Support WSL

build.gradle

@@ -72,10 +72,9 @@ repositories {
     }
 }
 
-def buildInfoVersion = '2.43.6'
-def idePluginsCommonVersion = '2.4.4'
-// Updated to 2.17.3 for security fixes - compatible with Java 8+
-def jacksonVersion = '2.17.3'
+def buildInfoVersion = '2.43.9'
+def idePluginsCommonVersion = '2.4.5'
+def jacksonVersion = '2.18.6'
 
 dependencies {
     implementation group: 'com.fasterxml.jackson.dataformat', name: 'jackson-dataformat-yaml', version: jacksonVersion
@@ -87,7 +86,7 @@ dependencies {
     implementation group: 'com.jfrog.xray.client', name: 'xray-client-java', version: '0.14.1'
     implementation group: 'org.apache.commons', name: 'commons-collections4', version: '4.4'
     implementation group: 'org.jfrog.filespecs', name: 'file-specs-java', version: '1.1.2'
-    implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.11'
+    implementation group: 'org.apache.commons', name: 'commons-lang3', version: '3.18.0'
     implementation group: 'com.google.guava', name: 'guava', version: '32.0.1-jre'
     implementation group: 'org.codehaus.plexus', name: 'plexus-utils', version: '3.4.1'
     implementation group: 'net.lingala.zip4j', name: 'zip4j', version: '2.11.4'

src/main/java/com/jfrog/ide/idea/ci/CiManager.java

@@ -24,6 +24,7 @@
 import com.jfrog.ide.idea.ui.menus.filtermanager.CiFilterManager;
 import com.jfrog.ide.idea.utils.Utils;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.Strings;
 import org.jetbrains.annotations.NotNull;
 import org.jfrog.build.extractor.scan.DependencyTree;
 
@@ -151,8 +152,8 @@ public BuildGeneralInfo getBuildGeneralInfo(String buildIdentifier) {
         return (BuildGeneralInfo) root.getChildren().stream()
                 .map(DependencyTree::getGeneralInfo)
                 .map(generalInfo -> (BuildGeneralInfo) generalInfo)
-                .filter(generalInfo -> StringUtils.equals(buildName, generalInfo.getBuildName()))
-                .filter(generalInfo -> StringUtils.equals(buildNumber, generalInfo.getBuildNumber()))
+                .filter(generalInfo -> Strings.CS.equals(buildName, generalInfo.getBuildName()))
+                .filter(generalInfo -> Strings.CS.equals(buildNumber, generalInfo.getBuildNumber()))
                 .findAny().orElse(null);
     }
 

src/main/java/com/jfrog/ide/idea/configuration/ServerConfigImpl.java

@@ -33,6 +33,7 @@
 import com.jfrog.ide.idea.ui.configuration.ConnectionRetriesSpinner;
 import com.jfrog.ide.idea.ui.configuration.ConnectionTimeoutSpinner;
 import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.Strings;
 import org.jfrog.build.client.ProxyConfiguration;
 
 import javax.annotation.CheckForNull;
@@ -51,7 +52,9 @@
 import static com.jfrog.ide.idea.ui.configuration.ConfigVerificationUtils.DEFAULT_EXCLUSIONS;
 import static com.jfrog.ide.idea.ui.configuration.Utils.*;
 import static org.apache.commons.lang3.ObjectUtils.defaultIfNull;
+import static org.apache.commons.lang3.ObjectUtils.getIfNull;
 import static org.apache.commons.lang3.StringUtils.*;
+import static org.apache.commons.lang3.Strings.CS;
 
 /**
  * @author yahavi
@@ -234,7 +237,7 @@ public boolean isInsecureTls() {
     }
 
     public String getExcludedPaths() {
-        return defaultIfNull(this.excludedPaths, DEFAULT_EXCLUSIONS);
+        return getIfNull(this.excludedPaths, DEFAULT_EXCLUSIONS);
     }
 
     @Override
@@ -259,12 +262,12 @@ public SSLContext getSslContext() {
 
     @Override
     public int getConnectionRetries() {
-        return defaultIfNull(this.connectionRetries, ConnectionRetriesSpinner.RANGE.initial);
+        return getIfNull(this.connectionRetries, ConnectionRetriesSpinner.RANGE.initial);
     }
 
     @Override
     public int getConnectionTimeout() {
-        return defaultIfNull(this.connectionTimeout, ConnectionTimeoutSpinner.RANGE.initial);
+        return getIfNull(this.connectionTimeout, ConnectionTimeoutSpinner.RANGE.initial);
     }
 
