CxOne Dev Assist - OSS - Feature/agentic ai - AST-109602

README.md

@@ -81,6 +81,15 @@ This plugin provides easy integration with JetBrains and is compatible with all
 
 -   AI Secure Coding Assistant (ASCA) - A lightweight scan engine that runs in the background while you work, enabling developers to identify and remediate secure coding best practice violations  **as they code**.
 
+## Checkmarx One Developer Assist – AI guided remediation
+- An advanced security agent that delivers real-time context-aware prevention, remediation, and guidance to developers from the IDE.
+- OSS Realtime scanner identifies risks in open source packages used in your project.
+- MCP-based agentic AI remediation.
+- AI powered explanation of risk details
+
+  **COMING SOON** - additional realtime scanners for identifying risks in container images, as well as exposed secrets and IaC risks.
+
+
 ## Prerequisites
 
 -   You are running IntelliJ version 2022.2+ or another JetBrains IDE that is based on a supported version of IntelliJ.
@@ -93,20 +102,25 @@ This plugin provides easy integration with JetBrains and is compatible with all
 > -   CxOne role  `view-policy-management`
 > -   IAM role  `default-roles`
 
+To use **Dev Assist**, you need the following additional prerequisites:
+- A Checkmarx One account with a Checkmarx One Assist license
+- The Checkmarx MCP must be activated for your tenant account in the Checkmarx One UI under Settings → Plugins. This must be done by an account admin.
+- You must have GitHub Copilot Chat (AI Agent) installed
+
 ## Initial Setup
 
 -   Verify that all prerequisites are in place.
 
 -   Install the **Checkmarx One** plugin and configure the settings as
     described [here](https://docs.checkmarx.com/en/34965-68734-installing-and-setting-up-the-checkmarx-one-jetbrains-pluging-68734.html#UUID-8d3bdd51-782c-2816-65e2-38d7529651c8_section-idm449017032697283334758018635).
 
+**Note:** To use Dev Assist, you need to Start the Checkmarx MCP server.
 
 ## Usage
 
 To see how you can use our tool, please refer to the [Documentation](https://docs.checkmarx.com/en/34965-68734-installing-and-setting-up-the-checkmarx-one-jetbrains-pluging.html)
 
 
-
 ## Feedback
 We’d love to hear your feedback! If you come across a bug or have a feature request, please let us know by submitting an issue in [GitHub Issues](https://github.com/Checkmarx/ast-jetbrains-plugin/issues).
 

src/main/java/com/checkmarx/intellij/Constants.java

@@ -2,19 +2,23 @@
 
 import org.jetbrains.annotations.NonNls;
 
+import java.util.List;
+
 /**
  * Non-translatable constants.
  */
 @NonNls
 public final class Constants {
 
+
     private Constants() {
         // forbid instantiation of the class
     }
 
     public static final String BUNDLE_PATH = "messages.CxBundle";
 
     public static final String LOGGER_CAT_PREFIX = "CX#";
+    public static final String CXONE_ASSIST = "CxOne Assist";
 
     public static final String GLOBAL_SETTINGS_ID = "settings.ast";
     public static final String TOOL_WINDOW_ID = "Checkmarx";
@@ -78,10 +82,14 @@ private Constants() {
     public static final String SCAN_STATUS_RUNNING = "running";
     public static final String SCAN_STATUS_COMPLETED = "completed";
     public static final String JET_BRAINS_AGENT_NAME = "Jetbrains";
-    public static final String ASCA_CRITICAL_SEVERITY = "Critical";
-    public static final String ASCA_HIGH_SEVERITY = "High";
-    public static final String ASCA_MEDIUM_SEVERITY = "Medium";
-    public static final String ASCA_LOW_SEVERITY = "Low";
+
+    public static final String MALICIOUS_SEVERITY = "Malicious";
+    public static final String CRITICAL_SEVERITY = "Critical";
+    public static final String HIGH_SEVERITY = "High";
+    public static final String MEDIUM_SEVERITY = "Medium";
+    public static final String LOW_SEVERITY = "Low";
+    public static final String OK = "OK";
+    public static final String UNKNOWN = "Unknown";
 
     public static final String IGNORE_LABEL = "IGNORED";
     public static final String NOT_IGNORE_LABEL = "NOT_IGNORED";
@@ -97,7 +105,11 @@ private Constants() {
     /**
      * Inner static final class, to maintain the constants used in authentication.
      */
-    public static final class AuthConstants{
+    public static final class AuthConstants {
+
+        private AuthConstants() {
+            throw new UnsupportedOperationException("Cannot instantiate AuthConstants class");
+        }
 
         public static final String OAUTH_IDE_CLIENT_ID = "ide-integration";
         public static final String ALGO_SHA256 = "SHA-256";
@@ -114,5 +126,76 @@ public static final class AuthConstants{
         public static final int TIME_OUT_SECONDS = 120;
     }
 
