Feature/ast 37694 test critical severity (#696)

* adding minio feature flag (#646)

* Rename gpt fix (#648)

* Add "*.cmp" extension (#647)

* Bump github.com/google/uuid from 1.5.0 to 1.6.0 (#650)

Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](google/uuid@v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Sast results analysis (#645)

* Add result show --prioritize-sast flag & implementation

* Fix linter errors

* Add tests and fix linter

* Change prioritize-sast help text and priority values

* Fix line-too-long lint issue

* Update result integration test for --prioritize-sast

* Change prioritize-sast to sast-prioritization

* Change UnknownReference to a more informational value

* Chage sast-prioritization to sast-redundancy

* Add newlines to response if necessary

* Fix lint errors in new code

* Refactor for better coverage on chat-sast code

* initialize array (#651)

* AST-35649 | fix ast-cli vulnerabilities (#655)

* fix vulnerabilities

* fix vulnerabilities

* fix vulnerabilities

* fix vulnerabilities

* fix vulnerabilities

* alpine:3.17.0

* 19

* sha

* kics vulnerabilities

* kics and lint problems

* delete if

* ignore 0666 number

* fix vulnerabilities

* permission const

* 666

* AST-34271 | improve result summary table in cli (#656)

* AST-34271 | improve result summary table in cli

* AST-34271 | fixing pr decoration test

* AST-34271 | fixing triage test, removing uneeded project remove

* AST-34271 | solve getRoot function test bugs

* Update release.yml (#660)

* remove sca optin from scan log description (#661)

* remove sca option from scan log description

* AST-35664 | Enhance AI Guided Remediation answers (#662)

* AST-35664 | Enhance AI Guided Remediation answers
* AST-35664 | improved test readability

* Encode client ID and secret (#654)

* Add policy violation to PR/MR decoration (#643)

* AST-35640 | Create Groups Assignment (#663)

* create groups assignment

* lint

* lint issues

* import order

* import order

* do not send groups when FF = on

* code review

* lint issues

* load feature flags

* Or review fixes

* Integration Tests

* Integration Tests-update project

* groups.go

* lint

* fix PrintIfVerbose

* fix PrintfIfVerbose

* findGroupByName fix

* fix nul error in find group

* fixing linter

---------

Co-authored-by: Or Shamir Checkmarx <[email protected]>
Co-authored-by: tiagobcx <[email protected]>

* CLI | Support the application-name flag and add association to the project (AST-35636 , AST-35637) (#664)

* Add application name flag

* fixes

* AST-35637 | add project association to application functionality

* Renamed integration test

* AST-35637 | added create project with app-name test

* added NoPermissionApp case

* Added constants to mock flags and error messages

* added test

* passing application Id to project

* AST-35637 | added unit tests for create scan/project under application

* Added integration tests + handling of forbidden status

* extracted fail message to const + handled error model

* AST-35637 | handle 403 status code in update and create project

* AST-35637 | fix github linter applicationId param

* AST-35637 | initialize projModel applicationIds in updateProject func

* AST-35637 | fix github linter problem - change Id to ID

* AST-35637 | fix github linter problem - change Id to ID

* removed ErroModelUsage + formatting errors

* AST-35637 | fix github linter problem - shadowing errors

* AST-35637 | fix github linter problem - shadowing errors

* AST-35637 | fix github linter problem - change package applicationErrors to applicationerrors

* AST-35637 | fix github linter problem - change FakeHttpStatus to FakeHTTPStatus

* AST-35637 | fix github linter problem

* AST-35637 | fix integration tests

* AST-35637 | add checked returned error when deffering

* AST-35637 | fix tests

* AST-35637 | go linter imports order

* AST-35637 | make createApplicationIds func more readable

* reduced the limit count

* fix

* fixes

* AST-35637 | change prameter type of applicationId from string to []string

* AST-35637 | resolved conflict

* AST-35637 | resolved github linter errors

---------

Co-authored-by: checkmarx-kobi-hagmi <[email protected]>
Co-authored-by: AlvoBen <[email protected]>

* AST-36339 | enable Ai Guided Remediation only if the tenant has permission (#666)

* enable Ai Guided Remediation only if the tenant has permission

* trigger unit test

* fix test

* hide chat command from help (#668)

* Update Get Application by Name with Exact Match and Update Permissions Log Message (AST-36823) (#669)

* the application name passed to application-name flag must match application name exactly

* Changed ApplicationDoesntExist and ApplicationNoPermission to ApplicationDoesntExistOrNoPermission