     @Override
@@ -456,7 +459,7 @@ public void readConnectionDetailsFromEnv() {
         }
 
         setUrl(platformUrlEnv);
-        String platformUrlStr = removeEnd(platformUrlEnv, "/");
+        String platformUrlStr = Strings.CS.removeEnd(platformUrlEnv, "/");
         if (isBlank(xrayUrlEnv)) {
             setXrayUrl(platformUrlStr + "/xray");
         } else {

src/main/java/com/jfrog/ide/idea/inspections/AbstractInspection.java

@@ -21,12 +21,14 @@
 import com.jfrog.ide.idea.inspections.upgradeversion.UpgradeVersion;
 import com.jfrog.ide.idea.navigation.NavigationService;
 import com.jfrog.ide.idea.scan.ScannerBase;
+import com.jfrog.ide.idea.utils.DescriptorPathUtils;
 import com.jfrog.ide.idea.ui.ComponentsTree;
 import com.jfrog.ide.idea.ui.LocalComponentsTree;
 import com.jfrog.ide.idea.utils.Descriptor;
 import org.apache.commons.collections4.CollectionUtils;
 import org.apache.commons.collections4.ListUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.Strings;
 
 import javax.swing.tree.TreeNode;
 import java.util.*;
@@ -142,7 +144,7 @@ Set<DescriptorFileTreeNode> getFileDescriptors(PsiElement element) {
         Enumeration<TreeNode> roots = ((SortableChildrenTreeNode) componentsTree.getModel().getRoot()).children();
         for (TreeNode root : Collections.list(roots)) {
             if (root instanceof DescriptorFileTreeNode fileNode) {
-                if (fileNode.getFilePath().equals(element.getContainingFile().getVirtualFile().getPath())) {
+                if (DescriptorPathUtils.areDescriptorPathsEqual(fileNode.getFilePath(), element.getContainingFile().getVirtualFile().getPath())) {
                     fileDescriptors.add(fileNode);
                 }
             }
@@ -236,13 +238,13 @@ boolean isNodeMatch(DependencyNode node, String componentName) {
         String artifactID = node.getComponentIdWithoutPrefix();
         ImpactTree impactTree = node.getImpactTree();
         String versionPrefix = ":";
-        return StringUtils.equals(extractArtifactIdWithoutVersion(artifactID), componentName) || impactTree.contains(componentName+versionPrefix);
+        return Strings.CS.equals(extractArtifactIdWithoutVersion(artifactID), componentName) || impactTree.contains(componentName+versionPrefix);
     }
 
     abstract UpgradeVersion getUpgradeVersion(String componentName, String fixVersion, Collection<String> issues, String descriptorPath);
 
     void registerProblem(ProblemsHolder problemsHolder, DependencyNode dependency, PsiElement element, String componentName) {
-        boolean isTransitive = dependency.isIndirect() || !StringUtils.contains(dependency.getTitle(), componentName);
+        boolean isTransitive = dependency.isIndirect() || !Strings.CS.contains(dependency.getTitle(), componentName);
         String dependencyDescription = getDependencyDescription(dependency.getTitle(), isTransitive);
         List<LocalQuickFix> quickFixes = new ArrayList<>();
         quickFixes.add(new ShowInDependencyTree(dependency, dependencyDescription));

src/main/java/com/jfrog/ide/idea/inspections/GoInspection.java

@@ -10,9 +10,11 @@
 import com.intellij.psi.PsiElementVisitor;
 import com.jfrog.ide.idea.inspections.upgradeversion.GoUpgradeVersion;
 import com.jfrog.ide.idea.inspections.upgradeversion.UpgradeVersion;
+import com.jfrog.ide.idea.scan.GoScanner;
 import com.jfrog.ide.idea.scan.ScanManager;
 import com.jfrog.ide.idea.scan.ScannerBase;
 import com.jfrog.ide.idea.utils.Descriptor;
+import com.jfrog.ide.idea.utils.DescriptorPathUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
 
