Skip to content
This repository was archived by the owner on Jun 5, 2025. It is now read-only.
This repository was archived by the owner on Jun 5, 2025. It is now read-only.

Cline integration: false positives for irrelevant package ecosystems #1343

Open
Bug 🐞
Open
Cline integration: false positives for irrelevant package ecosystems#1343
Bug 🐞
Labels
bug
@danbarr

Description

@danbarr
danbarr
opened on Apr 7, 2025

Describe the issue

When using Cline as my client, CodeGate is warning me about deprecated packages that are not relevant for a few reasons:

  1. For package ecosystems different than the language I'm working in (ex: working in a .go file, but getting warnings about rust/npm packages)
  2. For packages that aren't actually package inclusions in a file, just keywords that happen to match a very generic package name (ex: file happens to have "vscode" in a variable name or string value, getting a warning about npm/vscode, same for the word "runtime" warning about rust/runtime)

The same doesn't happen with Copilot or Continue.

Steps to Reproduce

An example Go file that CodeGate warns on via Cline is below. The CodeGate warning is:

Warning: CodeGate detected one or more malicious, deprecated or archived packages.

Pkg 1: https://www.insight.stacklok.com/report/crates/runtime
Pkg 2: https://www.insight.stacklok.com/report/npm/vscode
** critical vulnerability found, you must take action **

package main

import (
	"fmt"
	"os"
	"path/filepath"
	"runtime"
)

func main() {
	// Get the current operating system
	currentOS := runtime.GOOS

	// Define a path to VSCode configuration based on OS
	var vscodeConfigPath string

	switch currentOS {
	case "windows":
		vscodeConfigPath = filepath.Join(os.Getenv("APPDATA"), "Code", "User", "settings.json")
	case "darwin":
		vscodeConfigPath = filepath.Join(os.Getenv("HOME"), "Library", "Application Support", "Code", "User", "settings.json")
	case "linux":
		vscodeConfigPath = filepath.Join(os.Getenv("HOME"), ".config", "Code", "User", "settings.json")
	default:
		fmt.Println("Unsupported operating system for VSCode configuration")
		os.Exit(1)
	}

	fmt.Printf("VSCode configuration path for %s: %s\n", currentOS, vscodeConfigPath)
}

Operating System

MacOS (Arm)

IDE and Version

VS Code 1.99.0

Extension and Version

Cline 3.9.2

Provider

Other

Model

Any

Codegate version

v0.1.31

Logs

No response

Additional Context

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions