diff --git a/tests/testdata/output/jobSummary/binary_analytics_vulnerabilities.md b/tests/testdata/output/jobSummary/binary_analytics_vulnerabilities.md
index 90496612..fe04d2d3 100644
--- a/tests/testdata/output/jobSummary/binary_analytics_vulnerabilities.md
+++ b/tests/testdata/output/jobSummary/binary_analytics_vulnerabilities.md
@@ -1 +1 @@
-44 Security issues are grouped by CVE number: 44 SCA
❗️ 33 Critical
🟡 11 Low
See the results of the scan in JFrog
\ No newline at end of file
+44 Security issues are grouped by CVE number: 44 SCA
❗️ 33 Critical
🟡 11 Low
See the results of the scan in JFrog
\ No newline at end of file
diff --git a/tests/testdata/output/jobSummary/build_scan_analytics_vulnerabilities.md b/tests/testdata/output/jobSummary/build_scan_analytics_vulnerabilities.md
index 904377a1..ffd0946a 100644
--- a/tests/testdata/output/jobSummary/build_scan_analytics_vulnerabilities.md
+++ b/tests/testdata/output/jobSummary/build_scan_analytics_vulnerabilities.md
@@ -1 +1 @@
-24 Security Issues: 24 SCA
🔴 3 High
🟠 1 Medium
⚪️ 20 Unknown
See the results of the scan in JFrog
\ No newline at end of file
+24 Security Issues: 24 SCA
🔴 3 High
🟠 1 Medium
⚪️ 20 Unknown
See the results of the scan in JFrog
\ No newline at end of file
diff --git a/tests/testdata/output/jobSummary/violations_analytics.md b/tests/testdata/output/jobSummary/violations_analytics.md
index 15766051..4fcf9906 100644
--- a/tests/testdata/output/jobSummary/violations_analytics.md
+++ b/tests/testdata/output/jobSummary/violations_analytics.md
@@ -1 +1 @@
-watches:
watch1, watch2, watch3, watch4
watch5
23 Policy Violations: 17 Security 2 Operational 1 License 3 Secrets
❗️ 8 Critical (2 Not Applicable)
🔴 6 High
🟠 3 Medium
🟡 5 Low (3 Not Applicable)
⚪️ 1 Unknown
See the results of the scan in JFrog
\ No newline at end of file
+watches:
watch1, watch2, watch3, watch4
watch5
23 Policy Violations: 17 Security 2 Operational 1 License 3 Secrets
❗️ 8 Critical (2 Not Applicable)
🔴 6 High
🟠 3 Medium
🟡 5 Low (3 Not Applicable)
⚪️ 1 Unknown
See the results of the scan in JFrog
\ No newline at end of file
diff --git a/utils/results/conversion/sarifparser/sarifparser.go b/utils/results/conversion/sarifparser/sarifparser.go
index f017ed73..fdf90dd3 100644
--- a/utils/results/conversion/sarifparser/sarifparser.go
+++ b/utils/results/conversion/sarifparser/sarifparser.go
@@ -649,7 +649,7 @@ func patchRules(platformBaseUrl string, commandType utils.CommandType, subScanTy
}
// Add analytics hidden pixel to the help content if needed (Github code scanning)
if analytics := getAnalyticsHiddenPixel(platformBaseUrl, subScanType); rule.Help != nil && analytics != "" {
- rule.Help.Markdown = utils.NewStringPtr(fmt.Sprintf("%s %s", sarifutils.GetRuleHelpMarkdown(rule), analytics))
+ rule.Help.Markdown = utils.NewStringPtr(fmt.Sprintf("%s\n%s", analytics, sarifutils.GetRuleHelpMarkdown(rule)))
}
patched = append(patched, rule)
}
@@ -936,7 +936,7 @@ func getAnalyticsHiddenPixel(baseUrl string, resultOfSubScan utils.SubScanType)
return fmt.Sprintf(
"",
baseUrl,
- url.PathEscape(jobId),
+ url.QueryEscape(jobId),
runId,
gitRepo,
resultOfSubScan.String(),
diff --git a/utils/results/conversion/sarifparser/sarifparser_test.go b/utils/results/conversion/sarifparser/sarifparser_test.go
index 498302db..3aa9bd93 100644
--- a/utils/results/conversion/sarifparser/sarifparser_test.go
+++ b/utils/results/conversion/sarifparser/sarifparser_test.go
@@ -371,7 +371,7 @@ func TestPatchRunsToPassIngestionRules(t *testing.T) {
),
},
expectedResults: []*sarif.Run{
- sarifutils.CreateRunWithDummyResultsWithRuleInformation("", "", "rule-msg", "rule-markdown ", "rule-msg", "rule-markdown ", wd,
+ sarifutils.CreateRunWithDummyResultsWithRuleInformation("", "", "rule-msg", "\nrule-markdown", "rule-msg", "\nrule-markdown", wd,