@@ -56,7 +58,8 @@ boolean isDependency(PsiElement element) {
     @Override
     ScannerBase getScanner(Project project, String path) {
         return ScanManager.getScanners(project).stream()
-                .filter(manager -> StringUtils.equals(manager.getProjectPath(), path))
+                .filter(GoScanner.class::isInstance)
+                .filter(manager -> DescriptorPathUtils.areDescriptorPathsEqual(manager.getProjectPath(), path))
                 .findAny()
                 .orElse(null);
     }

src/main/java/com/jfrog/ide/idea/inspections/GradleGroovyInspection.java

@@ -8,6 +8,7 @@
 import com.jfrog.ide.idea.inspections.upgradeversion.UpgradeVersion;
 import com.jfrog.ide.idea.utils.Descriptor;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.Strings;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.plugins.groovy.lang.psi.GroovyElementVisitor;
 import org.jetbrains.plugins.groovy.lang.psi.GroovyPsiElement;
@@ -23,6 +24,8 @@
 import java.util.List;
 import java.util.Objects;
 
+import static org.apache.commons.lang3.Strings.CS;
+
 /**
  * @author yahavi
  */
@@ -74,7 +77,7 @@ public void visitArgumentList(@NotNull GrArgumentList list) {
     boolean isDependency(PsiElement element) {
         PsiElement parent = element.getParent();
         for (int i = 0; i < 6; i++, parent = parent.getParent()) {
-            if (StringUtils.startsWith(parent.getText(), "dependencies")) {
+            if (Strings.CS.startsWith(parent.getText(), "dependencies")) {
                 return true;
             }
         }

src/main/java/com/jfrog/ide/idea/inspections/JFrogSecurityAnnotator.java

@@ -15,6 +15,7 @@
 import com.jfrog.ide.idea.events.AnnotationEvents;
 import com.jfrog.ide.idea.ui.ComponentsTree;
 import com.jfrog.ide.idea.ui.LocalComponentsTree;
+import com.jfrog.ide.idea.utils.DescriptorPathUtils;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 
@@ -52,7 +53,7 @@ public List<FileIssueNode> doAnnotate(PsiFile file) {
         Enumeration<TreeNode> roots = ((SortableChildrenTreeNode) componentsTree.getModel().getRoot()).children();
         roots.asIterator().forEachRemaining(root -> {
             FileTreeNode fileNode = (FileTreeNode) root;
-            if (fileNode.getFilePath().equals(file.getContainingFile().getVirtualFile().getPath())) {
+            if (DescriptorPathUtils.areDescriptorPathsEqual(fileNode.getFilePath(), file.getContainingFile().getVirtualFile().getPath())) {
                 fileNode.children().asIterator().forEachRemaining(issueNode -> {
                             if (issueNode instanceof FileIssueNode) {
                                 issues.add((FileIssueNode) issueNode);

src/main/java/com/jfrog/ide/idea/inspections/JFrogSecurityWarning.java

@@ -4,10 +4,10 @@
 import com.jfrog.ide.common.nodes.subentities.Severity;
 import com.jfrog.ide.common.nodes.subentities.SourceCodeScanType;
 import com.jfrog.ide.idea.scan.data.*;
+import com.jfrog.ide.idea.utils.DescriptorPathUtils;
 import lombok.Getter;
+import org.jetbrains.annotations.Nullable;
 
-import java.net.URI;
-import java.nio.file.Paths;
 import java.util.List;
 
 @Getter
@@ -53,30 +53,37 @@ public JFrogSecurityWarning(
     }
 
     public JFrogSecurityWarning(SarifResult result, SourceCodeScanType reporter, Rule rule) {
+        this(result, reporter, rule, null);
+    }
+
+    public JFrogSecurityWarning(SarifResult result, SourceCodeScanType reporter, Rule rule, @Nullable String wslDistro) {
         this(getFirstRegion(result).getStartLine() - 1,
                 getFirstRegion(result).getStartColumn() - 1,
                 getFirstRegion(result).getEndLine() - 1,
                 getFirstRegion(result).getEndColumn() - 1,
                 determineReason(result.getMessage().getText(), rule.getShortDescription().getText(), reporter),
-                getFilePath(result),
+                getFilePath(result, wslDistro),
                 result.getRuleId(),
                 getFirstRegion(result).getSnippet().getText(),
                 reporter,
                 isWarningApplicable(result, rule),
                 Severity.fromSarif(result.getSeverity()),
-                convertCodeFlowsToFindingInfo(result.getCodeFlows())
+                convertCodeFlowsToFindingInfo(result.getCodeFlows(), wslDistro)
         );
     }
 
     private static boolean isWarningApplicable(SarifResult result, Rule rule) {
         return !result.getKind().equals("pass") && (rule.getRuleProperties().map(properties -> properties.getApplicability().equals("applicable")).orElse(true));
     }
 
