Fix Default Options in VS and Fix finding on VS Code (#514)

.gitignore

@@ -5,7 +5,6 @@
 
 # User-specific files
 **/.idea
-
 DevSkim-DotNet/Microsoft.DevSkim.sln.DotSettings.user
 
 # Build artifacts
@@ -13,5 +12,8 @@ DevSkim-VSCode-Plugin/client/dist/*
 DevSkim-VSCode-Plugin/devskimBinaries/*
 DevSkim-DotNet/Microsoft.DevSkim.VisualStudio/generatedLanguageServerBinaries/*
 
+# Debug artifacts
+DevSkim-DotNet/Microsoft.DevSkim.VisualStudio/devskim-server-*.txt
+
 # Legacy Files
-DevSkim-VSCode-Plugin/server/
+DevSkim-VSCode-Plugin/server/

DevSkim-DotNet/Microsoft.DevSkim.LanguageServer/StaticScannerSettings.cs

@@ -45,8 +45,8 @@ namespace DevSkim.LanguageServer
             RuleProcessorOptions.ConfidenceFilter = ParseConfidence(request);
             try
             {
-                RuleProcessorOptions.Languages = DevSkimLanguages.FromFiles(commentsPath: request.CustomCommentsPath,
-                    languagesPath: request.CustomLanguagesPath);
+                RuleProcessorOptions.Languages = !string.IsNullOrEmpty(request.CustomCommentsPath) && !string.IsNullOrEmpty(request.CustomLanguagesPath) ? DevSkimLanguages.FromFiles(commentsPath: request.CustomCommentsPath,
+                    languagesPath: request.CustomLanguagesPath) : DevSkimLanguages.LoadEmbedded();
             }
             catch
             {

DevSkim-DotNet/Microsoft.DevSkim.VisualStudio/Options/GeneralOptionsPage.cs

@@ -1,12 +1,10 @@
 using Microsoft.DevSkim.LanguageProtoInterop;
 
-namespace Microsoft.DevSkim.VisualStudio
+namespace Microsoft.DevSkim.VisualStudio.Options
 {
     using Microsoft.VisualStudio.Shell;
-    using System;
     using System.Collections.Generic;
     using System.ComponentModel;
-    using System.Linq;
     using System.Runtime.InteropServices;
 
     // When adding any property here, be sure to add it to IDevSkimOptions as well
@@ -27,63 +25,65 @@ namespace Microsoft.DevSkim.VisualStudio
         [Category(RulesCategory)]
         [DisplayName("Enable Critical Severity Rules")]
         [Description("Turn on the rules with severity \"Critical\".")]
-        public bool EnableCriticalSeverityRules { get; set; }
+        public bool EnableCriticalSeverityRules { get; set; } = true;
 
         [Category(RulesCategory)]
         [DisplayName("Enable Important Severity Rules")]
         [Description("Turn on the rules with severity \"Important\".")]
-        public bool EnableImportantSeverityRules { get; set; }
+        public bool EnableImportantSeverityRules { get; set; } = true;
 
         [Category(RulesCategory)]
         [DisplayName("Enable Moderate Severity Rules")]
         [Description("Turn on the rules with severity \"Moderate\".")]
-        public bool EnableModerateSeverityRules { get; set; }
+        public bool EnableModerateSeverityRules { get; set; } = true;
 
         [Category(RulesCategory)]
         [DisplayName("Enable Manual Review Severity Rules")]
         [Description("Turn on the rules that flag things for manual review. " +
-            "These are typically scenarios that *could* be incredibly severe if tainted data can be inserted, " +
-            "but are often programmatically necessary (for example, dynamic code generation with \"eval\").  " +
-            "Since these rules tend to require further analysis upon flagging an issue, they are disabled by default.")]
-        public bool EnableManualReviewSeverityRules { get; set; }
+                     "These are typically scenarios that *could* be incredibly severe if tainted data can be inserted, " +
+                     "but are often programmatically necessary (for example, dynamic code generation with \"eval\").  " +
+                     "Since these rules tend to require further analysis upon flagging an issue, they are disabled by default.")]
+        public bool EnableManualReviewSeverityRules { get; set; } = true;
 
         [Category(RulesCategory)]
         [DisplayName("Enable Best Practice Severity Rules")]
         [Description("Turn on the rules with severity \"Best-Practice\". " +
-            "These rules either flag issues that are typically of a lower severity, " +
-            "or recommended practices that lead to more secure code, but aren't typically outright vulnerabilities.")]
-        public bool EnableBestPracticeSeverityRules { get; set; }
+                     "These rules either flag issues that are typically of a lower severity, " +
+                     "or recommended practices that lead to more secure code, but aren't typically outright vulnerabilities.")]
+        public bool EnableBestPracticeSeverityRules { get; set; } = true;
 
