search

semgrep / semgrep-vscode

Semgrep extension for Visual Studio Code
https://marketplace.visualstudio.com/items?itemName=semgrep.semgrep
GNU Lesser General Public License v2.1
53 stars 24 forks source link

VSCode Semgrep Extension failing to update rules behind inspecting proxy #157

Open mitch-athena opened 1 month ago

mitch-athena commented 1 month ago

I'm behind an inspecting proxy and having this issue running semgrep in VSCode and already have the REQUESTS_CA_BUNDLE exported, as well as CERT_PATH, CERT_DIR, SSL_CERT_FILE, SSL_CERT_DIR as this also fixes TLS issues for PIP. Any idea what else is needed to get this working?

Error Notification in VSCode:

Fatal error: Failed to download config from https://semgrep.dev/c/p/default: TLS failure: authentication failure: invalid certificate chain

Error in output log from Semgrep extension in VSCode:

Refreshing rules
[73.00][ERROR]: Uncaught async exception: Fatal error: Failed to download config from https://semgrep.dev/c/p/default: TLS failure: authentication failure: invalid certificate chain

No issue running semgrep from the CLI though.

Originally posted by @mitch-athena in https://github.com/semgrep/semgrep/issues/5084#issuecomment-2244055360

I noticed this has been raised before here https://github.com/semgrep/semgrep-vscode/issues/62 and was supposedly fixed in https://github.com/semgrep/semgrep-vscode/pull/63, however the issue seems to persist.

ajbt200128 commented 1 month ago

Hey so it turns out that issue was never actually fixed, and we have been working on a fix for awhile now. It'll probably be another month until we can get that fix through though as it depends on updating a dependency.

mitch-athena commented 1 month ago

Glad it wasn't just me then 😅

Will check back here later then, thanks!