-    private static String getFilePath(SarifResult result) {
-        return !result.getLocations().isEmpty() ? uriToPath(result.getLocations().get(0).getPhysicalLocation().getArtifactLocation().getUri()) : "";
+    private static String getFilePath(SarifResult result, @Nullable String wslDistro) {
+        return !result.getLocations().isEmpty()
+                ? DescriptorPathUtils.sarifArtifactUriToLocalPath(
+                result.getLocations().get(0).getPhysicalLocation().getArtifactLocation().getUri(), wslDistro)
+                : "";
     }
 
-    private static FindingInfo[][] convertCodeFlowsToFindingInfo(List<CodeFlow> codeFlows) {
+    private static FindingInfo[][] convertCodeFlowsToFindingInfo(List<CodeFlow> codeFlows, @Nullable String wslDistro) {
         if (codeFlows == null || codeFlows.isEmpty()) {
             return null;
         }
@@ -92,7 +99,7 @@ private static FindingInfo[][] convertCodeFlowsToFindingInfo(List<CodeFlow> code
             for (int j = 0; j < locations.size(); j++) {
                 PhysicalLocation location = locations.get(j).getLocation().getPhysicalLocation();
                 results[i][j] = new FindingInfo(
-                        uriToPath(location.getArtifactLocation().getUri()),
+                        DescriptorPathUtils.sarifArtifactUriToLocalPath(location.getArtifactLocation().getUri(), wslDistro),
                         location.getRegion().getStartLine(),
                         location.getRegion().getStartColumn(),
                         location.getRegion().getEndLine(),
@@ -122,10 +129,6 @@ public void setScannerSearchTarget(String scannerSearchTarget) {
         this.scannerSearchTarget = scannerSearchTarget;
     }
 
-    private static String uriToPath(String path) {
-        return Paths.get(URI.create(path)).toString();
-    }
-
     private static String determineReason(String resultMessage, String ruleMessage, SourceCodeScanType scannerType) {
         return scannerType.equals(SourceCodeScanType.SAST) ? ruleMessage : resultMessage;
     }

src/main/java/com/jfrog/ide/idea/inspections/JumpToCode.java

@@ -9,10 +9,10 @@
 import com.intellij.openapi.fileEditor.FileEditorManager;
 import com.intellij.openapi.project.Project;
 import com.intellij.openapi.util.text.StringUtil;
-import com.intellij.openapi.vfs.LocalFileSystem;
 import com.intellij.openapi.vfs.VirtualFile;
 import com.intellij.psi.PsiFile;
 import com.intellij.psi.util.PsiUtilBase;
+import com.jfrog.ide.idea.utils.DescriptorPathUtils;
 import org.jetbrains.annotations.NotNull;
 
 /**
@@ -72,7 +72,10 @@ private void highlightCode(int startRow, int endRow, int startColumn, int endCol
     }
 
     private VirtualFile getVirtualFile(String path) {
-        return LocalFileSystem.getInstance().findFileByPath(path);
+        if (path == null || path.isEmpty()) {
+            return null;
+        }
+        return DescriptorPathUtils.findLocalVirtualFile(path);
     }
 
     private Document getDocument(Editor editor) {

src/main/java/com/jfrog/ide/idea/inspections/MavenInspection.java

@@ -17,6 +17,7 @@
 import com.jfrog.ide.idea.scan.ScannerBase;
 import com.jfrog.ide.idea.utils.Descriptor;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.Strings;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.idea.maven.dom.model.MavenDomArtifactCoordinates;
 import java.util.Collection;
@@ -58,19 +59,19 @@ public void annotate(@NotNull PsiElement element, @NotNull AnnotationHolder hold
     }
 
     boolean isDependencyOrPlugin(XmlTag xmlTag) {
-        return StringUtils.equalsAny(xmlTag.getName(), MAVEN_DEPENDENCY_TAG, MAVEN_PLUGIN_TAG);
+        return Strings.CS.equalsAny(xmlTag.getName(), MAVEN_DEPENDENCY_TAG, MAVEN_PLUGIN_TAG);
     }
 
