GITBOOK-8668: Eclipse major update Cycle 2024/6

docs/SUMMARY.md

@@ -277,7 +277,7 @@
       * [Backstage file in Asset Inventory - Use case](scm-ide-and-ci-cd-integrations/snyk-scm-integrations/application-context-for-scm-integrations/backstage-file-in-asset-inventory-use-case.md)
   * [Snyk IDE plugins and extensions](scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/README.md)
     * [Eclipse plugin](scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/README.md)
-      * [Download the CLI and language server with the Eclipse plugin](scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/download-the-cli-and-language-server-with-the-eclipse-plugin.md)
+      * [Download the CLI with the Eclipse plugin](scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/download-the-cli-and-language-server-with-the-eclipse-plugin.md)
       * [Authentication for the Eclipse plugin](scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/authentication-for-the-eclipse-plugin.md)
       * [Eclipse plugin folder trust](scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/eclipse-plugin-folder-trust.md)
       * [Configuration of the Eclipse plugin](scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/configuration-of-the-eclipse-plugin.md)

docs/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/authentication-for-the-eclipse-plugin.md

@@ -11,7 +11,9 @@ Snyk supports the following protocols for authentication:
 
 After the extension is installed, to authenticate follow these steps:
 
-1. In the dialog that opens, set the Snyk API endpoint for custom multi-tenant or single-tenant setup, The default is `https://api.snyk.io`. For details, see [IDE URLs](../../../working-with-snyk/regional-hosting-and-data-residency.md#ides-urls).
+1. In the dialog that opens, set the Snyk API endpoint for custom multi-tenant or single-tenant setup, The default is `https://api.snyk.io`. For details, see [IDE URLs](../../../working-with-snyk/regional-hosting-and-data-residency.md#ides-urls). \
+   \
+   Multi-tenant users who do not belong to the default region will be automatically redirected to the correct domain for the email with which the user authenticated. The redirect will not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
 
 <figure><img src="../../../.gitbook/assets/SCR-20240822-mgxw (1).png" alt="Snyk tenant configuration" width="563"><figcaption><p>Snyk endpoint configuration</p></figcaption></figure>
 

docs/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/configuration-of-the-eclipse-plugin.md

@@ -1,20 +1,27 @@
 # Configuration of the Eclipse plugin
 
-You can set the following configuration options in the Snyk preferences.
+You can configure both [Global settings](configuration-of-the-eclipse-plugin.md#global-settings) and [Project-specific propertie](configuration-of-the-eclipse-plugin.md#project-specific-properties).
 
-<figure><img src="../../../.gitbook/assets/image (2) (12).png" alt=""><figcaption><p>Snyk preferences</p></figcaption></figure>
+## Global settings
 
