Update Vorpal Name to ASCA(AST-65647) (#955)

* Update Vorpal Name to ASCA + replace vulnerabilities to" security best practice issues"

* update version of github-action:cx-scan

* CR changes

* wording change in disable case

* revert wording refactor

* wording refactor - 2

* CR changes

* change github action version

* change latest to main in github action

---------

Co-authored-by: Or Shamir Checkmarx <93518641+OrShamirCM@users.noreply.github.com>

.github/workflows/checkmarx-one-scan.yml

@@ -9,7 +9,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v4.1.0
       - name: Checkmarx One CLI Action
-        uses: checkmarx/ast-github-action@6c56658230f79c227a55120e9b24845d574d5225 #2.0.31
+        uses: checkmarx/ast-github-action@main
         with:
           base_uri: ${{ secrets.AST_RND_SCANS_BASE_URI }}
           cx_tenant: ${{ secrets.AST_RND_SCANS_TENANT }}

package.json

@@ -882,11 +882,11 @@
         }
       },
       {
-        "title": "Activate Vorpal Real-time Scanning",
-        "id": "vorpal",
+        "title": "Activate ASCA",
+        "id": "asca",
         "order": 2,
         "properties": {
-          "CheckmarxVorpal.Activate Vorpal Real-time Scanning": {
+          "Checkmarx AI Secure Coding Assistant (ASCA).Activate ASCA": {
             "type": "boolean",
             "order": 3,
             "default": false,
@@ -916,8 +916,8 @@
     "@typescript-eslint/eslint-plugin": "^7.0.1",
     "@typescript-eslint/parser": "^7.2.0",
     "chai": "4.3.1",
-    "eslint-config-prettier": "^9.1.0",
     "eslint": "^8.57.0",
+    "eslint-config-prettier": "^9.1.0",
     "mocha": "10.3.0",
     "typescript": "^5.5.3",
     "vsce": "^2.15.0",
@@ -927,7 +927,7 @@
     "webpack-cli": "^5.1.4"
   },
   "dependencies": {
-    "@checkmarxdev/ast-cli-javascript-wrapper": "0.0.113",
+    "@checkmarxdev/ast-cli-javascript-wrapper": "0.0.114",
     "copyfiles": "2.4.1",
     "eslint-config-prettier": "^9.1.0",
     "eslint-plugin-node": "^11.1.0",

src/vorpal/vorpalService.ts → src/asca/ascaService.ts

@@ -5,16 +5,16 @@ import path from "path";
 import * as os from "os";
 import { error } from "console";
 import { Logs } from "../models/logs";
-import CxVorpal from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/vorpal/CxVorpal";
+import CxAsca from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/asca/CxAsca";
 import { constants } from "../utils/common/constants";
 
-const vorpalDir = "CxVorpal";
+const ascaDir = "CxVorpal";
 
 export const diagnosticCollection = vscode.languages.createDiagnosticCollection(
   constants.extensionFullName
 );
 
-export async function scanVorpal(document: vscode.TextDocument, logs: Logs) {
+export async function scanAsca(document: vscode.TextDocument, logs: Logs) {
 
   if (ignoreFiles(document))
     {return;}
@@ -24,30 +24,30 @@ export async function scanVorpal(document: vscode.TextDocument, logs: Logs) {
       path.basename(document.uri.fsPath),
       document.getText()
     );
-    // RUN VORPAL SCAN
-    logs.info("Start Vorpal Scan On File: " + document.uri.fsPath);
-    const scanVorpalResult = await cx.scanVorpal(filePath);
+    // RUN ASCA SCAN
+    logs.info("Start ASCA scan On File: " + document.uri.fsPath);
+    const scanAscaResult = await cx.scanAsca(filePath);
     // DELETE TEMP FILE
     deleteFile(filePath); 
     console.info("file %s deleted", filePath);
     // HANDLE ERROR
-    if (scanVorpalResult.error) {
+    if (scanAscaResult.error) {
       logs.warn(
-        "Vorpal Warning: " +
-          (scanVorpalResult.error.description ?? scanVorpalResult.error)
+        "ASCA Warning: " +
+          (scanAscaResult.error.description ?? scanAscaResult.error)
       );
       return;
     }
     // VIEW PROBLEMS
     logs.info(
-      scanVorpalResult.scanDetails.length +
-        " security best coding practices issues were found in " +
+      scanAscaResult.scanDetails.length +
+        " security best practice violations were found in " +
         document.uri.fsPath
     );
-    updateProblems(scanVorpalResult, document.uri);
+    updateProblems(scanAscaResult, document.uri);
   } catch (error) {
     console.error(error);
-    logs.error(constants.errorScanVorpal);
+    logs.error(constants.errorScanAsca);
   }
 }
 