sarifutils.CreateDummyResultWithFingerprint(fmt.Sprintf("some-msg\nGithub Actions Workflow: %s\nRun: 123\nImage: dockerImage:imageVersion\nLayer (sha256): f752cb05a39e65f231a3c47c2e08cbeac1c15e4daff0188cb129c12a3ea3049d", filepath.Join(GithubBaseWorkflowDir, "workflowFile.yml")), "some-msg", jfrogFingerprintAlgorithmName, "eda26ae830c578197aeda65a82d7f093",
sarifutils.CreateDummyLocationWithPathAndLogicalLocation("", "f752cb05a39e65f231a3c47c2e08cbeac1c15e4daff0188cb129c12a3ea3049d", "layer", "algorithm", "sha256").WithPhysicalLocation(
sarif.NewPhysicalLocation().WithArtifactLocation(sarif.NewSimpleArtifactLocation(filepath.Join(GithubBaseWorkflowDir, "workflowFile.yml"))),
@@ -393,7 +393,7 @@ func TestPatchRunsToPassIngestionRules(t *testing.T) {
),
},
expectedResults: []*sarif.Run{
- sarifutils.CreateRunWithDummyResultsWithRuleInformation("", "", "rule-msg", "rule-markdown ", "rule-msg", "rule-markdown ", dockerfileDir,
+ sarifutils.CreateRunWithDummyResultsWithRuleInformation("", "", "rule-msg", "\nrule-markdown", "rule-msg", "\nrule-markdown", dockerfileDir,
sarifutils.CreateDummyResultWithFingerprint(fmt.Sprintf("some-msg\nGithub Actions Workflow: %s\nRun: 123\nImage: dockerImage:imageVersion\nLayer (sha256): f752cb05a39e65f231a3c47c2e08cbeac1c15e4daff0188cb129c12a3ea3049d", filepath.Join(GithubBaseWorkflowDir, "workflowFile.yml")), "some-msg", jfrogFingerprintAlgorithmName, "8cbd7268a4d20f2358ba2667ebd18956",
sarifutils.CreateDummyLocationWithPathAndLogicalLocation("", "f752cb05a39e65f231a3c47c2e08cbeac1c15e4daff0188cb129c12a3ea3049d", "layer", "algorithm", "sha256").WithPhysicalLocation(
sarif.NewPhysicalLocation().WithArtifactLocation(sarif.NewSimpleArtifactLocation("Dockerfile")),
@@ -436,7 +436,7 @@ func TestPatchRunsToPassIngestionRules(t *testing.T) {
}),
},
expectedResults: []*sarif.Run{
- sarifutils.CreateRunWithDummyResultsWithRuleInformation(BinarySecretScannerToolName, "[Secret in Binary found] ", "rule-msg", "rule-markdown ", "rule-msg", "rule-markdown ", wd,
+ sarifutils.CreateRunWithDummyResultsWithRuleInformation(BinarySecretScannerToolName, "[Secret in Binary found] ", "rule-msg", "\nrule-markdown", "rule-msg", "\nrule-markdown", wd,
sarifutils.CreateDummyResultWithFingerprint(fmt.Sprintf("🔒 Found Secrets in Binary docker scanning:\nGithub Actions Workflow: %s\nRun: 123\nImage: dockerImage:imageVersion\nLayer (sha1): 9e88ea9de1b44baba5e96a79e33e4af64334b2bf129e838e12f6dae71b5c86f0\nFilepath: %s\nEvidence: snippet", filepath.Join(GithubBaseWorkflowDir, "workflowFile.yml"), filepath.Join("usr", "src", "app", "server", "index.js")), "result-msg", jfrogFingerprintAlgorithmName, "e721eacf317da6090eca3522308abd28",
sarifutils.CreateDummyLocationWithPathAndLogicalLocation("", "9e88ea9de1b44baba5e96a79e33e4af64334b2bf129e838e12f6dae71b5c86f0", "layer", "algorithm", "sha1").WithPhysicalLocation(
sarif.NewPhysicalLocation().WithArtifactLocation(sarif.NewSimpleArtifactLocation(filepath.Join(GithubBaseWorkflowDir, "workflowFile.yml"))),
diff --git a/utils/results/output/securityJobSummary.go b/utils/results/output/securityJobSummary.go
index dffc3106..4e95c27f 100644
--- a/utils/results/output/securityJobSummary.go
+++ b/utils/results/output/securityJobSummary.go
@@ -549,7 +549,8 @@ func addAnalyticsQueryParamsIfNeeded(platformUrl string, index commandsummary.In
// Not running in Github no need to add analytics
return platformUrl
}
- suffixValues := []string{fmt.Sprintf("gh_job_id=%s", url.PathEscape(githubJobId))}
+ // M=3 (type of event)
+ suffixValues := []string{"s=1", "m=3", fmt.Sprintf("gh_job_id=%s", url.QueryEscape(githubJobId))}
// Add section analytics
indexValue := "gh_section="
switch index {
@@ -561,7 +562,7 @@ func addAnalyticsQueryParamsIfNeeded(platformUrl string, index commandsummary.In
suffixValues = append(suffixValues, indexValue)
// Add the suffix to the url
if strings.Contains(platformUrl, "?") {
- return fmt.Sprintf("%s%s", platformUrl, strings.Join(suffixValues, "&"))
+ return fmt.Sprintf("%s&%s", platformUrl, strings.Join(suffixValues, "&"))
}
return fmt.Sprintf("%s?%s", platformUrl, strings.Join(suffixValues, "&"))
}