From eadf770a57919dbcb5a43afbeb9416554e87f3d4 Mon Sep 17 00:00:00 2001
From: RuiO <rui.oliveira@checkmarx.com>
Date: Mon, 30 Sep 2024 12:35:20 +0100
Subject: [PATCH 1/4] Add line content to secret struct

---
 engine/engine.go       | 1 +
 lib/reporting/sarif.go | 2 ++
 lib/secrets/secret.go  | 1 +
 3 files changed, 4 insertions(+)

diff --git a/engine/engine.go b/engine/engine.go
index f10f54d4..c001d625 100644
--- a/engine/engine.go
+++ b/engine/engine.go
@@ -98,6 +98,7 @@ func (e *Engine) Detect(item plugins.ISourceItem, secretsChannel chan *secrets.S
 			EndLine:     endLine,
 			EndColumn:   value.EndColumn,
 			Value:       value.Secret,
+			Line:        value.Line,
 		}
 		if !isSecretIgnored(secret, &e.ignoredIds, &e.allowedValues) {
 			secretsChannel <- secret
diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go
index 50803f26..f12791cd 100644
--- a/lib/reporting/sarif.go
+++ b/lib/reporting/sarif.go
@@ -92,6 +92,7 @@ func getLocation(secret *secrets.Secret) []Locations {
 					EndColumn:   secret.EndColumn,
 					Snippet: Snippet{
 						Text: secret.Value,
+						Line: secret.Line,
 					},
 				},
 			},
@@ -135,6 +136,7 @@ type Region struct {
 
 type Snippet struct {
 	Text string `json:"text"`
+	Line string `json:"line"`
 }
 
 type PhysicalLocation struct {
diff --git a/lib/secrets/secret.go b/lib/secrets/secret.go
index 01e66637..7cbc2e08 100644
--- a/lib/secrets/secret.go
+++ b/lib/secrets/secret.go
@@ -38,6 +38,7 @@ type Secret struct {
 	RuleID           string                 `json:"ruleId"`
 	StartLine        int                    `json:"startLine"`
 	EndLine          int                    `json:"endLine"`
+	Line             string                 `json:"line"`
 	StartColumn      int                    `json:"startColumn"`
 	EndColumn        int                    `json:"endColumn"`
 	Value            string                 `json:"value"`

From c9c7452115307142d871e1beb2506f3134e7807c Mon Sep 17 00:00:00 2001
From: RuiO <rui.oliveira@checkmarx.com>
Date: Mon, 30 Sep 2024 16:49:34 +0100
Subject: [PATCH 2/4] Use lineContent instead of line

---
 engine/engine.go       | 2 +-
 lib/reporting/sarif.go | 8 +++++---
 lib/secrets/secret.go  | 2 +-
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/engine/engine.go b/engine/engine.go
index c001d625..322014b7 100644
--- a/engine/engine.go
+++ b/engine/engine.go
@@ -98,7 +98,7 @@ func (e *Engine) Detect(item plugins.ISourceItem, secretsChannel chan *secrets.S
 			EndLine:     endLine,
 			EndColumn:   value.EndColumn,
 			Value:       value.Secret,
-			Line:        value.Line,
+			LineContent: value.Line,
 		}
 		if !isSecretIgnored(secret, &e.ignoredIds, &e.allowedValues) {
 			secretsChannel <- secret
diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go
index f12791cd..0ac2173c 100644
--- a/lib/reporting/sarif.go
+++ b/lib/reporting/sarif.go
@@ -92,7 +92,9 @@ func getLocation(secret *secrets.Secret) []Locations {
 					EndColumn:   secret.EndColumn,
 					Snippet: Snippet{
 						Text: secret.Value,
-						Line: secret.Line,
+						Properties: Properties{
+							"lineContent": secret.LineContent,
+						},
 					},
 				},
 			},
@@ -135,8 +137,8 @@ type Region struct {
 }
 
 type Snippet struct {
-	Text string `json:"text"`
-	Line string `json:"line"`
+	Text       string     `json:"text"`
+	Properties Properties `json:"properties,omitempty"`
 }
 
 type PhysicalLocation struct {
diff --git a/lib/secrets/secret.go b/lib/secrets/secret.go
index 7cbc2e08..0ca09961 100644
--- a/lib/secrets/secret.go
+++ b/lib/secrets/secret.go
@@ -38,7 +38,7 @@ type Secret struct {
 	RuleID           string                 `json:"ruleId"`
 	StartLine        int                    `json:"startLine"`
 	EndLine          int                    `json:"endLine"`
-	Line             string                 `json:"line"`
+	LineContent      string                 `json:"lineContent"`
 	StartColumn      int                    `json:"startColumn"`
 	EndColumn        int                    `json:"endColumn"`
 	Value            string                 `json:"value"`

From 0a1d217764b5314d71eb9603da5735eb635cdf41 Mon Sep 17 00:00:00 2001
From: RuiO <rui.oliveira@checkmarx.com>
Date: Mon, 30 Sep 2024 17:23:50 +0100
Subject: [PATCH 3/4] Trim spaces from line content

---
 lib/reporting/sarif.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/reporting/sarif.go b/lib/reporting/sarif.go
index 0ac2173c..67793bf4 100644
--- a/lib/reporting/sarif.go
+++ b/lib/reporting/sarif.go
@@ -3,9 +3,9 @@ package reporting
 import (
 	"encoding/json"
 	"fmt"
-
 	"github.com/checkmarx/2ms/lib/config"
 	"github.com/checkmarx/2ms/lib/secrets"
+	"strings"
 )
 
 func writeSarif(report Report, cfg *config.Config) (string, error) {
@@ -93,7 +93,7 @@ func getLocation(secret *secrets.Secret) []Locations {
 					Snippet: Snippet{
 						Text: secret.Value,
 						Properties: Properties{
-							"lineContent": secret.LineContent,
+							"lineContent": strings.TrimSpace(secret.LineContent),
 						},
 					},
 				},

From 2791bd9c11ff9f076f2fa95f5a1bfe8fa9461061 Mon Sep 17 00:00:00 2001
From: RuiO <rui.oliveira@checkmarx.com>
Date: Wed, 2 Oct 2024 18:23:41 +0100
Subject: [PATCH 4/4] Update UTs

---
 engine/engine_test.go | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/engine/engine_test.go b/engine/engine_test.go
index 1ad225e7..20b65be9 100644
--- a/engine/engine_test.go
+++ b/engine/engine_test.go
@@ -2,6 +2,7 @@ package engine
 
 import (
 	"fmt"
+	"github.com/stretchr/testify/assert"
 	"sync"
 	"testing"
 
@@ -159,11 +160,10 @@ func TestSecrets(t *testing.T) {
 
 			s := <-secretsChan
 
-			if s == nil && secret.ShouldFind {
-				t.Errorf("secret \"%s\" not found", secret.Name)
-			}
-			if s != nil && !secret.ShouldFind {
-				t.Errorf("should not find")
+			if secret.ShouldFind {
+				assert.Equal(t, s.LineContent, secret.Content)
+			} else {
+				assert.Nil(t, s)
 			}
 		})
 	}