorrect Visual Studio product * chore: add CHANGELOG fix link in README --------- Co-authored-by: Chris Campbell <[email protected]>
* chore: change codeowner to ide * chore: update catalog-info * chore: simplify codeownership
* fix: address vulnerabilities * chore: update .gitignore
* fix: release workflows [IDE-155] * docs: update changelog
) Snyk has created this PR to upgrade @amplitude/experiment-node-server from 1.7.8 to 1.8.2. See this package in npm: https://www.npmjs.com/package/@amplitude/experiment-node-server See this project in Snyk: https://app.snyk.io/org/snyk-apprisk-essentials-closed-beta-demo-group/project/cfb68d70-f797-476d-81cb-ddb104c2c103?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]>
Snyk has created this PR to upgrade marked from 11.1.0 to 11.1.1. See this package in npm: https://www.npmjs.com/package/marked See this project in Snyk: https://app.snyk.io/org/yaronomer/project/7dd93246-213b-408f-8672-0ee1dcbc5680?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]>
Snyk has created this PR to upgrade marked from 11.1.1 to 11.2.0. See this package in npm: https://www.npmjs.com/package/marked See this project in Snyk: https://app.snyk.io/org/snyk-apprisk-essentials-closed-beta-demo-group/project/cfb68d70-f797-476d-81cb-ddb104c2c103?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]>
Snyk has created this PR to upgrade @snyk/code-client from 4.23.2 to 4.23.5. See this package in npm: https://www.npmjs.com/package/@snyk/code-client See this project in Snyk: https://app.snyk.io/org/snyk-apprisk-essentials-closed-beta-demo-group/project/cfb68d70-f797-476d-81cb-ddb104c2c103?utm_source=github&utm_medium=referral&page=upgrade-pr Co-authored-by: snyk-bot <[email protected]>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Arvyd Paeglit <[email protected]>
#546) * fix: update styles to play better together with ls protocol version 16 * fix: stylings across products * fix: use code security panel for quality --------- Co-authored-by: Abdelrahman Shawki Hassan <[email protected]>
* fix: oss font size * chore: update CHANGELOG
* feat: Automated Snyk region configuration * fix: fix lint error * fix: failing unit test * fix: added unit test checks for endpoint * fix: check for empty Url * fix: update changelog
* fix: update download endpoint to downloads.snyk.io * chore: update CHANGELOG
* fix: send correct fixId for AI Fix suggestion * chore: update changelog with latest fix
* fix: hide AI fix div if no fixes * chore: update CHANGELOG
Co-authored-by: [email protected]> Co-authored-by: ShawkyZ <[email protected]>
* chore: disable hovers [IDE-390] * docs: update changelog [IDE-390] * refactor: delete sentry reporting --------- Co-authored-by: Abdelrahman Shawki Hassan <[email protected]> Co-authored-by: Darius Zdroba <[email protected]>
### Description - add analytics sending on startup ### Checklist - [x] Tests added and all succeed - [x] Linted - [x] CHANGELOG.md updated - [ ] README.md updated, if user-facing ### Screenshots / GIFs _Visuals that may help the reviewer. Please add screenshots for any UI change. GIFs are most welcome!_
* feat: use cli ls extension --------- Co-authored-by: DariusZdroba <[email protected]>
* fix: set cli channel preview --------- Co-authored-by: Bastian Doetsch <[email protected]>
* chore: removed unnecessary file and toggle code ignore * fix: lint
* fix: dissable button after applying fix * chore: lint
* chore: removed unnecessary file and toggle code ignore * fix: lint * refactor: remove unneeded css and push to ls * chore: lint
* chore: add css changes needed for new ls data-flow * chore: remove unnecessary css * theme specific background image
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot]
Can you help keep this open source service alive? 💖 Please sponsor : )