-* `Snyk API Token`: Set the authentication token from Snyk.
+You can set the following global configuration settings in the Snyk preferences.
+
+<figure><img src="../../../.gitbook/assets/Screenshot 2025-01-09 at 8.35.31 AM.png" alt=""><figcaption><p>Snyk preferences</p></figcaption></figure>
+
+* `Token`: Set the authentication token for Snyk.
+* `Use token authentication`: Select to override the default OAuth2 authentication in order to use a Snyk API token. Snyk recommends keeping this setting off because the default OAuth2 authentication is more secure.
 * `Path`: Specify your additions to the path to find needed third-party tools such as Gradle or Maven.
-* `Custom Endpoint`: Specify the Snyk API endpoint for a custom multi-tenant or single-tenant setup. If you are using `https://api.snyk.io`, no configuration is required. For details, see the list of [IDE URLs](../../../working-with-snyk/regional-hosting-and-data-residency.md#ides-urls).
+* `Custom Endpoint`: Specify the Snyk API endpoint for a custom multi-tenant or single-tenant setup. If you are using `https://api.snyk.io`, no configuration is required. For details, see the list of [IDE URLs](../../../working-with-snyk/regional-hosting-and-data-residency.md#ides-urls). Multi-tenant users who do not belong to the default region will be automatically redirected to the correct domain for the email with which the user authenticated. The redirect will not occur for cases where the users are expected to use a custom URL, such as companies with single-tenant setups.
 * `Allow unknown certificate authorities`: Disable certificate checks for SSL connections.
-* `Snyk Open Source enabled`: Enable or Disable Snyk Open Source Dependency Scans through Language Server. Default: `Enabled` during beta
-* `Snyk Code enabled`: Enable or Disable Snyk Code Scans through Language Server. Default: `Disabled` during beta.
-* `Snyk Infrastructure-as-Code enabled` : Enable or Disable Snyk IaC Scans through the Language Server. Default: `Enabled` during beta.
-* `Scan automatically on start-up and save` : Scan automatically or not
+* `Snyk Open Source enabled`: Enable or disable Snyk Open Source Dependency Scans through the Language Server. Default: `Enabled` during beta.
+* `Snyk Code Security enabled`: Enable or disable Snyk Code Security Issues through the Language Server. Default: `Disabled` by default.
+* `Snyk Code Quality enabled`: Enable or Disable Snyk Code Quality Issues through the Language Server. Default: `Disabled` by default.
+* `Snyk Infrastructure-as-Code enabled`: Enable or disable Snyk IaC scans through the Language Server. Default: `Enabled` during beta.
+* `Scan automatically on start-up and save`: Scan automatically or not when you start the extension.
 * `Organization`: Specify the Snyk Organization to use for scanning. Snyk recommends using the `ORG_ID`. If you specify an Organization slug name, the value must match the URL slug (`[orgslugname]`) as displayed in the URL of your Organization in the Snyk UI: `https://app.snyk.io/org/[orgslugname]`.
-* `Additional Parameters`: Specify additional parameters to pass to the CLI, for example, `--all-projects` or `--debug.` For all .NET Projects, Snyk recommends adding the `--all-projects` additional parameter. **Note:** When you enable `debug`, your code may be logged in the IDE log files, for example, the `idea.log` file.
-* `Additional Environment`: Add environment variables to the Language Server; multiple variables can be separated by `;`. Example: `JAVA_HOME=/usr/local/bin;GOPATH=/usr/local/bin`
+* `Additional Parameters`: Specify additional parameters to pass to the CLI, for example, `--file=pom.xml` or `--debug.` \
+  **Note:** When you enable `debug`, your code may be logged in the IDE log files, for example, the `idea.log` file.
+* `Additional Environment`: Add environment variables to the Language Server; multiple variables can be separated by `;`. Example: `JAVA_HOME=/Library/JDK/bin;GOPATH=/usr/local/bin`
 * `Update and install Snyk binaries automatically`: If `disabled`, no updates are downloaded, and updates must be performed manually. Snyk recommends always using the most recent version of the CLI. Ensure that the location for the CLI points to an existing current binary.
 * `Base URL for CLI download:` Specify an alternative download host for the CLI, for example, `https://downloads.snyk.io/fips`. This must provide the CLI and necessary files as the default `https://downloads.snyk.io` does, that is, the following files. See also GitHub[ releases](https://github.com/snyk/cli/releases).
   * %Base URL%/cli/v%VERSION%/%CLI-BINARY-NAME%
@@ -27,7 +34,16 @@ You can set the following configuration options in the Snyk preferences.
   * %Base URL%/cli/stable/ls-protocol-version-%PROTOCOL\_VERSION%
   * %Base URL%/cli/stable/release.json
   * %Base URL%/cli/stable/sha256sums.txt.asc
-* `Snyk CLI`: Specify the location of the Snyk CLI.
+* `Snyk CLI`: Specify the location of the Snyk CLI, where it is searched for, and where it is downloaded to, if automatic management of Snyk binaries is enabled.
 * `Send error reports to Snyk`: Send errors from the Language Server to Snyk to enable quick bug fixing. Default: `Enabled`.
 * `Send usage statistics to Snyk`: Allow Snyk to get usage data to improve workflows. Default: `Enabled`.
 * `Trusted Folders`: Specify, which directories should be considered safe, for example, the parent directory of all your Projects.
+
+## Project-specific properties
+
+When you select Project **Properties**, you can specify project-specific scan settings on the Snyk properties page.
+
+<figure><img src="../../../.gitbook/assets/image (652).png" alt=""><figcaption><p>Project properties can be opened e.g. via the context menu of the project</p></figcaption></figure>
+
+<figure><img src="../../../.gitbook/assets/image (651).png" alt=""><figcaption><p>The Snyk Project-specific properties page allows entering scan parameters for the Project.</p></figcaption></figure>
+

