Add Custom rules to SAST scan

package.json

@@ -85,6 +85,11 @@
                     "pattern": "^$|^\\d+\\.\\d+\\.\\d+$",
                     "markdownDescription": "Specifies the JFrog Scanners version to use. (format X.X.X). By default the latest scanners version is used."
                 },
+                "jfrog.customRulesPath": {
+                    "type": "string",
+                    "scope": "resource",
+                    "markdownDescription": "Absolute Path to a local custom rules file. The file should be in JSON format and contain the additional custom rules to be applied during the scan."
+                },
                 "jfrog.xray.exclusions": {
                     "type": "string",
                     "default": "**/*{.git,test,venv,node_modules,target}*",

src/main/scanLogic/scanRunners/sastScan.ts

@@ -5,6 +5,7 @@ import { AnalyzerUtils } from '../../treeDataProviders/utils/analyzerUtils';
 import { StepProgress } from '../../treeDataProviders/utils/stepProgress';
 import { Severity } from '../../types/severity';
 import { ScanResults } from '../../types/workspaceIssuesDetails';
+import { Configuration } from '../../utils/configuration';
 import { AppsConfigModule } from '../../utils/jfrogAppsConfig/jfrogAppsConfig';
 import { Translators } from '../../utils/translators';
 import { AnalyzerManager } from './analyzerManager';
@@ -26,6 +27,7 @@ import { BinaryEnvParams, JasRunner, RunArgs } from './jasRunner';
  */
 export interface SastScanRequest extends AnalyzeScanRequest {
     language: LanguageType;
+    user_rules: string;
     exclude_patterns: string[];
     excluded_rules: string[];
 }
@@ -92,6 +94,7 @@ export class SastRunner extends JasRunner {
             type: this._scanType,
             roots: this._config.GetSourceRoots(this._scanType),
             language: this._config.GetScanLanguage(),
+            user_rules: Configuration.getSastCustomRulesPath(this._logManager),
             excluded_rules: this._config.getExcludeRules(),
             exclude_patterns: this._config.GetExcludePatterns(this._scanType)
         } as SastScanRequest;

src/main/treeDataProviders/issuesTree/codeFileTree/codeIssueTreeNode.ts

@@ -21,7 +21,7 @@ export abstract class CodeIssueTreeNode extends IssueTreeNode {
         return this._regionWithIssue;
     }
 
-    // For vscode the minimum value (i.e first row/col) is 0. 
+    // For vscode the minimum value (i.e first row/col) is 0.
     // For analyzers, the minimum value is 1. (some uses 0 as well)
     private toVscodePosition(position: vscode.Position): vscode.Position {
         let line: number = position.line > 0 ? position.line - 1 : 0;

src/main/utils/configuration.ts

@@ -1,5 +1,6 @@
 import * as vscode from 'vscode';
-import { LogLevel } from '../log/logManager';
+import * as fs from 'fs';
+import { LogLevel, LogManager } from '../log/logManager';
 export class Configuration {
     public static jfrogSectionConfigurationKey: string = 'jfrog';
     public static readonly JFROG_IDE_RELEASES_REPO_ENV: string = 'JFROG_IDE_RELEASES_REPO';
@@ -73,6 +74,24 @@ export class Configuration {
         return version;
     }
 
+    public static getSastCustomRulesPath(logManager?: LogManager): string {
+        let customRulesPath: string = vscode.workspace.getConfiguration(this.jfrogSectionConfigurationKey).get('customRulesPath', '');
+        if (customRulesPath === '') {
+            return '';
+        }
+        let fileExists: boolean = fs.existsSync(customRulesPath);
+        if (!fileExists) {
+            if (logManager) {
+                logManager.logMessage('Custom rules file not found: ' + customRulesPath, 'WARN');
+            }
+            return '';
+        }
+        if (logManager) {
+            logManager.logMessage('Using custom rules from: ' + customRulesPath, 'DEBUG');
+        }
+        return customRulesPath;
+    }
+
     /**
      * @returns the log level
      */