diff --git a/testdata/messages/reviewcomment/secrets/secret_review_content_simplified.md b/testdata/messages/reviewcomment/secrets/secret_review_content_simplified.md
index 69ed8a48f..66fe23dad 100644
--- a/testdata/messages/reviewcomment/secrets/secret_review_content_simplified.md
+++ b/testdata/messages/reviewcomment/secrets/secret_review_content_simplified.md
@@ -4,9 +4,9 @@
## 🤫 Secret Vulnerability
---
-| Severity | Status | Origin | Finding |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
-| High | Active | JFrog | Secret keys were found |
+| Severity | Token Validation | Token Info | Origin | Finding |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| High | Active | The token was validated and found to be active. This indicates that the secret is currently in use. | JFrog | Secret keys were found |
---
diff --git a/testdata/messages/reviewcomment/secrets/secret_review_content_standard.md b/testdata/messages/reviewcomment/secrets/secret_review_content_standard.md
index f069d43b5..03c3a8d12 100644
--- a/testdata/messages/reviewcomment/secrets/secret_review_content_standard.md
+++ b/testdata/messages/reviewcomment/secrets/secret_review_content_standard.md
@@ -2,9 +2,9 @@
## 🤫 Secret Vulnerability
-| Severity | Status | Origin | Finding |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
-| 
High | Active | JFrog | Secret keys were found |
+| Severity | Token Validation | Token Info | Origin | Finding |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| 
High | Active | The token was validated and found to be active. This indicates that the secret is currently in use. | JFrog | Secret keys were found |
diff --git a/testdata/messages/reviewcomment/secrets/secret_violation_review_content_simplified.md b/testdata/messages/reviewcomment/secrets/secret_violation_review_content_simplified.md
index d3f02f9c8..185762d0c 100644
--- a/testdata/messages/reviewcomment/secrets/secret_violation_review_content_simplified.md
+++ b/testdata/messages/reviewcomment/secrets/secret_violation_review_content_simplified.md
@@ -4,10 +4,10 @@
## 🤫 Secret Violation
---
-| Severity | ID | Status | Origin | Finding | Watch Name | Policies |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
-| High | secret-violation-id | Active | JFrog | Secret keys were found | jas-watch | policy1 |
-| Critical | secret-violation-id-2 | Inactive | JFrog | Secret keys were found | jas-watch2 | policy1, policy2 |
+| Severity | ID | Token Validation | Token Info | Origin | Finding | Watch Name | Policies |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| High | secret-violation-id | Active | The token was validated and found to be active. This indicates that the secret is currently in use. | JFrog | Secret keys were found | jas-watch | policy1 |
+| Critical | secret-violation-id-2 | Inactive | The token was validated and found to be inactive. This indicates that the secret is no longer in use. | JFrog | Secret keys were found | jas-watch2 | policy1, policy2 |
---
diff --git a/testdata/messages/reviewcomment/secrets/secret_violation_review_content_standard.md b/testdata/messages/reviewcomment/secrets/secret_violation_review_content_standard.md
index 038dc3151..643373024 100644
--- a/testdata/messages/reviewcomment/secrets/secret_violation_review_content_standard.md
+++ b/testdata/messages/reviewcomment/secrets/secret_violation_review_content_standard.md
@@ -2,10 +2,10 @@
## 🤫 Secret Violation
-| Severity | ID | Status | Origin | Finding | Watch Name | Policies |
-| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
-| 
High | secret-violation-id | Active | JFrog | Secret keys were found | jas-watch | policy1 |
-| 
Critical | secret-violation-id-2 | Inactive | JFrog | Secret keys were found | jas-watch2 | policy1
policy2 |
+| Severity | ID | Token Validation | Token Info | Origin | Finding | Watch Name | Policies |
+| :---------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: | :-----------------------------------: |
+| 
High | secret-violation-id | Active | The token was validated and found to be active. This indicates that the secret is currently in use. | JFrog | Secret keys were found | jas-watch | policy1 |
+| 
Critical | secret-violation-id-2 | Inactive | The token was validated and found to be inactive. This indicates that the secret is no longer in use. | JFrog | Secret keys were found | jas-watch2 | policy1
policy2 |
diff --git a/utils/outputwriter/outputcontent.go b/utils/outputwriter/outputcontent.go
index 5503185f1..66251fedd 100644
--- a/utils/outputwriter/outputcontent.go
+++ b/utils/outputwriter/outputcontent.go
@@ -524,28 +524,30 @@ func SecretReviewContent(violation bool, writer OutputWriter, issues ...formats.