* Fixed lint error

---------

Co-authored-by: Or Shamir Checkmarx <[email protected]>

* AST-36690 | cleanup integration test (#671)

* fix test

* fix test

* names

* crypto

* crypto

* adding assert

* adding application ids to project creation print

---------

Co-authored-by: Or Shamir Checkmarx <[email protected]>

* Update Confidence Description (AST-37132) (#676)

* Update Confidence Description (AST-37132)

* Update Confidence Description (AST-37132)

* fix tests

* Fix "About this vulnerability" link

Fix "About this vulnerability" link

* Update result.go

* Update result.go

* Add Directory.Packages.props for Nuget Central Package Management (#652)

* Update filters.go

Added Directory.Packages.props file used by Nuget Central Package Management for dependency management in SCA

* Fixed linting issue

---------

Co-authored-by: Or Shamir Checkmarx <[email protected]>

* Update CI.yml to Use GitLab Env Vars (#681)

* Update CI.yml to Use GitLab Env Vars

* Update CI.yml to Use GitLab Env Vars

* Update CI.yml to Use GitLab Env Vars

* AST-37225 Shared Containers Constants (#684)

* AST-37225 const

* containers type

---------

Co-authored-by: Or Shamir Checkmarx <[email protected]>

* Bump alpine from 3.19.0 to 3.19.1 (#649)

Bumps alpine from 3.19.0 to 3.19.1.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pedro Lopes <[email protected]>
Co-authored-by: Or Shamir Checkmarx <[email protected]>

* update-gon-test (#686)

* Update gonMac.hcl

* Update release.yml

* Update gonMac.hcl

* Update gonMac.hcl

* Update gonMac.hcl

* Update gonMac.hcl

* Update gonMac.hcl

* Update gonMac.hcl

* Update result_test.go

fix test

* Update result_test.go

* CLI | Add Missing PackageManager Types (AST-38138) (#691)

* add package manager types

* add unit test

* Change createDependencyMapFromDependencyResolution signature to fix linter errors

* fix lint errors

* Resolve pr review conversation

---------

Co-authored-by: AlvoBen <[email protected]>

* changes after merge and testcases

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: Tiago Baptista <[email protected]>
Co-authored-by: Margarita <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ittai Gilat <[email protected]>
Co-authored-by: Pedro Lopes <[email protected]>
Co-authored-by: tamarleviCm <[email protected]>
Co-authored-by: AlvoBen <[email protected]>
Co-authored-by: Or Shamir Checkmarx <[email protected]>
Co-authored-by: tiagobcx <[email protected]>
Co-authored-by: checkmarx-kobi-hagmi <[email protected]>
Co-authored-by: AlvoBen <[email protected]>
Co-authored-by: checkmarx-kobi-hagmi <[email protected]>
Co-authored-by: elchananarb <[email protected]>
Co-authored-by: Phillip Dade <[email protected]>
Co-authored-by: elchananarb <[email protected]>

.github/workflows/ci.yml

@@ -4,7 +4,7 @@ on:
   pull_request:
 
 env:
-  GO_VERSION: '1.21.5'
+  GO_VERSION: '1.21.8'
 
 jobs:
   unit-tests:
@@ -68,10 +68,10 @@ jobs:
           PR_GITHUB_REPO_NAME: "ast-cli"
           PR_GITHUB_NUMBER: 418
           PR_GITLAB_TOKEN : ${{ secrets.PR_GITLAB_TOKEN }}
-          PR_GITLAB_NAMESPACE: "tiagobcx"
-          PR_GITLAB_REPO_NAME: "testProject"
-          PR_GITLAB_PROJECT_ID: 40227565
-          PR_GITLAB_IID: 19
+          PR_GITLAB_NAMESPACE: ${{ secrets.PR_GITLAB_NAMESPACE }}
+          PR_GITLAB_REPO_NAME: ${{ secrets.PR_GITLAB_REPO_NAME }}
+          PR_GITLAB_PROJECT_ID: ${{ secrets.PR_GITLAB_PROJECT_ID }}
+          PR_GITLAB_IID: ${{ secrets.PR_GITLAB_IID }}
           AZURE_ORG: ${{ secrets.AZURE_ORG }}
           AZURE_PROJECT: ${{ secrets.AZURE_PROJECT }}
           AZURE_REPOS: ${{ secrets.AZURE_REPOS }}
@@ -116,7 +116,7 @@ jobs:
           go-version: ${{ env.GO_VERSION }}
       - run: go version
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc #v3
         with:
           skip-pkg-cache: true
           version: v1.54.2
@@ -127,7 +127,7 @@ jobs:
     name: govulncheck
     steps:
       - id: govulncheck
-        uses: golang/govulncheck-action@v1
+        uses: golang/govulncheck-action@7da72f730e37eeaad891fcff0a532d27ed737cd4 #v1
         with:
           go-version-input: ${{ env.GO_VERSION }}
           go-package: ./...

