From 1eeb81457c24bdff86ae6540021daf658d405fcf Mon Sep 17 00:00:00 2001
From: Pedro Lopes <Pedro.Lopes@checkmarx.com>
Date: Thu, 7 Apr 2022 11:55:55 +0100
Subject: [PATCH 1/5] Added new filed to sarif output

---
 internal/commands/result.go        | 11 +++++++++++
 internal/wrappers/results-sarif.go |  5 +++++
 2 files changed, 16 insertions(+)

diff --git a/internal/commands/result.go b/internal/commands/result.go
index 2846af9f5..9f35e31dc 100644
--- a/internal/commands/result.go
+++ b/internal/commands/result.go
@@ -767,6 +767,17 @@ func findRule(ruleIds map[interface{}]bool, result *wrappers.ScanResult) *wrappe
 
 	sarifRule.HelpURI = wrappers.SarifInformationURI
 
+	var securities = map[string]string{
+		infoCx:   "3.5",
+		lowCx:    "6.5",
+		mediumCx: "8.5",
+		highCx:   "9.5",
+	}
+	var sarifProperties wrappers.SarifProperties
+	sarifProperties.SecuritySeverity = securities[result.Severity]
+
+	sarifRule.Properties = sarifProperties
+
 	if !ruleIds[sarifRule.ID] {
 		ruleIds[sarifRule.ID] = true
 		return &sarifRule
diff --git a/internal/wrappers/results-sarif.go b/internal/wrappers/results-sarif.go
index 4c5a857cf..6b4a6fa7c 100644
--- a/internal/wrappers/results-sarif.go
+++ b/internal/wrappers/results-sarif.go
@@ -33,6 +33,11 @@ type SarifDriverRule struct {
 	Name            string           `json:"name,omitempty"`
 	HelpURI         string           `json:"helpUri"`
 	FullDescription SarifDescription `json:"fullDescription"`
+	Properties      SarifProperties  `json:"properties,omitempty"`
+}
+
+type SarifProperties struct {
+	SecuritySeverity string `json:"security-severity"`
 }
 
 type SarifDescription struct {

From 2040ea691c8e0a11d62d95515446b4347104f8d7 Mon Sep 17 00:00:00 2001
From: Pedro Lopes <Pedro.Lopes@checkmarx.com>
Date: Fri, 8 Apr 2022 14:06:13 +0100
Subject: [PATCH 2/5] Added tags Added help in markdown

---
 internal/commands/result.go        | 89 ++++++++++++++++++++----------
 internal/wrappers/results-sarif.go | 11 +++-
 2 files changed, 71 insertions(+), 29 deletions(-)

diff --git a/internal/commands/result.go b/internal/commands/result.go
index 9f35e31dc..2383acf19 100644
--- a/internal/commands/result.go
+++ b/internal/commands/result.go
@@ -64,6 +64,13 @@ var filterResultsListFlagUsage = fmt.Sprintf(
 	),
 )
 
+var securities = map[string]string{
+	infoCx:   "3.5",
+	lowCx:    "6.5",
+	mediumCx: "8.5",
+	highCx:   "9.5",
+}
+
 // NewResultCommand - Deprecated command
 func NewResultCommand(resultsWrapper wrappers.ResultsWrapper, scanWrapper wrappers.ScansWrapper) *cobra.Command {
 	resultCmd := &cobra.Command{
@@ -750,40 +757,70 @@ func parseSonarTextRange(results *wrappers.ScanResultNode) wrappers.SonarTextRan
 