docs/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/download-the-cli-and-language-server-with-the-eclipse-plugin.md

@@ -1,6 +1,6 @@
-# Download the CLI and language server with the Eclipse plugin
+# Download the CLI with the Eclipse plugin
 
-The Snyk Eclipse plugin works with an underlying [Language Server](../snyk-language-server/) for an optimal Eclipse experience. After restart, when you open a file that Snyk supports, the Eclipse plugin ensures the prerequisites for the plugin are satisfied.
+The Snyk Eclipse plugin works with an underlying [Language Server](../snyk-language-server/) embedded into the Snyk CLI for an optimal Eclipse experience. After restart, when you open a file that Snyk supports, the Eclipse plugin ensures the prerequisites for the plugin are satisfied.
 
 The prerequisites include downloading the [Snyk CLI](../../../snyk-cli/) and authenticating in response to the prompt. These steps are shown on this page and the next, in the order they happen.
 

docs/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/eclipse-plugin-folder-trust.md

@@ -1,13 +1,13 @@
-# Folder trust
+# Eclipse plugin folder trust
 
-As part of examining the codebase for vulnerabilities, Snyk may automatically execute code on your computer to obtain additional data for analysis. This includes invoking the package manager (for example, pip, Gradle, Maven, Yarn, npm, and so on) to get dependency information for Snyk Open Source. Invoking these programs on untrusted code that has malicious configurations may expose your system to malicious code execution and exploits.
+As part of examining the codebase for vulnerabilities, Snyk may automatically execute code on your computer to obtain additional data for analysis. This includes invoking the package manager (pip, Gradle, Maven, Yarn, npm, and so on) to get dependency information for Snyk Open Source. Invoking these programs on untrusted code that has malicious configurations may expose your system to malicious code execution and exploits.
 
 To safeguard against using the plugin on untrusted folders, the Snyk plugin asks for folder trust before allowing you to run scans against these folders. When in doubt, do not grant trust.
 
 <figure><img src="../../../.gitbook/assets/image (4) (2) (1) (1).png" alt="Snyk extension prompt to trust a folder"><figcaption><p>Snyk extension prompt to trust a folder</p></figcaption></figure>
 
-Once a single project trust is granted, Snyk will not ask for trust on the opened project folder and its subfolders again. If you didn’t grant trust the first time, the plugin will ask again the next time you restart your Eclipse instance.
+After a single Project trust is granted, Snyk will not ask for trust on the opened Project folder and its subfolders again. If you did not grant trust the first time, the plugin asks again the next time you restart your Eclipse instance.
 
-To revoke an existing folder trust, you can navigate to the Snyk plugin preferences in Eclipse and edit the “Trusted Folder” setting.
+To revoke an existing folder trust, you can navigate to the Snyk plugin preferences in Eclipse and edit the **Trusted Folders** setting.
 
