Merge pull request #3865 from mercedes-benz/feature-3864-move-sechub-plugin-vscode-code-tosechub-repo

Add sources of sechub plugin vscode #3864

Author: winzj

.github/workflows/sechub-plugin-vscode-ci.yml

@@ -0,0 +1,42 @@
+# SPDX-License-Identifier: MIT
+name: SecHub plugin vscode CI
+on: 
+  push:
+    branches:
+      - 'develop'
+      - 'hotfix'
+      - 'main'
+      - 'master'
+    paths:
+      - '.github/workflows/sechub-plugin-vscode-ci.yml'
+      - 'ide-plugins/vscode/**'
+  pull_request:
+    paths:
+      - '.github/workflows/sechub-plugin-vscode-ci.yml'
+      - 'ide-plugins/vscode/**'
+  # enable manual triggering of workflow
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node: [ 16, 18 ]
+
+    defaults:
+      run:
+        working-directory: ide-plugins/vscode
+    steps:
+    - uses: actions/checkout@v3
+    - uses: actions/setup-node@v3
+      with:
+        # Matrix test using LTS (Long Term Support) versions
+        node-version: ${{ matrix.node }}
+    - run: npm ci
+    # https://code.visualstudio.com/api/working-with-extensions/continuous-integration#github-actions
+
+    - run: xvfb-run -a npm test
+      if: runner.os == 'Linux'
+    - run: npm test
+      if: runner.os != 'Linux'

.github/workflows/sechub-plugin-vscode-release.yml

@@ -0,0 +1,105 @@
+# SPDX-License-Identifier: MIT
+name: Release
+
+on: 
+  workflow_dispatch:
+    inputs:
+      milestone-number:
+        description: Milestone number for release
+        default: 15
+        required: true
+jobs:
+  release-version:
+    name: Create releases
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        node: [ 16, 18 ]
+        
+    defaults:
+      run:
+        working-directory: ide-plugins/vscode
+    steps:
+    - name: Checkout master
+      uses: actions/checkout@v3
+      with:
+        ref: master
+
+    # Build
+    - uses: actions/setup-node@v3
+      with:
+        # Matrix test using LTS (Long Term Support) versions
+        node-version: ${{ matrix.node }}
+    # Takes the package information from the packages-lock.json file
+    - run: npm ci
+    # https://code.visualstudio.com/api/working-with-extensions/continuous-integration#github-actions
+    
+    - run: xvfb-run -a npm test
+      if: runner.os == 'Linux'
+   
+    - run: npm test
+      if: runner.os != 'Linux'
+
+    - name: Fetch version from package.json
+      id: version
+      uses: notiz-dev/github-action-json-property@release
+      with: 
+          path: 'package.json'
+          prop_path: 'version'
+    # Create local tags, so we can build documentation for this tag...
+    - name: "Show version: v${{ steps.version.outputs.prop }}"
+      run: echo v${{ steps.version.outputs.prop }}
+    
+    # To identifiy parts not in git history and leading to "-dirty-$commitId" markern in documentation
+    - name: Inspect GIT status
+      if: always()
+      run: git status > git-status.txt
+      
+    # -----------------------------------------
+    # Upload Build Artifacts  
+    # -----------------------------------------  
+    - name: Archive GIT status
+      if: always()
+      uses: actions/upload-artifact@v3
+      with:
+          name: git-status.txt
+          path: git-status.txt
+          retention-days: 14 
+     
+    - name: Archive plugin package
+      if: always()
+      uses: actions/upload-artifact@v3
+      with:
+          name: sechub
+          path: dist/sechub.vsix
+          retention-days: 14
+          
+    # ******************************************     
+    # Now let's create a new release
+    # ******************************************     
+    - name: Create plugin release
+      id: create_server_release
+      uses: actions/create-release@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token
+      with:
+        tag_name: v${{ steps.version.outputs.prop }}
+        commitish: master
+        release_name: Version v${{ steps.version.outputs.prop }}
+        body: |
+          Changes in this Release
+          - Some minor changes on plugin implementation
+          
+          For more details please look at [Milestone ${{github.event.inputs.milestone-number}}]( https://github.com/mercedes-benz/foss/milestones/${{github.event.inputs.milestone-number}}?closed=1)
+        draft: true
+        prerelease: false
+    - name: Upload release asset
+      id: upload-release-asset 
+      uses: actions/upload-release-asset@v1
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      with:
+        upload_url: ${{ steps.create_plugin_release.outputs.upload_url }}  
+        asset_path: ./dist/sechub.vsix
+        asset_name: sechub.vsix
+        asset_content_type: application/zip

ide-plugins/vscode/.eslintrc.json

@@ -0,0 +1,19 @@
+{
+    "root": true,
+    "parser": "@typescript-eslint/parser",
+    "parserOptions": {
+        "ecmaVersion": 6,
+        "sourceType": "module"
+    },
+    "plugins": [
+        "@typescript-eslint"
+    ],
+    "rules": {
+        "@typescript-eslint/naming-convention": "warn",
+        "@typescript-eslint/semi": "warn",
+        "curly": "warn",
+        "eqeqeq": "warn",
+        "no-throw-literal": "warn",
+        "semi": "off"
+    }
+}