 func findRule(ruleIds map[interface{}]bool, result *wrappers.ScanResult) *wrappers.SarifDriverRule {
 	var sarifRule wrappers.SarifDriverRule
-	var sarifDescription wrappers.SarifDescription
-	sarifDescription.Text = "No description available"
+	sarifRule.ID = findRuleId(result)
+	sarifRule.Name = strings.ReplaceAll(result.ScanResultData.QueryName, "_", " ")
+	sarifRule.FullDescription = findFullDescription(result)
+	sarifRule.Help = findHelp(result)
+	sarifRule.HelpURI = wrappers.SarifInformationURI
+	sarifRule.Properties = findProperties(result)
+
+	if !ruleIds[sarifRule.ID] {
+		ruleIds[sarifRule.ID] = true
+		return &sarifRule
+	}
+
+	return nil
+}
+
+func findRuleId(result *wrappers.ScanResult) string {
 	if result.ScanResultData.QueryID == nil {
-		sarifRule.ID = fmt.Sprintf("%s (%s)", result.ID, result.Type)
-	} else {
-		sarifRule.ID = fmt.Sprintf("%v (%s)", result.ScanResultData.QueryID, result.Type)
+		return fmt.Sprintf("%s (%s)", result.ID, result.Type)
 	}
-	sarifRule.Name = strings.ReplaceAll(result.ScanResultData.QueryName, "_", " ")
 
-	sarifDescription.Text = result.Description
+	return fmt.Sprintf("%v (%s)", result.ScanResultData.QueryID, result.Type)
+}
+
+func findFullDescription(result *wrappers.ScanResult) wrappers.SarifDescription {
+	var sarifDescription wrappers.SarifDescription
+	sarifDescription.Text = findDescriptionText(result)
+	return sarifDescription
+}
+
+func findHelp(result *wrappers.ScanResult) wrappers.SarifHelp {
+	var sarifHelp wrappers.SarifHelp
+	sarifHelp.Text = findDescriptionText(result)
+	sarifHelp.Markdown = findHelpMarkdownText(result)
+
+	return sarifHelp
+}
+
+func findDescriptionText(result *wrappers.ScanResult) string {
 	if result.Type == commonParams.KicsType {
-		sarifDescription.Text = result.Description + " Value:" + result.ScanResultData.Value + ". Expected value:" + result.ScanResultData.ExpectedValue
+		return fmt.Sprintf("%s Value: %s Excepted value: %s",
+			result.Description, result.ScanResultData.Value, result.ScanResultData.ExpectedValue)
 	}
-	sarifRule.FullDescription = sarifDescription
 
-	sarifRule.HelpURI = wrappers.SarifInformationURI
+	return result.Description
+}
 
-	var securities = map[string]string{
-		infoCx:   "3.5",
-		lowCx:    "6.5",
-		mediumCx: "8.5",
-		highCx:   "9.5",
+func findHelpMarkdownText(result *wrappers.ScanResult) string {
+	if result.Type == commonParams.KicsType {
+		return fmt.Sprintf("%s <br><br><strong>Value:</strong> %s <br><strong>Excepted value:</strong> %s",
+			result.Description, result.ScanResultData.Value, result.ScanResultData.ExpectedValue)
 	}
-	var sarifProperties wrappers.SarifProperties
-	sarifProperties.SecuritySeverity = securities[result.Severity]
 
-	sarifRule.Properties = sarifProperties
+	return result.Description
+}
 
-	if !ruleIds[sarifRule.ID] {
-		ruleIds[sarifRule.ID] = true
-		return &sarifRule
-	}
+func findProperties(result *wrappers.ScanResult) wrappers.SarifProperties {
+	var sarifProperties wrappers.SarifProperties
+	sarifProperties.Id = findRuleId(result)
+	sarifProperties.Name = strings.ReplaceAll(result.ScanResultData.QueryName, "_", " ")
+	sarifProperties.Description = findDescriptionText(result)
+	sarifProperties.SecuritySeverity = securities[result.Severity]
+	sarifProperties.Tags = []string{"security", "checkmarx", result.Type}
 