-<figure><img src="../../../.gitbook/assets/image (5) (3) (1) (1).png" alt="Snyk Eclipse plugin preferences Trusted Folders setting"><figcaption><p>Snyk Eclipse plugin preferences Trusted Folders setting</p></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/Screenshot 2025-01-09 at 8.33.24 AM.png" alt="Snyk Eclipse plugin preferences Trusted Folders setting"><figcaption><p>Snyk Eclipse plugin preferences Trusted Folders setting</p></figcaption></figure>

docs/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/misconfiguration-scanning-results-snyk-infrastructure-as-code.md

@@ -5,9 +5,12 @@ In Eclipse plugin version 2.0.0 and later, Snyk is introducing a deeper integrat
 1. The misconfiguration is highlighted (the red squiggly line) indicating there is a high severity security vulnerability in this file and the line number. You have all the information on hover; you can scroll, read, or click the links (when available) for even more information. Advice on how to resolve the misconfiguration is right there where the misconfiguration is.
 2. You see the integration with the **Problems** view, which is useful if you use the **Problems** view to filter and group issues. Snyk also indicates the line where the issue is, and clicking the issue in the problem view navigates to it.
 3. You can see the gutter icons on the left and file map highlights (with colors matching the priorities) on the right.
+4. In addition to this, the **Snyk** view offers the detailed issue descriptions and possibilities to start/stop scans, filter issues using the tool bar of the view and more.![](<../../../.gitbook/assets/image (647).png>)
 
 {% hint style="info" %}
 Currently the hover information is limited to JavaEditor and GenericEditor, the latter being the default editor for plugins like Wild Web Developer.
 {% endhint %}
 
 <figure><img src="../../../.gitbook/assets/image (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (1) (2) (1).png" alt=""><figcaption><p>Snyk IaC findings displayed in Eclipse</p></figcaption></figure>
+
+<figure><img src="../../../.gitbook/assets/image (646).png" alt=""><figcaption><p>Snyk IaC findings displayed in Snyk View</p></figcaption></figure>

docs/scm-ide-and-ci-cd-integrations/snyk-ide-plugins-and-extensions/eclipse-plugin/sast-scanning-results-sast-snyk-code.md

@@ -1,13 +1,18 @@
 # SAST scanning results (SAST, Snyk Code)
 
-In Eclipse plugin version 2.0.0 and later, Snyk is introducing a deeper integration with the native flows of Eclipse: inline highlights, problems integrations, and information about the issue on hover) The following shows all of these for a high severity security vulnerability found in a `js` file:
+In Eclipse plugin version 2.0.0 and later, Snyk is introducing a deeper integration with the native flows of Eclipse: inline highlights, problems integrations, and information about the issue on hover. The following shows all of these for a high-severity security vulnerability found in a `js` file:
 
 1. The security vulnerability is highlighted indicating there is a high severity security vulnerability in your code. You see the vulnerability ID and what the issue is on hover.
-2. You see the integration with the **Problems** view, (bottom of screen) which is useful if you use the **Problems** view to filter and group issues. Snyk also indicates the line where the issue is, and clicking the issue in the problem view navigates to it.
+2. You see the integration with the **Problems** view (bottom of screen) which is useful if you use the **Problems** view to filter and group issues. Snyk also indicates the line where the issue is. Click the issue in the problem view to navigate to the issue.
 3. You can see the gutter icons on the left and file map highlights (with colors matching the priorities) on the right.
+4.  In addition to this, the **Snyk** view offers detailed issue descriptions, including the dataflow and fix examples, together with possibilities to start and stop scans, filter issues using the toolbar of the view. and more. 
+
+    <figure><img src="../../../.gitbook/assets/image (643).png" alt=""><figcaption><p>The filter menu opens when clicking on the 3 dots</p></figcaption></figure>
 
 {% hint style="info" %}
-Currently the hover information is limited to JavaEditor and GenericEditor, the latter being the default editor for plugins like Wild Web Developer.
+The hover information is limited to JavaEditor and GenericEditor, the latter being the default editor for plugins like Wild Web Developer.
 {% endhint %}
 
 <figure><img src="../../../.gitbook/assets/image (122) (1) (1) (1) (1) (1) (1) (1) (1) (2) (1).png" alt=""><figcaption><p>Snyk Code findings displayed in Eclipse</p></figcaption></figure>
+
+<figure><img src="../../../.gitbook/assets/image (645).png" alt=""><figcaption><p>Snyk Code findings displayed in the Snyk View</p></figcaption></figure>