feat:integrates with the fe

Author: ashab-k

api/src/index.js

@@ -1,55 +1,68 @@
-import express from 'express';
-import mongoose from 'mongoose';
-import cors from 'cors';
-import dotenv from 'dotenv';
-import { ScanReport } from './models/ScanReport';
+import express from "express";
+import mongoose from "mongoose";
+import cors from "cors";
+import dotenv from "dotenv";
+import { ScanReport } from "./models/ScanReport";
 
 dotenv.config();
 
 const app = express();
-const port = process.env.PORT || 3000;
+const port = process.env.PORT || 4000;
 
 // Middleware
 app.use(cors());
 app.use(express.json());
 
 // Connect to MongoDB
-mongoose.connect(process.env.MONGODB_URI || 'mongodb://localhost:27017/monkeycode')
-  .then(() => console.log('Connected to MongoDB'))
-  .catch(err => console.error('MongoDB connection error:', err));
+mongoose
+  .connect(process.env.MONGODB_URI || "mongodb://localhost:27017/monkeycode")
+  .then(() => console.log("Connected to MongoDB"))
+  .catch((err) => console.error("MongoDB connection error:", err));
 
 // Store scan report endpoint
-app.post('/api/scan-reports', async (req, res) => {
+app.post("/api/scan-reports", async (req, res) => {
   try {
     const scanReport = new ScanReport(req.body);
     await scanReport.save();
-    res.status(201).json({ message: 'Scan report stored successfully', scanId: scanReport.scanId });
+    res
+      .status(201)
+      .json({
+        message: "Scan report stored successfully",
+        scanId: scanReport.scanId,
+      });
   } catch (error: unknown) {
-    console.error('Error storing scan report:', error);
+    console.error("Error storing scan report:", error);
     if (error instanceof mongoose.Error.ValidationError) {
-      res.status(400).json({ error: 'Invalid scan report data' });
-    } else if (error && typeof error === 'object' && 'code' in error && error.code === 11000) {
-      res.status(409).json({ error: 'Scan report with this ID already exists' });
+      res.status(400).json({ error: "Invalid scan report data" });
+    } else if (
+      error &&
+      typeof error === "object" &&
+      "code" in error &&
+      error.code === 11000
+    ) {
+      res
+        .status(409)
+        .json({ error: "Scan report with this ID already exists" });
     } else {
-      res.status(500).json({ error: 'Internal server error' });
+      res.status(500).json({ error: "Internal server error" });
     }
   }
 });
 
 // Get scan report by ID
-app.get('/api/scan-reports/:scanId', async (req, res) => {
+app.get("/api/scan-reports/:scanId", async (req, res) => {
   try {
     const scanReport = await ScanReport.findOne({ scanId: req.params.scanId });
     if (!scanReport) {
-      return res.status(404).json({ error: 'Scan report not found' });
+      return res.status(404).json({ error: "Scan report not found" });
     }
     res.json(scanReport);
   } catch (error) {
-    console.error('Error retrieving scan report:', error);
-    res.status(500).json({ error: 'Internal server error' });
+    console.error("Error retrieving scan report:", error);
+    res.status(500).json({ error: "Internal server error" });
   }
 });
 
 app.listen(port, () => {
   console.log(`Server running on port ${port}`);
-}); 
+});

api/src/index.js.map

@@ -1,6 +1,6 @@
 import axios from 'axios';
 
-const API_URL = 'http://localhost:3000';
+const API_URL = 'http://localhost:4000';
 
 async function testApi() {
   try {

api/src/index.ts

@@ -57,7 +57,7 @@
         },
         "monkeycode.apiUrl": {
           "type": "string",
-          "default": "http://localhost:3000",
+          "default": "http://localhost:4000",
           "description": "URL of the MonkeyCode API server"
         }
       }

api/test-api.js

@@ -4,7 +4,7 @@ import { ScanReport } from './types';
 export class ApiClient {
   private baseUrl: string;
 
-  constructor(baseUrl: string = 'http://localhost:3000') {
+  constructor(baseUrl: string = 'http://localhost:4000') {
     this.baseUrl = baseUrl;
   }
 

api/test-api.ts

@@ -23,94 +23,81 @@ export class CodeScanner {
     vulnerableModules: Map<string, Vulnerability[]>
   ): Promise<VulnerableUsage[]> {
     console.log('Starting code scan in:', workspaceRoot);
-    console.log('Vulnerable modules to check:', Array.from(vulnerableModules.entries()).map(([path, vulns]) => 
-      `${path} (${vulns.length} vulnerabilities)`
-    ));
 
-    const usages = new Map<string, VulnerableUsage>(); // Use Map to deduplicate
+    const usages = new Map<string, VulnerableUsage>();
     const goFiles = await this.findGoFiles(workspaceRoot);
-    console.log('Found Go files:', goFiles);
+    console.log('Found', goFiles.length, 'Go files to scan');
 