+    /**
+     * The RealTimeConstants class defines a collection of constant values
+     * related to real-time scanning functionalities, including support for
+     * different scanning engines and associated configurations.
+     */
+    public static final class RealTimeConstants {
+
+        private RealTimeConstants() {
+            throw new UnsupportedOperationException("Cannot instantiate RealTimeConstants class");
+        }
+
+        // Tab Name Constants
+        public static final String DEVASSIST_TAB = "CxOne Assist Findings";
+
+        // OSS Scanner Constants
+        public static final String ACTIVATE_OSS_REALTIME_SCANNER = "Activate OSS-Realtime";
+        public static final String OSS_REALTIME_SCANNER = "Checkmarx Open Source Realtime Scanner (OSS-Realtime)";
+        public static final String OSS_REALTIME_SCANNER_START = "Realtime OSS Scanner Engine started";
+        public static final String OSS_REALTIME_SCANNER_DISABLED = "Realtime OSS Scanner Engine disabled";
+        public static final String OSS_REALTIME_SCANNER_DIRECTORY = "Cx-oss-realtime-scanner";
+        public static final String ERROR_OSS_REALTIME_SCANNER = "Failed to handle OSS Realtime scan";
+
+        //Dev Assist Fixes Constants
+        public static final String FIX_WITH_CXONE_ASSIST = "Copy fix prompt";
+        public static final String VIEW_DETAILS_FIX_NAME = "View details";
+        public static final String IGNORE_THIS_VULNERABILITY_FIX_NAME = "Ignore this vulnerability";
+        public static final String IGNORE_ALL_OF_THIS_TYPE_FIX_NAME = "Ignore all of this type";
+
+        public static final List<String> MANIFEST_FILE_PATTERNS = List.of(
+                "**/Directory.Packages.props",
+                "**/packages.config",
+                "**/pom.xml",
+                "**/package.json",
+                "**/requirements.txt",
+                "**/go.mod",
+                "**/*.csproj"
+        );
+        //Tooltip description constants
+        public static final String RISK_PACKAGE = "risk package";
+        public static final String SEVERITY_PACKAGE = "Severity Package";
+        public static final String PACKAGE_DETECTED = "package detected";
+        public static final String THEME = "THEME";
+        // Dev Assist Remediation
+        public static final String CX_AGENT_NAME = "Checkmarx One Assist";
+        // Files generated by the agent (Copilot)
+        public static final List<String> AGENT_DUMMY_FILES = List.of("/Dummy.txt", "/");
+    }
+
+    /**
+     * Constant class to hold image paths.
+     */
+    public static final class ImagePaths {
+
+        private ImagePaths() {
+            throw new UnsupportedOperationException("Cannot instantiate ImagePaths class");
+        }
+
+        public static final String DEV_ASSIST_PNG = "/icons/devassist/tooltip/cxone_assist";
+        public static final String CRITICAL_PNG = "/icons/devassist/tooltip/critical";
+        public static final String HIGH_PNG = "/icons/devassist/tooltip/high";
+        public static final String MEDIUM_PNG = "/icons/devassist/tooltip/medium";
+        public static final String LOW_PNG = "/icons/devassist/tooltip/low";
+        public static final String MALICIOUS_PNG = "/icons/devassist/tooltip/malicious";
+        public static final String PACKAGE_PNG = "/icons/devassist/tooltip/package";
+
+        // Vulnerability Severity Count Icons
+        public static final String CRITICAL_16_PNG = "/icons/devassist/tooltip/severity_count/critical";
+        public static final String HIGH_16_PNG = "/icons/devassist/tooltip/severity_count/high";
+        public static final String MEDIUM_16_PNG = "/icons/devassist/tooltip/severity_count/medium";
+        public static final String LOW_16_PNG = "/icons/devassist/tooltip/severity_count/low";
+    }
 