     @Override
     boolean isDependency(PsiElement element) {
         PsiElement parentElement = element.getParent();
         if ((parentElement instanceof XmlTag) &&
-                StringUtils.equalsAny(((XmlTag) parentElement).getName(), MAVEN_DEPENDENCIES_TAG, MAVEN_PLUGINS_TAG)) {
+                Strings.CS.equalsAny(((XmlTag) parentElement).getName(), MAVEN_DEPENDENCIES_TAG, MAVEN_PLUGINS_TAG)) {
             return true;
         }
         PsiElement grandParentElement = parentElement.getParent();
         return (grandParentElement instanceof XmlTag &&
-                StringUtils.equals(((XmlTag) grandParentElement).getName(), MAVEN_DEPENDENCY_MANAGEMENT));
+                Strings.CS.equals(((XmlTag) grandParentElement).getName(), MAVEN_DEPENDENCY_MANAGEMENT));
     }
 
     @Override

src/main/java/com/jfrog/ide/idea/inspections/NpmInspection.java

@@ -13,7 +13,9 @@
 import com.jfrog.ide.idea.scan.ScanManager;
 import com.jfrog.ide.idea.scan.ScannerBase;
 import com.jfrog.ide.idea.utils.Descriptor;
+import com.jfrog.ide.idea.utils.DescriptorPathUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.Strings;
 import org.jetbrains.annotations.NotNull;
 
 import java.util.Collection;
@@ -49,13 +51,13 @@ public void annotate(@NotNull PsiElement element, @NotNull AnnotationHolder hold
     @Override
     boolean isDependency(PsiElement element) {
         PsiElement parentElement = element.getParent().getParent();
-        return parentElement != null && StringUtils.equalsAny(parentElement.getFirstChild().getText(), "\"dependencies\"", "\"devDependencies\"");
+        return parentElement != null && Strings.CS.equalsAny(parentElement.getFirstChild().getText(), "\"dependencies\"", "\"devDependencies\"");
     }
 
     @Override
     ScannerBase getScanner(Project project, String path) {
         return ScanManager.getScanners(project).stream()
-                .filter(manager -> StringUtils.equals(manager.getProjectPath(), path))
+                .filter(manager -> DescriptorPathUtils.areDescriptorPathsEqual(manager.getProjectPath(), path))
                 .filter(this::isMatchingScanner)
                 .findAny()
                 .orElse(null);

src/main/java/com/jfrog/ide/idea/scan/ApplicabilityScannerExecutor.java

@@ -9,6 +9,7 @@
 import com.jfrog.ide.idea.scan.data.*;
 import com.jfrog.xray.client.services.entitlements.Feature;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.Strings;
 import org.jfrog.build.api.util.Log;
 
 import java.io.IOException;
@@ -28,6 +29,11 @@ public ApplicabilityScannerExecutor(Log log) {
         supportedPackageTypes = SUPPORTED_PACKAGE_TYPES;
     }
 
+    public ApplicabilityScannerExecutor(Log log, String wslDistro) {
+        super(SourceCodeScanType.CONTEXTUAL, log, wslDistro);
+        supportedPackageTypes = SUPPORTED_PACKAGE_TYPES;
+    }
+
     public List<JFrogSecurityWarning> execute(ScanConfig.Builder inputFileBuilder, Runnable checkCanceled, ProgressIndicator indicator) throws IOException, InterruptedException {
         return super.execute(inputFileBuilder, SCANNER_ARGS, checkCanceled, indicator);
     }
@@ -57,7 +63,7 @@ protected List<JFrogSecurityWarning> parseOutputSarif(Path outputFile) throws IO
                     List<SarifResult> evidence = resultsByRule.getOrDefault(rule.getId(), List.of());
                     for (SarifResult result : evidence) {
                         if (!result.getLocations().isEmpty()) {
-                            warnings.add(new JFrogSecurityWarning(result, scanType, rule));
+                            warnings.add(new JFrogSecurityWarning(result, scanType, rule, getWslDistro()));
                         }
                     }
                 } else if ("not_applicable".equals(applicability)) {
@@ -96,7 +102,7 @@ List<FileTreeNode> createSpecificFileIssueNodes(List<JFrogSecurityWarning> warni
         HashMap<String, FileTreeNode> results = new HashMap<>();
         for (JFrogSecurityWarning warning : warnings) {
             // Update all VulnerabilityNodes that have the warning's CVE
-            String cve = StringUtils.removeStart(warning.getRuleID(), "applic_");
+            String cve = Strings.CS.removeStart(warning.getRuleID(), "applic_");
             List<VulnerabilityNode> issues = issuesMap.get(cve);
             if (issues != null) {
                 if (warning.isApplicable()) {