From 22916fa0276d7e62c01877f685d74298242d4e5e Mon Sep 17 00:00:00 2001 From: Jeff King Date: Thu, 15 Sep 2022 14:03:52 -0700 Subject: [PATCH] Add connectToGithubCodeScanning setting. --- package.json | 15 +++++++ src/extension/index.activateGithubAnalyses.ts | 40 ++++++++++++++++++- 2 files changed, 54 insertions(+), 1 deletion(-) diff --git a/package.json b/package.json index 6ace6194..220003b0 100644 --- a/package.json +++ b/package.json @@ -46,6 +46,21 @@ "type": "boolean", "default": true }, + "sarif-viewer.connectToGithubCodeScanning": { + "description": "Connect to GitHub and display any code scanning results. Setting takes effect on editor restart.", + "type": "string", + "enum": [ + "off", + "on", + "onWithIntroduction" + ], + "enumDescriptions": [ + "If do not anticipate having or using GitHub code scanning results, this will save compute and network resources.", + "", + "On, but with an introductory explanation and a way to opt-out." + ], + "default": "onWithIntroduction" + }, "sarif-viewer.updateChannel": { "description": "Specifies the type of updates the extension receives.", "type": "string", diff --git a/src/extension/index.activateGithubAnalyses.ts b/src/extension/index.activateGithubAnalyses.ts index 7ee5339c..241e8073 100644 --- a/src/extension/index.activateGithubAnalyses.ts +++ b/src/extension/index.activateGithubAnalyses.ts @@ -7,7 +7,7 @@ import { readFileSync, existsSync } from 'fs'; import { observe } from 'mobx'; import fetch from 'node-fetch'; import { Log } from 'sarif'; -import { authentication, extensions, OutputChannel, workspace } from 'vscode'; +import { authentication, commands, extensions, OutputChannel, window, workspace } from 'vscode'; import { augmentLog } from '../shared'; import '../shared/extension'; import { API, GitExtension, Repository } from './git'; @@ -48,6 +48,25 @@ export async function getInitializedGitApi(): Promise { } export function activateGithubAnalyses(store: Store, panel: Panel, outputChannel: OutputChannel) { + /* + Determined (via experiments) that is not possible to discern between default and unset. + This is even when using `inspect()`. + + If equal to default (false or unset): + { + defaultValue: false + key: ... + } + + If not equal to default (true): + { + defaultValue: false + globalValue: true + } + */ + const connectToGithubCodeScanning = workspace.getConfiguration('sarif-viewer').get<'off' | 'on' | 'onWithIntroduction'>('connectToGithubCodeScanning'); + if (connectToGithubCodeScanning === 'off') return; + const config = { user: '', repoName: '', @@ -80,6 +99,25 @@ export function activateGithubAnalyses(store: Store, panel: Panel, outputChannel // so that the banner is visible. await panel.show(); + if (connectToGithubCodeScanning === 'onWithIntroduction') { + // This information message runs in parallel with loading, so we wrap it with an async function. + (async () => { + const choice = await window.showInformationMessage( + 'Any repository with a GitHub origin may have code scanning results. The Sarif Viewer is connecting to GitHub and will display any results.', + 'Keep', 'Disable', 'Settings...', + ); + if (choice === 'Keep') { + workspace.getConfiguration('sarif-viewer').update('connectToGithubCodeScanning', 'on'); + } + if (choice === 'Disable') { + workspace.getConfiguration('sarif-viewer').update('connectToGithubCodeScanning', 'off'); + } + if (choice === 'Settings...') { + commands.executeCommand( 'workbench.action.openSettings', 'sarif-viewer.connectToGithubCodeScanning'); + } + })(); + } + await onGitChanged(repo, gitHeadPath, store); const watcher = watch([ `${workspacePath}/.git/refs/heads`, // TODO: Only watch specific branch.