feat: add risk score filter [IDE-1583] #693
Conversation
Also remove redundant tree view refreshes after changing filters, LS refreshes the trees with new diagnostics.
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
Summary of ChangesHello @rrama, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request enhances the Snyk VS Code extension by adding a new feature that enables users to filter Open Source issues based on a configurable risk score threshold. This provides more precise control over which issues are displayed, helping users prioritize. Concurrently, the PR optimizes the extension's performance by eliminating unnecessary UI refreshes, relying on the Language Server for diagnostic updates, which streamlines the filtering process. Highlights
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces a new "Risk Score Threshold" filter for Open Source issues, allowing users to focus on higher-risk vulnerabilities. The implementation is clean and consistent across the configuration, language server settings, and tests. I particularly appreciate the removal of redundant tree view refreshes from the configurationWatcher, delegating this responsibility to the Language Server. This is a great improvement for performance and code architecture, as the LS is the source of truth for diagnostics. The changes are well-executed and I have no further suggestions for improvement. Great work!
| return extension.viewManagerService.refreshAllCodeAnalysisViews(); | ||
| } else if (key === IAC_ENABLED_SETTING) { | ||
| return extension.viewManagerService.refreshIacView(); | ||
| } else if (key === ISSUE_VIEW_OPTIONS_SETTING) { |
There was a problem hiding this comment.
LS refreshes the trees with new diagnostics, this was redundant when I tested.
|
|
||
| get riskScoreThreshold(): number { | ||
| return ( | ||
| this.workspace.getConfiguration<number>( |
There was a problem hiding this comment.
how does it handle 3 layer settings?
There was a problem hiding this comment.
We are doing risk scores at the global level now. See this edit to the pitch for more details.
|
Thanks for the review Nick, I am holding off the merge until LS changes go through AND we are given the all clear from the risk score leads. |
Description
Also remove redundant tree view refreshes after changing filters, LS refreshes the trees with new diagnostics.
Relies on snyk/snyk-ls#1081
Checklist
Screenshots / GIFs