-    for (const file of goFiles) {
-      console.log('\nScanning file:', file);
-      const fileContent = await vscode.workspace.fs.readFile(vscode.Uri.file(file));
-      const content = Buffer.from(fileContent).toString('utf8');
-      
-      // Skip test files for now (we can add them later if needed)
-      if (file.endsWith('_test.go')) {
-        console.log('Skipping test file');
-        continue;
-      }
+    // Process files in batches to avoid blocking
+    const batchSize = 10;
+    for (let i = 0; i < goFiles.length; i += batchSize) {
+      const batch = goFiles.slice(i, i + batchSize);
+      await Promise.all(batch.map(async (file) => {
+        try {
+          // Skip test files
+          if (file.endsWith('_test.go')) {
+            return;
+          }
 
-      // Find all imports and their locations
-      const imports = this.findImports(content, file);
-      console.log('Found imports:', Array.from(imports.keys()));
-      
-      // Check each import against vulnerable modules
-      for (const [importPath, locations] of imports) {
-        const vulns = vulnerableModules.get(importPath);
-        if (vulns) {
-          console.log('Found vulnerable import:', importPath);
-          for (const vuln of vulns) {
-            console.log('  - Vulnerability:', vuln.id, vuln.severity);
-            const key = `${importPath}:${vuln.id}`;
-            const existingUsage = usages.get(key);
-            
-            if (existingUsage) {
-              console.log('    Adding to existing usage');
-              existingUsage.locations.push(...locations);
-            } else {
-              console.log('    Creating new usage');
-              usages.set(key, {
-                module: { path: importPath, version: '', indirect: false },
-                vulnerability: vuln,
-                locations: locations
-              });
+          const fileContent = await vscode.workspace.fs.readFile(vscode.Uri.file(file));
+          const content = Buffer.from(fileContent).toString('utf8');
+          
+          // Find all imports and their locations
+          const imports = this.findImports(content, file);
+          
+          // Check each import against vulnerable modules
+          for (const [importPath, locations] of imports) {
+            const vulns = vulnerableModules.get(importPath);
+            if (vulns) {
+              for (const vuln of vulns) {
+                const key = `${importPath}:${vuln.id}`;
+                const existingUsage = usages.get(key);
+                
+                if (existingUsage) {
+                  existingUsage.locations.push(...locations);
+                } else {
+                  usages.set(key, {
+                    module: { path: importPath, version: '', indirect: false },
+                    vulnerability: vuln,
+                    locations: locations
+                  });
+                }
+              }
             }
           }
-        } else {
-          // Log when we find an import that's not in vulnerable modules
-          console.log('Import not found in vulnerable modules:', importPath);
-        }
-      }
 
-      // Find function calls to vulnerable packages
-      const functionCalls = this.findFunctionCalls(content, file, imports);
-      console.log('Found function calls:', Array.from(functionCalls.keys()));
-      
-      for (const [importPath, calls] of functionCalls) {
-        const vulns = vulnerableModules.get(importPath);
-        if (vulns) {
-          console.log('Found vulnerable function calls in:', importPath);
-          for (const vuln of vulns) {
-            console.log('  - Vulnerability:', vuln.id, vuln.severity);
-            const key = `${importPath}:${vuln.id}`;
-            const existingUsage = usages.get(key);
-            
-            if (existingUsage) {
-              console.log('    Adding to existing usage');
-              existingUsage.locations.push(...calls);
-            } else {
-              console.log('    Creating new usage');
-              usages.set(key, {
-                module: { path: importPath, version: '', indirect: false },
-                vulnerability: vuln,
-                locations: calls
-              });
+          // Find function calls to vulnerable packages
+          const functionCalls = this.findFunctionCalls(content, file, imports);
+          
+          for (const [importPath, calls] of functionCalls) {
+            const vulns = vulnerableModules.get(importPath);
+            if (vulns) {
+              for (const vuln of vulns) {
+                const key = `${importPath}:${vuln.id}`;
+                const existingUsage = usages.get(key);
+                
+                if (existingUsage) {
+                  existingUsage.locations.push(...calls);
+                } else {
+                  usages.set(key, {
+                    module: { path: importPath, version: '', indirect: false },
+                    vulnerability: vuln,
+                    locations: calls
+                  });
+                }
+              }
             }
           }
-        } else {
-          // Log when we find function calls to a package that's not in vulnerable modules
-          console.log('Function calls to package not found in vulnerable modules:', importPath);
+        } catch (error) {
+          console.error(`Error scanning file ${file}:`, error);
         }
-      }
+      }));
     }
 
     const results = Array.from(usages.values());
     console.log('\nScan complete. Found usages:', results.length);
     results.forEach(usage => {
       console.log(`- ${usage.module.path}: ${usage.vulnerability.id} (${usage.locations.length} locations)`);
-      // Log unique files where this vulnerability was found
       const uniqueFiles = new Set(usage.locations.map(l => l.file));
       console.log(`  Found in ${uniqueFiles.size} files:`, Array.from(uniqueFiles));
     });