.github/workflows/dependabot-auto-merge.yml

@@ -11,7 +11,7 @@ jobs:
     steps:
       - name: Dependabot metadata
         id: metadata
-        uses: dependabot/[email protected]
+        uses: dependabot/fetch-metadata@bfac3fa29cc6834ca2e3fd659343da191a65d971 # v1.3.1
         with:
           github-token: "${{ secrets.GH_TOKEN }}"
       - name: Enable auto-merge for Dependabot PRs
@@ -20,6 +20,6 @@ jobs:
           GITHUB_TOKEN: ${{secrets.GH_TOKEN}}
         run: gh pr merge --auto --merge "$PR_URL"
       - name: Auto approve dependabot PRs
-        uses: hmarr/auto-approve-action@v2
+        uses: hmarr/auto-approve-action@7782c7e2bdf62b4d79bdcded8332808fd2f179cd #v2
         with:
           github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}

.github/workflows/jira_notify.yml

@@ -27,15 +27,15 @@ jobs:
       JIRA_URL: "https://checkmarx.atlassian.net/"
     steps:
       - name: Jira Login
-        uses: atlassian/gajira-login@v3
+        uses: atlassian/gajira-login@ca13f8850ea309cf44a6e4e0c49d9aa48ac3ca4c #v3
         env:
           JIRA_BASE_URL: ${{ env.JIRA_URL }}
           JIRA_USER_EMAIL: ${{ secrets.AST_JIRA_USER_EMAIL }}
           JIRA_API_TOKEN: ${{ secrets.AST_JIRA_API_TOKEN }}
 
       - name: Jira Create issue
         id: create_jira_issue
-        uses: atlassian/gajira-create@v3
+        uses: atlassian/gajira-create@1ff0b6bd115a780592b47bfbb63fc4629132e6ec #v3
         with:
           project: AST
           issuetype: Task
@@ -55,7 +55,7 @@ jobs:
             })
 
       - name: Send a teams notification
-        uses: thechetantalwar/teams-notify@v2
+        uses: thechetantalwar/teams-notify@8a78811f5e8f58cdd204efebd79158006428c46b #v2
         with:
           teams_webhook_url: ${{ secrets.TEAMS_WEBHOOK_URI }}
           message: "Github issue created ${{ github.repository }} - Link - ${{inputs.html_url}} - Jira Issue - ${{ env.JIRA_URL }}/browse/${{ steps.create_jira_issue.outputs.issue }}"

.github/workflows/nightly.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Delete release
-        uses: dev-drprasad/[email protected]
+        uses: dev-drprasad/delete-tag-and-release@5eafd8668311bf3e4d6c1e9898f32a317103de68 #v0.2.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:

.github/workflows/pr-label.yml

@@ -12,7 +12,7 @@ jobs:
       pull-requests: write  # for TimonVS/pr-labeler-action to add labels in PR
     runs-on: ubuntu-latest
     steps:
-      - uses: TimonVS/pr-labeler-action@v3
+      - uses: TimonVS/pr-labeler-action@8447391d87bc7648ce6bf97159c17b642576afb0 #v3
         with:
           configuration-path: .github/pr-labeler.yml # optional, .github/pr-labeler.yml is the default value
         env:

.github/workflows/release.yml

@@ -45,7 +45,7 @@ jobs:
         with:
           go-version: '^1.21.5'
       - name: Import Code-Signing Certificates
-        uses: Apple-Actions/import-codesign-certs@v1
+        uses: Apple-Actions/import-codesign-certs@253ddeeac23f2bdad1646faac5c8c2832e800071 #v1
         with:
           # The certificates in a PKCS12 file encoded as a base64 string
           p12-file-base64: ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
@@ -61,8 +61,7 @@ jobs:
           brew --version
       - name: Install gon
         run: |
-          brew tap mitchellh/gon
-          brew install mitchellh/gon/gon
+          brew install Bearer/tap/gon
       - name: Install and start docker
         if: inputs.dev == false
         run: |
@@ -76,12 +75,12 @@ jobs:
           docker info
       - name: Login to Docker Hub
         if: inputs.dev == false
-        uses: docker/login-action@v1
+        uses: docker/login-action@dd4fa0671be5250ee6f50aedf4cb05514abda2c7 #v1
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
       - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v2
+        uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 #v2
         with:
           role-to-assume: ${{ secrets.AWS_ASSUME_ROLE_ARN }}
           aws-region: ${{ secrets.AWS_ASSUME_ROLE_REGION }}
@@ -105,7 +104,7 @@ jobs:
       - name: Echo GoReleaser Args
         run: echo ${{ env.GR_ARGS }}
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v3
+        uses: goreleaser/goreleaser-action@b508e2e3ef3b19d4e4146d4f8fb3ba9db644a757 #v3
         with:
           version: v1.18.2
           args: ${{ env.GR_ARGS }}
@@ -131,7 +130,7 @@ jobs:
 
