Checkmarx · tiagobcx · Aug 29, 2022 · Aug 23, 2022 · Aug 25, 2022 · Aug 26, 2022
@@ -3,4 +3,5 @@ export default class CxDependencyPaths {
     name: string;
     version: string;
     isDevelopment: boolean;
+    supportsQuickFix:boolean;
 }
@@ -6,12 +6,14 @@ export default class CxScaPackageData {
     dependencyPaths: CxDependencyPaths [];
     outdated: boolean;
     fixLink:string
+    supportsQuickFix:boolean;
 
-    constructor(id: string,locations: string [],dependencyPaths: CxDependencyPaths [],outdated: boolean,fixLink:string) {
+    constructor(id: string,locations: string [],dependencyPaths: CxDependencyPaths [],outdated: boolean,fixLink:string,supportsQuickFix:boolean) {
         this.id = id;
         this.locations = locations;
         this.dependencyPaths = dependencyPaths;
         this.outdated = outdated;
         this.fixLink = fixLink;
+        this.supportsQuickFix = supportsQuickFix;
     }
 }
@@ -22,7 +22,7 @@ export enum CxConstants {
     KICS_REMEDIATION_RESULTS_FILE = "--results-file",
     KICS_REMEDIATION_KICS_FILE = "--kics-files",
     KICS_REMEDIATION_SIMILARITY_IDS = "--similarity-ids",
-    SCA_REMEDIATION_PACKAGE_FILE = "--package-file",
+    SCA_REMEDIATION_PACKAGE_FILES = "--package-files",
     SCA_REMEDIATION_PACKAGE = "--package",
     SCA_REMEDIATION_PACKAGE_VERSION = "--package-version",
     CMD_AUTH = "auth",

@@ -260,8 +260,8 @@ export class CxWrapper {
         return exec.executeKicsCommands(this.config.pathToExecutable, commands, CxConstants.KICS_REMEDIATION_TYPE);
     }
 
-    async scaRemediation(packageFile: string, packages:string, packageVersion:string): Promise<CxCommandOutput>  {
-        const commands: string[] = [CxConstants.CMD_UTILS, CxConstants.CMD_REMEDIATION,CxConstants.SUB_CMD_REMEDIATION_SCA,CxConstants.SCA_REMEDIATION_PACKAGE_FILE, packageFile,CxConstants.SCA_REMEDIATION_PACKAGE, packages,CxConstants.SCA_REMEDIATION_PACKAGE_VERSION,packageVersion];
+    async scaRemediation(packageFiles: string, packages:string, packageVersion:string): Promise<CxCommandOutput>  {
+        const commands: string[] = [CxConstants.CMD_UTILS, CxConstants.CMD_REMEDIATION,CxConstants.SUB_CMD_REMEDIATION_SCA,CxConstants.SCA_REMEDIATION_PACKAGE_FILES, packageFiles,CxConstants.SCA_REMEDIATION_PACKAGE, packages,CxConstants.SCA_REMEDIATION_PACKAGE_VERSION,packageVersion];
         commands.push(...this.initializeCommands(false));
         const exec = new ExecutionService();
         return exec.executeCommands(this.config.pathToExecutable, commands);

@@ -192,7 +192,7 @@ export class ExecutionService {
             const read_json = JSON.parse(read.replace(/:([0-9]{15,}),/g, ':"$1",'));
             if (read_json.results){
                 const r : CxResult[] = read_json.results.map((member:any)=>{
-                    const cxScaPackageData = new CxScaPackageData(member.data.scaPackageData?.id,member.data.scaPackageData?.locations,member.data.scaPackageData?.dependencyPaths,member.data.scaPackageData?.outdated,member.data.scaPackageData?.fixLink);
+                    const cxScaPackageData = new CxScaPackageData(member.data.scaPackageData?.id,member.data.scaPackageData?.locations,member.data.scaPackageData?.dependencyPaths,member.data.scaPackageData?.outdated,member.data.scaPackageData?.fixLink,member.data.scaPackageData?.supportsQuickFix);
                     const cvss = new CxCvss(member.vulnerabilityDetails.cvss.version,member.vulnerabilityDetails.cvss.attackVector,member.vulnerabilityDetails.cvss.availability,member.vulnerabilityDetails.cvss.confidentiality,member.vulnerabilityDetails.cvss.attackComplexity,member.vulnerabilityDetails.cvss.integrityImpact,member.vulnerabilityDetails.cvss.scope,member.vulnerabilityDetails.cvss.privilegesRequired,member.vulnerabilityDetails.cvss.userInteraction);
                     const cxVulnerabilityDetails = new CxVulnerabilityDetails(member.vulnerabilityDetails.cweId,cvss,member.vulnerabilityDetails.compliances,member.vulnerabilityDetails.cvssScore,member.vulnerabilityDetails.cveName);
                     const nodes:CxNode[]=member.data.nodes?.map((node:any)=>{

@@ -3,6 +3,15 @@ import {BaseTest} from "./BaseTest";
 import {CxCommandOutput} from "../main/wrapper/CxCommandOutput";
 import CxKicsRemediation from "../main/remediation/CxKicsRemediation";
 
+describe("SCA Remediation cases",() => {
+    const cxScanConfig = new BaseTest();
+    it('SCA Remediation Successful case ', async () => {
+        const auth = new CxWrapper(cxScanConfig);
+        const e:CxCommandOutput = await auth.scaRemediation("dist/tests/data/package.json","copyfiles","1.2")
+        expect(e.exitCode).toBe(0);
+    });
+});
+
 describe("Kics Remediation cases",() => {
     const cxScanConfig = new BaseTest();
     it('Kics Remediation Successful case', async () => {
@@ -22,10 +31,4 @@ describe("Kics Remediation cases",() => {
         expect(remediation.availableRemediation).toBeDefined();
         expect(remediation.appliedRemediation).toBeDefined();
     });
-
-    it('SCA Remediation Successful case ', async () => {
-        const auth = new CxWrapper(cxScanConfig);
-        const e:CxCommandOutput = await auth.scaRemediation("dist/tests/data/package.json","copyfiles","1.2")
-        expect(e.exitCode).toBe(0);
-    });
 });