first commit was pushed related to update the trivy version

[calsoftfaizal813]

I ran trivy scanning for the test project "Trivy-ci-test" and updated the trivy version.

there are three file changes included in this commit:
extension.ts
trivy_wrapper.ts
package-lock.json

here are the screenshots of the scanning results:

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[simar7]

hi @calsoftfaizal813 - thanks for the PR. A few comments:

1. Please format commit messages as per this convention https://www.conventionalcommits.org/en/v1.0.0/#summary
2. Please sign the CLA with your GitHub account, the instructions are in the comment here
3. Looks like the tests are failing, we'd probably have to update the assertion as the newer version of Trivy detects more problems than before.

[simar7]

Please update the commands as per the log output from the extension

2024-10-28T23:17:33-06:00	WARN	'--security-checks' is deprecated. Use '--scanners' instead.

2024-10-28T23:17:33-06:00	WARN	'--scanners config' is deprecated. Use '--scanners misconfig' instead. See https://github.com/aquasecurity/trivy/discussions/5586 for the detail.

[calsoftfaizal813]

when I replaced the '--security-checks' with the '--scanners' and '--scanners config' with '--scanners misconfig' then I got this error

[simar7]

Did you check the logs to see what's causing the error?

[calsoftfaizal813]

Hi @simar7, Could you please help me with this one where I can see the logs for this error, I tried to find but was not able to find the logs in my local environment

[simar7]

A lot of these changes are style based, are you running any linter to do so? It makes it hard to review this PR so can we update the linter changes in a separate PR? They are not really necessary for this PR.

[calsoftfaizal813]

I have default installed eslint and prettier extensions to format the javascript and typescript code that's why we have removed the extra white spaces and variable declaration changes, please let me know if it is not really required for now so I can revert the changes for this file?

[simar7]

As we mentioned earlier, we're just looking to upgrade this extension to support the latest version of Trivy. Any other changes should be done in a separate PR as they aren't related to that.

[simar7]

See my comment on style/lint here https://github.com/aquasecurity/trivy-vscode-extension/pull/52/files#r1820103613

[simar7]

Left some comments.

[calsoftfaizal813]

hi @calsoftfaizal813 - thanks for the PR. A few comments:

1. Please format commit messages as per this convention https://www.conventionalcommits.org/en/v1.0.0/#summary
2. Please sign the CLA with your GitHub account, the instructions are in the comment here
3. Looks like the tests are failing, we'd probably have to update the assertion as the newer version of Trivy detects more problems than before.

Hi Simarpreet Singh.
like this above screenshot,
Could you please help me with this running test case locally on my vscode so I can test my recently made changes and update the PR

[simar7]

Could you please help me with this running test case locally on my vscode so I can test my recently made changes and update the PR

The project already contains two test targets, one is for running the extension and the other for tests. https://github.com/aquasecurity/trivy-vscode-extension/blob/master/src/test/suite/extension.test.ts

You can read more on how to run the test target here: https://code.visualstudio.com/api/working-with-extensions/testing-extension