       - name: Converts Markdown to HTML
         id: convert
-        uses: lifepal/[email protected]
+        uses: lifepal/markdown-to-html@71ed74a56602597c05dd7dd0e561631557158ed5 #v1.1
         with:
           text: "${{ steps.release.outputs.body_release }}"
 
@@ -144,7 +143,7 @@ jobs:
 
       - name: Send a Notification
         id: notify
-        uses: thechetantalwar/teams-notify@v2
+        uses: thechetantalwar/teams-notify@8a78811f5e8f58cdd204efebd79158006428c46b #v2
         with:
           teams_webhook_url: ${{ secrets.TEAMS_WEBHOOK_URI }}
           message: "${{ steps.clean.outputs.clean }}"

.golangci.yml

@@ -60,7 +60,7 @@ linters-settings:
   misspell:
     locale: US
 linters:
-  # please, do not use `enable-all`: it's deprecated and will be removed soon.
+  # please, do not use `enable-all`: it's deprecated and will be removed soon. 
   # inverted configuration with `enable-all` and `disable` is not scalable during updates of golangci-lint
   disable-all: true
   enable:

Dockerfile

@@ -1,6 +1,6 @@
-FROM alpine:3.19.0
+FROM alpine:3.19.1
 
-RUN apk add --no-cache bash
+RUN apk add bash
 RUN adduser --system --disabled-password cxuser
 USER cxuser
 

cmd/main.go

@@ -32,6 +32,7 @@ func main() {
 	groups := viper.GetString(params.GroupsPathKey)
 	logs := viper.GetString(params.LogsPathKey)
 	projects := viper.GetString(params.ProjectsPathKey)
+	applications := viper.GetString(params.ApplicationsPathKey)
 	results := viper.GetString(params.ResultsPathKey)
 	scanSummary := viper.GetString(params.ScanSummaryPathKey)
 	scaPackage := viper.GetString(params.ScaPackagePathKey)
@@ -49,6 +50,7 @@ func main() {
 	featureFlagsPath := viper.GetString(params.FeatureFlagsKey)
 	policyEvaluationPath := viper.GetString(params.PolicyEvaluationPathKey)
 	sastMetadataPath := viper.GetString(params.SastMetadataPathKey)
+	accessManagementPath := viper.GetString(params.AccessManagementPathKey)
 
 	scansWrapper := wrappers.NewHTTPScansWrapper(scans)
 	resultsPdfReportsWrapper := wrappers.NewResultsPdfReportsHTTPWrapper(resultsPdfPath)
@@ -57,6 +59,7 @@ func main() {
 	logsWrapper := wrappers.NewLogsWrapper(logs)
 	uploadsWrapper := wrappers.NewUploadsHTTPWrapper(uploads)
 	projectsWrapper := wrappers.NewHTTPProjectsWrapper(projects)
+	applicationsWrapper := wrappers.NewApplicationsHTTPWrapper(applications)
 	risksOverviewWrapper := wrappers.NewHTTPRisksOverviewWrapper(risksOverview)
 	resultsWrapper := wrappers.NewHTTPResultsWrapper(results, scaPackage, scanSummary)
 	authWrapper := wrappers.NewAuthHTTPWrapper()
@@ -77,8 +80,10 @@ func main() {
 	featureFlagsWrapper := wrappers.NewFeatureFlagsHTTPWrapper(featureFlagsPath)
 	policyWrapper := wrappers.NewHTTPPolicyWrapper(policyEvaluationPath)
 	sastMetadataWrapper := wrappers.NewSastIncrementalHTTPWrapper(sastMetadataPath)
+	accessManagementWrapper := wrappers.NewAccessManagementHTTPWrapper(accessManagementPath)
 