-	return nil
+	return sarifProperties
 }
 
 func findResult(result *wrappers.ScanResult) *wrappers.SarifScanResult {
@@ -795,11 +832,7 @@ func findResult(result *wrappers.ScanResult) *wrappers.SarifScanResult {
 		mediumCx: mediumSarif,
 		highCx:   highSarif,
 	}
-	if result.ScanResultData.QueryID == nil {
-		scanResult.RuleID = fmt.Sprintf("%v (%s)", result.ID, result.Type)
-	} else {
-		scanResult.RuleID = fmt.Sprintf("%v (%s)", result.ScanResultData.QueryID, result.Type)
-	}
+	scanResult.RuleID = findRuleId(result)
 	scanResult.Level = level[result.Severity]
 	scanResult.Message.Text = strings.ReplaceAll(result.ScanResultData.QueryName, "_", " ")
 	scanResult.Locations = []wrappers.SarifLocation{}
diff --git a/internal/wrappers/results-sarif.go b/internal/wrappers/results-sarif.go
index 6b4a6fa7c..fa16de2cc 100644
--- a/internal/wrappers/results-sarif.go
+++ b/internal/wrappers/results-sarif.go
@@ -32,14 +32,23 @@ type SarifDriverRule struct {
 	ID              string           `json:"id"`
 	Name            string           `json:"name,omitempty"`
 	HelpURI         string           `json:"helpUri"`
+	Help            SarifHelp        `json:"help"`
 	FullDescription SarifDescription `json:"fullDescription"`
 	Properties      SarifProperties  `json:"properties,omitempty"`
 }
 
 type SarifProperties struct {
-	SecuritySeverity string `json:"security-severity"`
+	SecuritySeverity string   `json:"security-severity"`
+	Name             string   `json:"name"`
+	Id               string   `json:"id"`
+	Description      string   `json:"description"`
+	Tags             []string `json:"tags"`
 }
 
+type SarifHelp struct {
+	Text     string `json:"text"`
+	Markdown string `json:"markdown"`
+}
 type SarifDescription struct {
 	Text string `json:"text"`
 }

From f201984d60de99931f04452405e485feb9dbfbef Mon Sep 17 00:00:00 2001
From: Pedro Lopes <Pedro.Lopes@checkmarx.com>
Date: Fri, 8 Apr 2022 14:09:48 +0100
Subject: [PATCH 3/5] update link

---
 internal/wrappers/results-sarif.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/wrappers/results-sarif.go b/internal/wrappers/results-sarif.go
index fa16de2cc..2bcbbd9a9 100644
--- a/internal/wrappers/results-sarif.go
+++ b/internal/wrappers/results-sarif.go
@@ -3,7 +3,7 @@ package wrappers
 var (
 	SarifName           = "Checkmarx AST"
 	SarifVersion        = "1.0"
-	SarifInformationURI = "https://checkmarx.atlassian.net/wiki/spaces/AST/pages/5844861345/CxAST+Documentation"
+	SarifInformationURI = "https://checkmarx.atlassian.net/wiki/spaces/AST"
 )
 
 type SarifResultsCollection struct {

From 5c86486714aad450e248956e886aa6ec5bcee97c Mon Sep 17 00:00:00 2001
From: Pedro Lopes <Pedro.Lopes@checkmarx.com>
Date: Fri, 8 Apr 2022 15:01:07 +0100
Subject: [PATCH 4/5] rename Id to ID

---
 internal/commands/result.go        | 8 ++++----
 internal/wrappers/results-sarif.go | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/internal/commands/result.go b/internal/commands/result.go
index 2383acf19..eef4e5d52 100644
--- a/internal/commands/result.go
+++ b/internal/commands/result.go
@@ -757,7 +757,7 @@ func parseSonarTextRange(results *wrappers.ScanResultNode) wrappers.SonarTextRan
 
 func findRule(ruleIds map[interface{}]bool, result *wrappers.ScanResult) *wrappers.SarifDriverRule {
 	var sarifRule wrappers.SarifDriverRule
-	sarifRule.ID = findRuleId(result)
+	sarifRule.ID = findRuleID(result)
 	sarifRule.Name = strings.ReplaceAll(result.ScanResultData.QueryName, "_", " ")
 	sarifRule.FullDescription = findFullDescription(result)
 	sarifRule.Help = findHelp(result)
@@ -772,7 +772,7 @@ func findRule(ruleIds map[interface{}]bool, result *wrappers.ScanResult) *wrappe
 	return nil
 }
 