ide-plugins/vscode/.gitignore

@@ -0,0 +1,7 @@
+node_modules
+out
+.vscode-test/
+!.vscode
+
+# Plugin installation packages
+*.vsix

ide-plugins/vscode/.vscode/extensions.json

@@ -0,0 +1,7 @@
+{
+	// See http://go.microsoft.com/fwlink/?LinkId=827846
+	// for the documentation about the extensions.json format
+	"recommendations": [
+		"dbaeumer.vscode-eslint"
+	]
+}

ide-plugins/vscode/.vscode/launch.json

@@ -0,0 +1,34 @@
+// A launch configuration that compiles the extension and then opens it inside a new window
+// Use IntelliSense to learn about possible attributes.
+// Hover to view descriptions of existing attributes.
+// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
+{
+	"version": "0.2.0",
+	"configurations": [
+		{
+			"name": "Run Extension",
+			"type": "extensionHost",
+			"request": "launch",
+			"args": [
+				"--extensionDevelopmentPath=${workspaceFolder}"
+			],
+			"outFiles": [
+				"${workspaceFolder}/out/**/*.js"
+			],
+			"preLaunchTask": "${defaultBuildTask}"
+		},
+		{
+			"name": "Extension Tests",
+			"type": "extensionHost",
+			"request": "launch",
+			"args": [
+				"--extensionDevelopmentPath=${workspaceFolder}",
+				"--extensionTestsPath=${workspaceFolder}/out/test/suite/index"
+			],
+			"outFiles": [
+				"${workspaceFolder}/out/test/**/*.js"
+			],
+			"preLaunchTask": "${defaultBuildTask}"
+		}
+	]
+}

ide-plugins/vscode/.vscode/settings.json

@@ -0,0 +1,11 @@
+// Place your settings in this file to overwrite default and user settings.
+{
+    "files.exclude": {
+        "out": false // set this to true to hide the "out" folder with the compiled JS files
+    },
+    "search.exclude": {
+        "out": true // set this to false to include "out" folder in search results
+    },
+    // Turn off tsc task auto detection since we have the necessary tasks as npm scripts
+    "typescript.tsc.autoDetect": "off",
+}

ide-plugins/vscode/.vscode/tasks.json

@@ -0,0 +1,20 @@
+// See https://go.microsoft.com/fwlink/?LinkId=733558
+// for the documentation about the tasks.json format
+{
+	"version": "2.0.0",
+	"tasks": [
+		{
+			"type": "npm",
+			"script": "watch",
+			"problemMatcher": "$tsc-watch",
+			"isBackground": true,
+			"presentation": {
+				"reveal": "never"
+			},
+			"group": {
+				"kind": "build",
+				"isDefault": true
+			}
+		}
+	]
+}

ide-plugins/vscode/.vscodeignore

@@ -0,0 +1,11 @@
+.vscode/**
+.vscode-test/**
+out/test/**
+src/**
+.gitignore
+.yarnrc
+other/spdx/**
+**/tsconfig.json
+**/.eslintrc.json
+**/*.map
+**/*.ts

ide-plugins/vscode/3RD_PARTY_LICENSES.txt

@@ -0,0 +1,11 @@
+Copyright 2021
+
+[sechub-plugin-vscode : 0.1.0]
+
+Phase: RELEASED
+Distribution: OPENSOURCE
+
+Components: 
+
+
+Licenses: 

ide-plugins/vscode/CHANGELOG.md

@@ -0,0 +1,34 @@
+<!-- SPDX-License-Identifier: MIT --->
+# Change Log
+
+All notable changes to the "sechub-plugin-vscode" extension will be documented in this file.
+
+Check [Keep a Changelog](http://keepachangelog.com/) for recommendations on how to structure this file.
+
+## [1.0.1] - 2023-06-14
+- Fix README issue by converting AsciiDoc to Markdown
+
+## [1.0.0] - 2023-06-14
+- Fixed issues importing reports
+- Dependencies updated
+- Minimum NodeJS version 16
+
+## [0.1.3] - 2022-03-22
+- Dependencies updated
+- Workflow uses Node 14
+- Notice about move of namespace added
+
+## [0.1.2] - 2022-03-18
+- Dependencies updated 
+- rebranding to Mercedes-Benz
+
+## [0.1.1] - 2021-12-14
+- Dependencies updated
+
+## [0.1.0]
+- Initial release
+- User has possibility to load existing SecHub report from local file system.
+- Loaded reports can be crawled and editor will show up when source is available
+- If CWE information is available a link is provided in details
+
+## [Unreleased]

ide-plugins/vscode/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 Daimler TSS GmbH
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.