         [Category(RulesCategory)]
         [DisplayName("Enable High Confidence Rules")]
         [Description("Turn on the rules of confidence \"High\".")]
-        public bool EnableHighConfidenceRules { get; set; }
+        public bool EnableHighConfidenceRules { get; set; } = true;
 
         [Category(RulesCategory)]
         [DisplayName("Enable Medium Confidence Rules")]
         [Description("Turn on the rules of confidence \"Medium\".")]
-        public bool EnableMediumConfidenceRules { get; set; }
+        public bool EnableMediumConfidenceRules { get; set; } = true;
 
         [Category(RulesCategory)]
         [DisplayName("Enable Low Confidence Rules")]
         [Description("Turn on the rules of confidence \"Low\".")]
-        public bool EnableLowConfidenceRules { get; set; }
+        public bool EnableLowConfidenceRules { get; set; } = false;
 
         [Category(RulesCategory)]
         [DisplayName("Custom Rules Paths")]
         [Description("A list of local paths on disk to rules files or folders containing rule files, " +
-            "for DevSkim to use in analysis.")]
-        public List<string> CustomRulesPaths { get; set; }
+                     "for DevSkim to use in analysis.")]
+        public List<string> CustomRulesPaths { get; set; } = new List<string>();
 
         [Category(RulesCategory)]
         [DisplayName("Custom Languages Path")]
-        [Description("A local path to a custom language file for analysis. Also requires customCommentsPath to be set.")]
-        public string CustomLanguagesPath { get; set; }
+        [Description(
+            "A local path to a custom language file for analysis. Also requires customCommentsPath to be set.")]
+        public string CustomLanguagesPath { get; set; } = string.Empty;
 
         [Category(RulesCategory)]
         [DisplayName("Custom Comments Path")]
-        [Description("A local path to a custom comments file for analysis. Also requires customLanguagesPath to be set.")]
-        public string CustomCommentsPath { get; set; }
+        [Description(
+            "A local path to a custom comments file for analysis. Also requires customLanguagesPath to be set.")]
+        public string CustomCommentsPath { get; set; } = string.Empty;
 
 
         /// <summary>
@@ -92,21 +92,21 @@ namespace Microsoft.DevSkim.VisualStudio
         [Category(SuppressionsCategory)]
         [DisplayName("Suppression Duration In Days")]
         [Description("DevSkim allows for findings to be suppressed for a temporary period of time. " +
-    "The default is 30 days. Set to 0 to disable temporary suppressions.")]
-        public int SuppressionDurationInDays { get; set; }
-        
+                     "The default is 30 days. Set to 0 to disable temporary suppressions.")]
+        public int SuppressionDurationInDays { get; set; } = 30;
+
         [Category(SuppressionsCategory)]
         [DisplayName("Suppression Comment Style")]
         [Description("When DevSkim inserts a suppression comment it defaults to using single line comments for " +
-            "every language that has them.  Setting this to 'block' will instead use block comments for the languages " +
-            "that support them.  Block comments are suggested if regularly adding explanations for why a finding " +
-            "was suppressed")]
-        public CommentStylesEnum SuppressionCommentStyle { get; set; }
+                     "every language that has them.  Setting this to 'block' will instead use block comments for the languages " +
+                     "that support them.  Block comments are suggested if regularly adding explanations for why a finding " +
+                     "was suppressed")]
+        public CommentStylesEnum SuppressionCommentStyle { get; set; } = CommentStylesEnum.Line;
 
         [Category(SuppressionsCategory)]
         [DisplayName("Manual Reviewer Name")]
         [Description("If set, insert this name in inserted suppression comments.")]
-        public string ManualReviewerName { get; set; }
+        public string ManualReviewerName { get; set; } = string.Empty;
 
 
         /// <summary>
@@ -115,9 +115,9 @@ namespace Microsoft.DevSkim.VisualStudio
         [Category(GuidanceCategory)]
         [DisplayName("Guidance Base URL")]
         [Description("Each finding has a guidance file that describes the issue and solutions in more detail.  " +
-    "By default, those files live on the DevSkim github repo however, with this setting, " +
-    "organizations can clone and customize that repo, and specify their own base URL for the guidance.")]
-        public string GuidanceBaseURL { get; set; }
+                     "By default, those files live on the DevSkim github repo however, with this setting, " +
+                     "organizations can clone and customize that repo, and specify their own base URL for the guidance.")]
+        public string GuidanceBaseURL { get; set; } = "https://github.com/microsoft/devskim/tree/main/guidance";
 
 
         /// <summary>
@@ -126,17 +126,17 @@ namespace Microsoft.DevSkim.VisualStudio
         [Category(IgnoresCategory)]
         [DisplayName("Ignore Files")]
         [Description("Specify glob expression patterns to exclude files and folders which match from analysis.")]
-        public List<string> IgnoreFiles { get; set; }
+        public List<string> IgnoreFiles { get; set; } = new List<string>();
 