-func findRuleId(result *wrappers.ScanResult) string {
+func findRuleID(result *wrappers.ScanResult) string {
 	if result.ScanResultData.QueryID == nil {
 		return fmt.Sprintf("%s (%s)", result.ID, result.Type)
 	}
@@ -814,7 +814,7 @@ func findHelpMarkdownText(result *wrappers.ScanResult) string {
 
 func findProperties(result *wrappers.ScanResult) wrappers.SarifProperties {
 	var sarifProperties wrappers.SarifProperties
-	sarifProperties.Id = findRuleId(result)
+	sarifProperties.ID = findRuleID(result)
 	sarifProperties.Name = strings.ReplaceAll(result.ScanResultData.QueryName, "_", " ")
 	sarifProperties.Description = findDescriptionText(result)
 	sarifProperties.SecuritySeverity = securities[result.Severity]
@@ -832,7 +832,7 @@ func findResult(result *wrappers.ScanResult) *wrappers.SarifScanResult {
 		mediumCx: mediumSarif,
 		highCx:   highSarif,
 	}
-	scanResult.RuleID = findRuleId(result)
+	scanResult.RuleID = findRuleID(result)
 	scanResult.Level = level[result.Severity]
 	scanResult.Message.Text = strings.ReplaceAll(result.ScanResultData.QueryName, "_", " ")
 	scanResult.Locations = []wrappers.SarifLocation{}
diff --git a/internal/wrappers/results-sarif.go b/internal/wrappers/results-sarif.go
index 2bcbbd9a9..e395eaf01 100644
--- a/internal/wrappers/results-sarif.go
+++ b/internal/wrappers/results-sarif.go
@@ -40,7 +40,7 @@ type SarifDriverRule struct {
 type SarifProperties struct {
 	SecuritySeverity string   `json:"security-severity"`
 	Name             string   `json:"name"`
-	Id               string   `json:"id"`
+	ID               string   `json:"id"`
 	Description      string   `json:"description"`
 	Tags             []string `json:"tags"`
 }

From 6c9c445b85609f0a8ef157dfb2bc7c25e103fba1 Mon Sep 17 00:00:00 2001
From: Pedro Lopes <Pedro.Lopes@checkmarx.com>
Date: Fri, 8 Apr 2022 15:29:45 +0100
Subject: [PATCH 5/5] update results modifier change github countributors count
 organization

---
 internal/wrappers/results-modifier.go      | 6 +++++-
 test/integration/user-count-github_test.go | 4 ++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/internal/wrappers/results-modifier.go b/internal/wrappers/results-modifier.go
index 1c49404fc..3f295e72f 100644
--- a/internal/wrappers/results-modifier.go
+++ b/internal/wrappers/results-modifier.go
@@ -28,10 +28,14 @@ func (s *ScanResult) UnmarshalJSON(data []byte) error {
 		s.Type = params.KicsType
 	}
 
-	if strings.HasPrefix(s.Type, "dependency") || strings.HasPrefix(s.Type, "sca-container") {
+	if strings.HasPrefix(s.Type, "dependency") || strings.HasPrefix(s.Type, "sca-") {
 		s.Type = params.ScaType
 	}
 
+	s.Status = strings.TrimSpace(s.Status)
+	s.State = strings.TrimSpace(s.State)
+	s.Severity = strings.TrimSpace(s.Severity)
+
 	if s.Description == "" && s.ScanResultData.Description != "" {
 		s.Description = s.ScanResultData.Description
 		s.ScanResultData.Description = ""
diff --git a/test/integration/user-count-github_test.go b/test/integration/user-count-github_test.go
index e3eaafdf6..345d748c9 100644
--- a/test/integration/user-count-github_test.go
+++ b/test/integration/user-count-github_test.go
@@ -19,13 +19,13 @@ func TestGitHubUserCount(t *testing.T) {
 	_ = viper.BindEnv(pat)
 	buffer := executeCmdWithTimeOutNilAssertion(
 		t,
-		"Counting contributors from checkmarxdev should pass",
+		"Counting contributors from checkmarx should pass",
 		2*time.Minute,
 		"utils",
 		usercount.UcCommand,
 		usercount.GithubCommand,
 		flag(usercount.OrgsFlag),
-		"checkmarxdev",
+		"checkmarx",
 		flag(params.SCMTokenFlag),
 		viper.GetString(pat),
 		flag(params.FormatFlag),