 	astCli := commands.NewAstCLI(
+		applicationsWrapper,
 		scansWrapper,
 		resultsSbomReportsWrapper,
 		resultsPdfReportsWrapper,
@@ -106,6 +111,7 @@ func main() {
 		featureFlagsWrapper,
 		policyWrapper,
 		sastMetadataWrapper,
+		accessManagementWrapper,
 	)
 	exitListener()
 	err = astCli.Execute()

go.mod

@@ -1,21 +1,21 @@
 module github.com/checkmarx/ast-cli
 
-go 1.21.5
+go 1.21.8
 
 require (
 	github.com/MakeNowJust/heredoc v1.0.0
 	github.com/checkmarxDev/gpt-wrapper v0.0.0-20230721160222-85da2fd1cc4c
 	github.com/golang-jwt/jwt v3.2.2+incompatible
 	github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386
 	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
-	github.com/google/uuid v1.5.0
+	github.com/google/uuid v1.6.0
 	github.com/gookit/color v1.5.4
 	github.com/mssola/user_agent v0.6.0
 	github.com/pkg/errors v0.9.1
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/viper v1.18.2
 	github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80
-	golang.org/x/crypto v0.18.0
+	golang.org/x/crypto v0.21.0
 	golang.org/x/text v0.14.0
 	gotest.tools v2.2.0+incompatible
 )
@@ -39,7 +39,8 @@ require (
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
-	golang.org/x/sys v0.16.0 // indirect
+	golang.org/x/sys v0.18.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-)
+
+)

go.sum

@@ -19,8 +19,8 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
-github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
-github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0=
 github.com/gookit/color v1.5.4/go.mod h1:pZJOeOS8DM43rXbp4AZo1n9zCU2qjpcRko0b6/QJi9w=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
@@ -83,10 +83,20 @@ go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI=
 go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ=
 golang.org/x/crypto v0.18.0 h1:PGVlW0xEltQnzFZ55hkuX5+KLyrMYhHld1YHO4AKcdc=
 golang.org/x/crypto v0.18.0/go.mod h1:R0j02AL6hcrfOiy9T4ZYp/rcWeMxM3L6QYxlOuEG1mg=
+golang.org/x/crypto v0.20.0 h1:jmAMJJZXr5KiCw05dfYK9QnqaqKLYXijU23lsEdcQqg=
+golang.org/x/crypto v0.20.0/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ=
+golang.org/x/crypto v0.20.1-0.20240228204720-0d2316b26734 h1:HutZC8sRIg57ztz3rVaQYl4yxgM+UF0Jal0kAWUSeFU=
+golang.org/x/crypto v0.20.1-0.20240228204720-0d2316b26734/go.mod h1:Xwo95rrVNIoSMx9wa1JroENMToLWn3RNVrTBpLHgZPQ=
+golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
+golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k=
 golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU=
 golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.17.0 h1:25cE3gD+tdBA7lp7QfhuV+rJiE9YXTcS3VG1SqssI/Y=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
+golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
 golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

gonMac.hcl

@@ -4,7 +4,7 @@ bundle_id = "com.checkmarx.cli"
 
 apple_id {
   username = "[email protected]"
-  password = "@env:AC_PASSWORD"
+  provider = "Z68SAQG5BR"
 }
 
 sign {

internal/commands/.scripts/integration_up.sh

@@ -13,7 +13,7 @@ rm -rf ScaResolver-linux64.tar.gz
 go test \
   -tags integration \
   -v \
-  -timeout 60m \
+  -timeout 90m \
   -coverpkg github.com/checkmarx/ast-cli/internal/commands,github.com/checkmarx/ast-cli/internal/wrappers \
   -coverprofile cover.out \
   github.com/checkmarx/ast-cli/test/integration

internal/commands/chat-kics.go

@@ -48,10 +48,11 @@ type OutputModel struct {
 
 func ChatKicsSubCommand(chatWrapper wrappers.ChatWrapper) *cobra.Command {
 	chatKicsCmd := &cobra.Command{
-		Use:   "kics",
-		Short: "Chat about KICS result with OpenAI models",
-		Long:  "Chat about KICS result with OpenAI models",
-		RunE:  runChatKics(chatWrapper),
+		Use:    "kics",
+		Short:  "Chat about KICS result with OpenAI models",
+		Long:   "Chat about KICS result with OpenAI models",
+		Hidden: true,
+		RunE:   runChatKics(chatWrapper),
 	}
 
 	chatKicsCmd.Flags().String(params.ChatAPIKey, "", "OpenAI API key")