@@ -56,16 +56,16 @@ function ignoreFiles(document: vscode.TextDocument): boolean {
   return document.uri.scheme !== 'file';
 }
 
-export async function clearVorpalProblems() {
+export async function clearAscaProblems() {
   diagnosticCollection.clear();
 }
 
-function updateProblems(scanVorpalResult: CxVorpal, uri: vscode.Uri) {
+function updateProblems(scanAscaResult: CxAsca, uri: vscode.Uri) {
   diagnosticCollection.delete(uri);
   const diagnostics: vscode.Diagnostic[] = [];
 
-  for (let i = 0; i < scanVorpalResult.scanDetails.length; i++) {
-    const res = scanVorpalResult.scanDetails[i];
+  for (let i = 0; i < scanAscaResult.scanDetails.length; i++) {
+    const res = scanAscaResult.scanDetails[i];
     const range = new vscode.Range(
       new vscode.Position(res.line - 1, 0),
       new vscode.Position(res.line - 1, 100)
@@ -75,24 +75,24 @@ function updateProblems(scanVorpalResult: CxVorpal, uri: vscode.Uri) {
       `${res.ruleName} - ${res.remediationAdvise}`,
       parseSeverity(res.severity)
     );
-    diagnostic.source = constants.vorpalEngineName;
+    diagnostic.source = constants.ascaEngineName;
     diagnostics.push(diagnostic);
   }
   diagnosticCollection.set(uri, diagnostics);
 }
 
-function parseSeverity(vorpalSeverity: string): vscode.DiagnosticSeverity {
+function parseSeverity(ascaSeverity: string): vscode.DiagnosticSeverity {
   const severityMap: Record<string, vscode.DiagnosticSeverity> = {
     CRITICAL: vscode.DiagnosticSeverity.Error,
     HIGH: vscode.DiagnosticSeverity.Error,
     MEDIUM: vscode.DiagnosticSeverity.Warning,
     LOW: vscode.DiagnosticSeverity.Information
   };
 
-  const severity = severityMap[vorpalSeverity.toUpperCase()];
+  const severity = severityMap[ascaSeverity.toUpperCase()];
 
   if (severity === undefined) {
-    console.log(`Invalid vorpalSeverity value: ${vorpalSeverity}`);
+    console.log(`Invalid ASCASeverity value: ${ascaSeverity}`);
     return vscode.DiagnosticSeverity.Information;
   }
 
@@ -102,7 +102,7 @@ function parseSeverity(vorpalSeverity: string): vscode.DiagnosticSeverity {
 function saveTempFile(fileName: string, content: string): string | null {
   try {
     const tempDir = os.tmpdir();
-    const tempFilePath = path.join(tempDir, vorpalDir, fileName);
+    const tempFilePath = path.join(tempDir, ascaDir, fileName);
     fs.writeFileSync(tempFilePath, content);
     console.info("Temp file was saved in: " + tempFilePath);
     return tempFilePath;
@@ -112,9 +112,9 @@ function saveTempFile(fileName: string, content: string): string | null {
   }
 }
 