 }

src/main/java/com/checkmarx/intellij/CxIcons.java

@@ -12,15 +12,76 @@ public final class CxIcons {
     private CxIcons() {
     }
 
-    public static final Icon CHECKMARX_13 = IconLoader.getIcon("/icons/checkmarx-mono-13.png", CxIcons.class);
+    public static final Icon CHECKMARX_13 = IconLoader.getIcon("/icons/checkmarx-plugin-13.png", CxIcons.class);
     public static final Icon CHECKMARX_13_COLOR = IconLoader.getIcon("/icons/checkmarx-13.png", CxIcons.class);
     public static final Icon CHECKMARX_80 = IconLoader.getIcon("/icons/checkmarx-80.png", CxIcons.class);
-    public static final Icon CRITICAL = IconLoader.getIcon("/icons/critical.svg", CxIcons.class);
-    public static final Icon HIGH = IconLoader.getIcon("/icons/high.svg", CxIcons.class);
-    public static final Icon MEDIUM = IconLoader.getIcon("/icons/medium.svg", CxIcons.class);
-    public static final Icon LOW = IconLoader.getIcon("/icons/low.svg", CxIcons.class);
-    public static final Icon INFO = IconLoader.getIcon("/icons/info.svg", CxIcons.class);
     public static final Icon COMMENT = IconLoader.getIcon("/icons/comment.svg", CxIcons.class);
     public static final Icon STATE = IconLoader.getIcon("/icons/Flags.svg", CxIcons.class);
     public static final Icon ABOUT = IconLoader.getIcon("/icons/about.svg", CxIcons.class);
+    public static final Icon INFO = IconLoader.getIcon("/icons/info.svg", CxIcons.class);
+
+    public static Icon getWelcomeScannerIcon() {
+        return IconLoader.getIcon("/icons/welcomePageScanner.svg", CxIcons.class);
+    }
+
+    public static Icon getWelcomeMcpDisableIcon() {
+        return IconLoader.getIcon("/icons/cxAIError.svg", CxIcons.class);
+    }
+
+    public static final Icon STAR_ACTION = IconLoader.getIcon("/icons/devassist/star-action.svg", CxIcons.class);
+
+    /**
+     * Inner static final class, to maintain the constants used in icons for the value 24*24.
+     */
+    public static final class Regular {
+
+        private Regular() {
+        }
+
+        public static final Icon MALICIOUS = IconLoader.getIcon("/icons/devassist/severity_24/malicious.svg", CxIcons.class);
+        public static final Icon CRITICAL = IconLoader.getIcon("/icons/devassist/severity_24/critical.svg", CxIcons.class);
+        public static final Icon HIGH = IconLoader.getIcon("/icons/devassist/severity_24/high.svg", CxIcons.class);
+        public static final Icon MEDIUM = IconLoader.getIcon("/icons/devassist/severity_24/medium.svg", CxIcons.class);
+        public static final Icon LOW = IconLoader.getIcon("/icons/devassist/severity_24/low.svg", CxIcons.class);
+        public static final Icon IGNORED = IconLoader.getIcon("/icons/devassist/severity_24/ignored.svg", CxIcons.class);
+        public static final Icon OK = IconLoader.getIcon("/icons/devassist/severity_24/ok.svg", CxIcons.class);
+
+    }
+
+    /**
+     * Inner static final class, to maintain the constants used in icons for the value 20*20.
+     */
+    public static final class Medium {
+
+        private Medium() {
+        }
+
+        public static final Icon MALICIOUS = IconLoader.getIcon("/icons/devassist/severity_20/malicious.svg", CxIcons.class);
+        public static final Icon CRITICAL = IconLoader.getIcon("/icons/devassist/severity_20/critical.svg", CxIcons.class);
+        public static final Icon HIGH = IconLoader.getIcon("/icons/devassist/severity_20/high.svg", CxIcons.class);
+        public static final Icon MEDIUM = IconLoader.getIcon("/icons/devassist/severity_20/medium.svg", CxIcons.class);
+        public static final Icon LOW = IconLoader.getIcon("/icons/devassist/severity_20/low.svg", CxIcons.class);
+        public static final Icon IGNORED = IconLoader.getIcon("/icons/devassist/severity_20/ignored.svg", CxIcons.class);
+        public static final Icon OK = IconLoader.getIcon("/icons/devassist/severity_20/ok.svg", CxIcons.class);
+
+    }
+
+    /**
+     * Inner static final class, to maintain the constants used in icons for the value 16*16.
+     */
+    public static final class Small {
+
+        private Small() {
+        }
+
+        public static final Icon MALICIOUS = IconLoader.getIcon("/icons/devassist/severity_16/malicious.svg", CxIcons.class);
+        public static final Icon CRITICAL = IconLoader.getIcon("/icons/devassist/severity_16/critical.svg", CxIcons.class);
+        public static final Icon HIGH = IconLoader.getIcon("/icons/devassist/severity_16/high.svg", CxIcons.class);
+        public static final Icon MEDIUM = IconLoader.getIcon("/icons/devassist/severity_16/medium.svg", CxIcons.class);
+        public static final Icon LOW = IconLoader.getIcon("/icons/devassist/severity_16/low.svg", CxIcons.class);
+        public static final Icon IGNORED = IconLoader.getIcon("/icons/devassist/severity_16/ignored.svg", CxIcons.class);
+        public static final Icon OK = IconLoader.getIcon("/icons/devassist/severity_16/ok.svg", CxIcons.class);
+        public static final Icon UNKNOWN = IconLoader.getIcon("/icons/devassist/severity_16/unknown.svg", CxIcons.class);
+
+    }
 }