         [Category(IgnoresCategory)]
         [DisplayName("Ignore Rules List")]
         [Description("Exact string identity of DevSkim Rule IDs to ignore.")]
-        public List<string> IgnoreRulesList { get; set; }
+        public List<string> IgnoreRulesList { get; set; } = new List<string>();
 
         [Category(IgnoresCategory)]
         [DisplayName("Ignore Default Rules")]
         [Description("Disable all default DevSkim rules.")]
-        public bool IgnoreDefaultRules { get; set; }
+        public bool IgnoreDefaultRules { get; set; } = false;
 
 
         /// <summary>
@@ -146,10 +146,10 @@ namespace Microsoft.DevSkim.VisualStudio
         [Category(FindingsCategory)]
         [DisplayName("Remove Findings On Close")]
         [Description("By default, when a source file is closed the findings remain in the 'Error List' window.  " +
-            "Setting this value to true will cause findings to be removed from 'Error List' when the document is closed.  " +
-            "Note, setting this to true will cause findings that are listed when invoking the 'Scan all files in workspace' " +
-            "command to automatically clear away after a couple of minutes.")]
-        public bool RemoveFindingsOnClose { get; set; }
+                     "Setting this value to true will cause findings to be removed from 'Error List' when the document is closed.  " +
+                     "Note, setting this to true will cause findings that are listed when invoking the 'Scan all files in workspace' " +
+                     "command to automatically clear away after a couple of minutes.")]
+        public bool RemoveFindingsOnClose { get; set; } = true;
 
 
         /// <summary>
@@ -158,16 +158,16 @@ namespace Microsoft.DevSkim.VisualStudio
         [Category(TriggersCategory)]
         [DisplayName("Scan On Open")]
         [Description("Scan files on open.")]
-        public bool ScanOnOpen { get; set; }
+        public bool ScanOnOpen { get; set; } = true;
 
         [Category(TriggersCategory)]
         [DisplayName("Scan On Save")]
         [Description("Scan files on save.")]
-        public bool ScanOnSave { get; set; }
+        public bool ScanOnSave { get; set; } = true;
 
         [Category(TriggersCategory)]
         [DisplayName("Scan On Change")]
         [Description("Scan files on change.")]
-        public bool ScanOnChange { get; set; }
+        public bool ScanOnChange { get; set; } = true;
     }
 }

DevSkim-DotNet/Microsoft.DevSkim.VisualStudio/Options/OptionsPackage.cs

@@ -1,19 +1,8 @@
-namespace Microsoft.DevSkim.VisualStudio
+namespace Microsoft.DevSkim.VisualStudio.Options
 {
-    using Microsoft.VisualStudio;
-    using Microsoft.VisualStudio.OLE.Interop;
     using Microsoft.VisualStudio.Shell;
-    using Microsoft.VisualStudio.Shell.Interop;
-    using Microsoft.Win32;
-    using System;
-    using System.ComponentModel.Design;
-    using System.Diagnostics;
     using System.Diagnostics.CodeAnalysis;
-    using System.Globalization;
     using System.Runtime.InteropServices;
-    using System.Threading;
-    using System.Threading.Tasks;
-    using Task = System.Threading.Tasks.Task;
 
     /// <summary>
     /// This is the class that implements the package exposed by this assembly.

DevSkim-DotNet/Microsoft.DevSkim.VisualStudio/VisualStudioSettingsManager.cs

@@ -4,6 +4,7 @@
     using System;
     using System.Collections.Generic;
     using Microsoft.DevSkim.LanguageProtoInterop;
+    using Microsoft.DevSkim.VisualStudio.Options;
     using System.Linq;
     using Microsoft.VisualStudio.Settings;
     using Microsoft.VisualStudio.Shell;

DevSkim-VSCode-Plugin/client/devSkimFixer.ts

@@ -41,9 +41,9 @@ export class DevSkimFixer implements vscode.CodeActionProvider {
 	}
 
 	provideCodeActions(document: vscode.TextDocument, range: vscode.Range | vscode.Selection, context: vscode.CodeActionContext, token: vscode.CancellationToken): vscode.CodeAction[] {
-		// for each diagnostic entry that has the matching `code`, create a code action command
+		// for each diagnostic entry that has the matching `source`, create a code action command
 		const output : vscode.CodeAction[] = [];
-		context.diagnostics.filter(diagnostic => String(diagnostic.code).startsWith("MS-CST-E.devskim-language-server")).forEach((filteredDiagnostic : vscode.Diagnostic) => {
+		context.diagnostics.filter(diagnostic => String(diagnostic.source).startsWith("DevSkim Language Server")).forEach((filteredDiagnostic : vscode.Diagnostic) => {
 			// The ToString method on URI in node swaps ':' into '%3A', but the C# one does not, but we need them to match.
 			const diagnosticKey = this.createMapKeyForDiagnostic(filteredDiagnostic, document.uri.toString().replace("%3A", ":"));
 			this.fixMapping.get(document.uri.toString().replace("%3A", ":"))?.get(document.version)?.forEach(codeFix => {