func getSecretsDescriptionTable(writer OutputWriter, issues ...formats.SourceCodeRow) string {
// Construct table
- table := NewMarkdownTable("Severity", "ID", "Status", "Origin", "Finding", "Watch Name", "Policies").SetDelimiter(writer.Separator())
+ table := NewMarkdownTable("Severity", "ID", "Token Validation", "Token Info", "Origin", "Finding", "Watch Name", "Policies").SetDelimiter(writer.Separator())
// Hide optional columns if all empty (violations/no status)
table.GetColumnInfo("ID").OmitEmpty = true
- table.GetColumnInfo("Status").OmitEmpty = true
+ table.GetColumnInfo("Token Validation").OmitEmpty = true
+ table.GetColumnInfo("Token Info").OmitEmpty = true
table.GetColumnInfo("Watch Name").OmitEmpty = true
table.GetColumnInfo("Policies").OmitEmpty = true
// Construct rows
for _, issue := range issues {
- // Determine the issue applicable status
applicability := jasutils.Applicable.String()
- status := ""
+ tokenValidationStatus := ""
+ tokenValidationInfo := ""
if issue.Applicability != nil && issue.Applicability.Status != "" {
- status = issue.Applicability.Status
- if status == jasutils.Inactive.String() {
- // Update the applicability status to Not Applicable for Inactive
+ tokenValidationStatus = issue.Applicability.Status
+ if tokenValidationStatus == jasutils.Inactive.String() {
applicability = jasutils.NotApplicable.String()
}
+ tokenValidationInfo = issue.Applicability.ScannerDescription
}
table.AddRowWithCellData(
NewCellData(writer.FormattedSeverity(issue.Severity, applicability)),
NewCellData(issue.IssueId),
- NewCellData(status),
+ NewCellData(tokenValidationStatus),
+ NewCellData(tokenValidationInfo),
NewCellData(issue.ScannerInfo.Origin),
NewCellData(issue.Finding),
NewCellData(issue.Watch),
diff --git a/utils/outputwriter/outputcontent_test.go b/utils/outputwriter/outputcontent_test.go
index 9f8ad6e36..595efa0de 100644
--- a/utils/outputwriter/outputcontent_test.go
+++ b/utils/outputwriter/outputcontent_test.go
@@ -882,11 +882,14 @@ func TestSecretsReviewContent(t *testing.T) {
},
},
{
- name: "Secret review comment content with applicability status",
+ name: "Secret review comment content with applicability status and info",
issues: []formats.SourceCodeRow{{
SeverityDetails: formats.SeverityDetails{Severity: "High"},
- Applicability: &formats.Applicability{Status: jasutils.Active.String()},
- Finding: "Secret keys were found",
+ Applicability: &formats.Applicability{
+ Status: jasutils.Active.String(),
+ ScannerDescription: "The token was validated and found to be active. This indicates that the secret is currently in use.",
+ },
+ Finding: "Secret keys were found",
ScannerInfo: formats.ScannerInfo{
RuleId: "rule-id",
Cwe: []string{"CWE-798", "CWE-799"},
@@ -909,12 +912,15 @@ func TestSecretsReviewContent(t *testing.T) {
},
},
{
- name: "Secrets violation review comment content with applicability status",
+ name: "Secrets violation review comment content with applicability status and info",
issues: []formats.SourceCodeRow{
{
SeverityDetails: formats.SeverityDetails{Severity: "High"},
- Applicability: &formats.Applicability{Status: jasutils.Active.String()},
- Finding: "Secret keys were found",
+ Applicability: &formats.Applicability{
+ Status: jasutils.Active.String(),
+ ScannerDescription: "The token was validated and found to be active. This indicates that the secret is currently in use.",
+ },
+ Finding: "Secret keys were found",
ScannerInfo: formats.ScannerInfo{
RuleId: "rule-id",
Cwe: []string{"CWE-798", "CWE-799"},
@@ -930,8 +936,11 @@ func TestSecretsReviewContent(t *testing.T) {
},
{
SeverityDetails: formats.SeverityDetails{Severity: "Critical"},
- Applicability: &formats.Applicability{Status: jasutils.Inactive.String()},
- Finding: "Secret keys were found",
+ Applicability: &formats.Applicability{
+ Status: jasutils.Inactive.String(),
+ ScannerDescription: "The token was validated and found to be inactive. This indicates that the secret is no longer in use.",
+ },
+ Finding: "Secret keys were found",
ScannerInfo: formats.ScannerInfo{
RuleId: "rule-id",
Cwe: []string{"CWE-798", "CWE-799"},