src/main/java/com/checkmarx/intellij/Resource.java

@@ -112,5 +112,46 @@ public enum Resource {
     ERROR_SESSION_EXPIRED,
     SECRET_DETECTION,
     IAC_SECURITY,
-    NO_CHANGES
+    NO_CHANGES,
+    CXONE_ASSIST_TITLE,
+    OSS_REALTIME_TITLE,
+    OSS_REALTIME_CHECKBOX,
+    CXONE_ASSIST_LOGIN_MESSAGE,
+    CXONE_ASSIST_MCP_DISABLED_MESSAGE,
+    SECRETS_REALTIME_TITLE,
+    SECRETS_REALTIME_CHECKBOX,
+    CONTAINERS_REALTIME_TITLE,
+    CONTAINERS_REALTIME_CHECKBOX,
+    IAC_REALTIME_TITLE,
+    IAC_REALTIME_CHECKBOX,
+    CONTAINERS_TOOL_TITLE,
+    IAC_REALTIME_SCANNER_PREFIX,
+    GO_TO_CXONE_ASSIST_LINK,
+    WELCOME_TITLE,
+    WELCOME_SUBTITLE,
+    WELCOME_ASSIST_TITLE,
+    WELCOME_ASSIST_FEATURE_1,
+    WELCOME_ASSIST_FEATURE_2,
+    WELCOME_ASSIST_FEATURE_3,
+    WELCOME_MAIN_FEATURE_1,
+    WELCOME_MAIN_FEATURE_2,
+    WELCOME_MAIN_FEATURE_3,
+    WELCOME_MAIN_FEATURE_4,
+    WELCOME_CLOSE_BUTTON,
+    CONTAINERS_TOOL_DESCRIPTION,
+    MCP_SECTION_TITLE,
+    MCP_DESCRIPTION,
+    MCP_INSTALL_LINK,
+    MCP_EDIT_JSON_LINK,
+    WELCOME_MCP_INSTALLED_INFO,
+    MCP_NOTIFICATION_TITLE,
+    MCP_CONFIG_SAVED,
+    MCP_AUTH_REQUIRED,
+    MCP_CONFIG_UP_TO_DATE,
+    MCP_NOT_FOUND,
+    CHECKING_MCP_STATUS,
+    STARTING_CHECKMARX_OSS_SCAN,
+    FAILED_OSS_SCAN_INITIALIZATION,
+    DEV_ASSIST_COPY_FIX_PROMPT,
+    DEV_ASSIST_COPY_VIEW_DETAILS_PROMPT
 }

src/main/java/com/checkmarx/intellij/Utils.java

@@ -2,9 +2,13 @@
 
 import com.checkmarx.ast.wrapper.CxException;
 import com.checkmarx.intellij.settings.SettingsListener;
+import com.checkmarx.intellij.settings.global.GlobalSettingsState;
 import com.intellij.dvcs.repo.Repository;
 import com.intellij.dvcs.repo.VcsRepositoryManager;
-import com.intellij.notification.*;
+import com.intellij.notification.Notification;
+import com.intellij.notification.NotificationAction;
+import com.intellij.notification.NotificationGroupManager;
+import com.intellij.notification.NotificationType;
 import com.intellij.openapi.application.ApplicationManager;
 import com.intellij.openapi.diagnostic.Logger;
 import com.intellij.openapi.project.Project;
@@ -352,7 +356,7 @@ public static boolean isBlank(CharSequence cs) {
         if (strLen == 0) {
             return true;
         } else {
-            for(int i = 0; i < strLen; ++i) {
+            for (int i = 0; i < strLen; ++i) {
                 if (!Character.isWhitespace(cs.charAt(i))) {
                     return false;
                 }
@@ -361,4 +365,34 @@ public static boolean isBlank(CharSequence cs) {
         }
     }
 
+    /**
+     * Escape HTML special characters
+     *
+     * @param text String to escape
+     * @return Escaped string
+     */
+    public static String escapeHtml(String text) {
+        if (Objects.isNull(text) || text.isBlank()) {
+            return "";
+        }
+        return text.replace("&", "&amp;")
+                .replace("<", "&lt;")
+                .replace(">", "&gt;")
+                .replace("\"", "&quot;")
+                .replace("'", "&#39;");
+    }
+
+    /**
+     * Check if the user is authenticated or not
+     *
+     * @return true if a user is authenticated otherwise false
+     */
+    public static boolean isUserAuthenticated() {
+        try {
+            return GlobalSettingsState.getInstance().isAuthenticated();
+        } catch (Exception e) {
+            LOGGER.error("Exception occurred while checking user authentication.", e.getMessage());
+            return false;
+        }
+    }
 }