-export async function installVorpal(logs: Logs) {
+export async function installAsca(logs: Logs) {
   try {
-    const res = await cx.installVorpal();
+    const res = await cx.installAsca();
     if (res.error) {
       const errorMessage = constants.errorInstallation + " : " + res.error;
       vscode.window.showErrorMessage(errorMessage);

src/commands/vorpalCommand.ts → src/commands/ascaCommand.ts

@@ -1,53 +1,53 @@
 import * as vscode from "vscode";
 import { Logs } from "../models/logs";
 import {
-  clearVorpalProblems,
-  installVorpal,
-  scanVorpal,
-} from "../vorpal/vorpalService";
+  clearAscaProblems,
+  installAsca,
+  scanAsca,
+} from "../asca/ascaService";
 import { constants } from "../utils/common/constants";
 
 let timeout = null;
-export class VorpalCommand {
+export class AscaCommand {
   context: vscode.ExtensionContext;
   logs: Logs;
   onDidChangeTextDocument: vscode.Disposable;
   constructor(context: vscode.ExtensionContext, logs: Logs) {
     this.context = context;
     this.logs = logs;
   }
-  public async registerVorpal() {
+  public async registerAsca() {
     try {
-      const vorpalActive = vscode.workspace
-        .getConfiguration(constants.CheckmarxVorpal)
-        .get(constants.ActivateVorpalAutoScanning) as boolean;
-      if (vorpalActive) {
-        await this.installVorpal();
-        await this.registerVorpalScanOnChangeText();
-        this.logs.info(constants.vorpalStart);
+      const ascaActive = vscode.workspace
+        .getConfiguration(constants.CheckmarxAsca)
+        .get(constants.ActivateAscaAutoScanning) as boolean;
+      if (ascaActive) {
+        await this.installAsca();
+        await this.registerAscaScanOnChangeText();
+        this.logs.info(constants.ascaStart);
       } else {
-        await this.disposeVorpalScanOnChangeText();
-        await clearVorpalProblems();
-        this.logs.info(constants.vorpalDisabled);
+        await this.disposeAscaScanOnChangeText();
+        await clearAscaProblems();
+        this.logs.info(constants.ascaDisabled);
       }
     } catch (error) {
       console.error(error);
     }
   }
-  public installVorpal() {
-    installVorpal(this.logs);
+  public installAsca() {
+    installAsca(this.logs);
     this.onDidChangeTextDocument = vscode.workspace.onDidChangeTextDocument(
-      // Must be no less than 2000ms. Otherwise, the temporary file can be deleted before the vorpal scan is finished.
+      // Must be no less than 2000ms. Otherwise, the temporary file can be deleted before the ASCA scan is finished.
       this.debounce(this.onTextChange, 2000)
     );
   }
 
   public onTextChange(event) {
     try {
-      scanVorpal(event.document, this.logs);
+      scanAsca(event.document, this.logs);
     } catch (error) {
       console.error(error);
-      this.logs.warn("fail to scan vorpal");
+      this.logs.warn("fail to scan ASCA");
     }
   }
   // Debounce function
@@ -68,10 +68,10 @@ export class VorpalCommand {
     };
   }
 
-  public registerVorpalScanOnChangeText() {
+  public registerAscaScanOnChangeText() {
     this.context.subscriptions.push(this.onDidChangeTextDocument);
   }
-  public disposeVorpalScanOnChangeText() {
+  public disposeAscaScanOnChangeText() {
     if (this.onDidChangeTextDocument) {
       this.onDidChangeTextDocument.dispose();
       this.context.subscriptions.push(this.onDidChangeTextDocument);

src/cx/cx.ts

@@ -15,7 +15,7 @@ import { CxPlatform } from "./cxPlatform";
 import { CxCommandOutput } from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/wrapper/CxCommandOutput";
 import { ChildProcessWithoutNullStreams } from "child_process";
 import CxLearnMoreDescriptions from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/learnmore/CxLearnMoreDescriptions";
-import CxVorpal from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/vorpal/CxVorpal";
+import CxAsca from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/asca/CxAsca";
 import { messages } from "../utils/common/messages";
 export class Cx implements CxPlatform {
 	async scaScanCreate(sourcePath: string): Promise<CxScaRealtime | undefined> {
@@ -418,38 +418,38 @@ export class Cx implements CxPlatform {
 		statusBarItem.text = text;
 		show ? statusBarItem.show() : statusBarItem.hide();
 	}
-	async installVorpal(): Promise<CxVorpal> {
+	async installAsca(): Promise<CxAsca> {
 		let config = this.getAstConfiguration();
 		if (!config) {
 		  config = new CxConfig();
 		}
 		const cx = new CxWrapper(config);
-		const scans = await cx.scanVorpal(null, true, constants.vsCodeAgent);
+		const scans = await cx.scanAsca(null, true, constants.vsCodeAgent);
 		if (scans.payload && scans.exitCode === 0) {
 		  return scans.payload[0];
 		} else {
-		  return this.getVorpalError(scans.status, "Failed to run vorpal engine");
+		  return this.getAscaError(scans.status, "Failed to run ASCA engine");
 		}
 	  }
 
-	private getVorpalError(scanStatus: string, errorMessage: string) {
+	private getAscaError(scanStatus: string, errorMessage: string) {
 		console.error(errorMessage);
-		const errorRes = new CxVorpal();
+		const errorRes = new CxAsca();
 		errorRes.error = scanStatus;
 		return errorRes;
 	}
 
-	  async scanVorpal(sourcePath: string): Promise<CxVorpal> {
+	  async scanAsca(sourcePath: string): Promise<CxAsca> {
 		let config = this.getAstConfiguration();
 		if (!config) {
 		  config = new CxConfig();
 		}
 		const cx = new CxWrapper(config);
-		const scans = await cx.scanVorpal(sourcePath, false, constants.vsCodeAgent);
+		const scans = await cx.scanAsca(sourcePath, false, constants.vsCodeAgent);
 		if (scans.payload && scans.exitCode === 0) {
 		  return scans.payload[0];
 		} else {
-		  return this.getVorpalError(scans.status, "Fail to call vorpal scan");
+		  return this.getAscaError(scans.status, "Fail to call ASCA scan");
 		}
 	  }
 	}

src/cx/cxMock.ts

@@ -7,7 +7,7 @@ import { CxConfig } from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/wra
 import { getFilePath } from "../utils/utils";
 import { writeFileSync } from "fs";
 import { CxPlatform } from "./cxPlatform";
-import CxVorpal from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/vorpal/CxVorpal";
+import CxAsca from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/asca/CxAsca";
 import { EMPTY_RESULTS_SCAN_ID } from "../test/utils/envs";
 
 export class CxMock implements CxPlatform {
@@ -1169,11 +1169,11 @@ export class CxMock implements CxPlatform {
     show ? statusBarItem.show() : statusBarItem.hide();
   }
 
-  installVorpal(): Promise<CxVorpal> {
+  installAsca(): Promise<CxAsca> {
     return null;
   }
 
-  async scanVorpal(sourcePath: string): Promise<CxVorpal> {
-    return new CxVorpal();
+  async scanAsca(sourcePath: string): Promise<CxAsca> {
+    return new CxAsca();
   }
 }

src/cx/cxPlatform.ts

@@ -8,7 +8,7 @@ import { Logs } from "../models/logs";
 import { ChildProcessWithoutNullStreams } from "child_process";
 import { CxCommandOutput } from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/wrapper/CxCommandOutput";
 import CxLearnMoreDescriptions from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/learnmore/CxLearnMoreDescriptions";
-import CxVorpal from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/vorpal/CxVorpal";
+import CxAsca from "@checkmarxdev/ast-cli-javascript-wrapper/dist/main/asca/CxAsca";
 
 export interface CxPlatform {
 	/**
@@ -179,14 +179,14 @@ export interface CxPlatform {
 	updateStatusBarItem(text: string, show: boolean, statusBarItem: vscode.StatusBarItem);
 
   /**
-   * install the Vorpal engine
+   * install the ASCA engine
    */
-  installVorpal(): Promise<CxVorpal>;
+  installAsca(): Promise<CxAsca>;
 
   /**
-   * Scan the edited file in the vorpal engine and show the results in the problem section
-   * @param sourcePath the edited file sent to the vorpal engine
+   * Scan the edited file in the ASCA engine and show the results in the problem section
+   * @param sourcePath the edited file sent to the ASCA engine
    */
-  scanVorpal(sourcePath: string): Promise<CxVorpal>;
+  scanAsca(sourcePath: string): Promise<CxAsca>;
 }