Skip to content

feat(mdm): add support for new ide & pluggins#22

Open
shubham-stepsecurity wants to merge 2 commits intostep-security:mainfrom
shubham-stepsecurity:sm/feat/ide
Open

feat(mdm): add support for new ide & pluggins#22
shubham-stepsecurity wants to merge 2 commits intostep-security:mainfrom
shubham-stepsecurity:sm/feat/ide

Conversation

@shubham-stepsecurity
Copy link
Copy Markdown
Member

@shubham-stepsecurity shubham-stepsecurity commented Apr 15, 2026

What does this PR do?

Type of change

  • Bug fix
  • Enhancement
  • Documentation

Testing

  • Tested on macOS (version: ___)
  • Binary runs without errors: ./stepsecurity-dev-machine-guard --verbose
  • JSON output is valid: ./stepsecurity-dev-machine-guard --json | python3 -m json.tool
  • No secrets or credentials included
  • Lint passes: make lint
  • Tests pass: make test

Related Issues

@ashishkurmi ashishkurmi requested a review from Copilot April 17, 2026 05:03
Copilot AI reviewed Apr 17, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds broader IDE/plugin detection (JetBrains, Xcode, Eclipse) and enriches extension output with a source attribute so results can distinguish bundled vs user-installed items.

Changes:

  • Add detection for JetBrains IDE installations plus JetBrains/Android Studio plugins, Xcode Source Editor extensions (via pluginkit), and Eclipse features/plugins.
  • Add Extension.Source (bundled / user_installed) and update pretty output to tag bundled extensions.
  • Expand IDE display-name mapping to include newly supported IDE types.

Reviewed changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 7 comments.

Show a summary per file
File Description
internal/telemetry/telemetry.go Extends ideDisplayName mapping for new IDE types in telemetry logs.
internal/output/pretty.go Uses centralized ideDisplayName + displays [bundled] marker for extensions.
internal/model/model.go Adds Extension.Source JSON field (omitempty).
internal/executor/mock.go Adds MockDirEntry helper to support os.DirEntry-based tests.
internal/detector/xcode_extensions.go New detector to parse pluginkit output for Xcode Source Editor extensions.
internal/detector/xcode_extensions_test.go Unit tests for parsePluginkitLine.
internal/detector/jetbrains_plugins.go New detector for JetBrains/Android Studio plugins (including bundled vs user-installed tagging).
internal/detector/jetbrains_plugins_test.go Tests for JetBrains/Android Studio plugin scanning and XML parsing.
internal/detector/eclipse_plugins.go New detector for Eclipse feature/plugin entries and bundled-vs-user tagging.
internal/detector/extension.go Adds new extension sources (Cursor/Windsurf/Antigravity) and wires in JetBrains/Xcode/Eclipse detection.
internal/detector/ide.go Adds JetBrains IDE + Android Studio + Eclipse + Xcode to IDE installation detection list.
internal/detector/ide_test.go Adds test coverage for JetBrains IDE installation detection.
examples/sample-output.json Updates example output to include GoLand and adjusts summary count.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread internal/detector/eclipse_plugins.go
Comment on lines +30 to +41
// DetectEclipsePlugins scans Eclipse feature directories and returns
// all features tagged as "bundled" or "user_installed".
func (d *ExtensionDetector) DetectEclipsePlugins() []model.Extension {
var results []model.Extension
for _, dir := range eclipseFeatureDirs {
if !d.exec.DirExists(dir) {
continue
}
results = append(results, d.collectEclipseFeatures(dir)...)
}
return results
}
Comment thread internal/detector/xcode_extensions.go
Comment on lines +13 to +23
func (d *ExtensionDetector) DetectXcodeExtensions(ctx context.Context) []model.Extension {
stdout, _, _, err := d.exec.RunWithTimeout(ctx, 10*time.Second,
"pluginkit", "-mAD", "-p", "com.apple.dt.Xcode.extension.source-editor")
if err != nil {
return nil
}

stdout = strings.TrimSpace(stdout)
if stdout == "" {
return nil
}
Comment thread internal/detector/xcode_extensions.go
Comment on lines +44 to +49
// Strip leading +/- and whitespace
enabled := false
if strings.HasPrefix(line, "+") {
enabled = true
}
line = strings.TrimLeft(line, "+- \t")
Comment thread internal/executor/mock.go
Comment on lines +310 to +313
func (e *mockDirEntry) Name() string { return e.name }
func (e *mockDirEntry) IsDir() bool { return e.dir }
func (e *mockDirEntry) Type() os.FileMode { if e.dir { return os.ModeDir }; return 0 }
func (e *mockDirEntry) Info() (os.FileInfo, error) { return &mockFileInfo{name: e.name, dir: e.dir}, nil }
Comment thread internal/detector/extension.go
Comment on lines +35 to 38
func (d *ExtensionDetector) Detect(ctx context.Context, searchDirs []string) []model.Extension {
homeDir := getHomeDir(d.exec)
var results []model.Extension

Comment thread internal/detector/jetbrains_plugins.go
Comment on lines +233 to +239
// readFileFromZip extracts a single file from a zip/jar archive.
func readFileFromZip(zipPath, targetFile string) []byte {
r, err := zip.OpenReader(zipPath)
if err != nil {
return nil
}
defer r.Close()
Comment thread examples/sample-output.json
Comment on lines 137 to 141
"ai_agents_and_tools_count": 5,
"ide_installations_count": 3,
"ide_installations_count": 4,
"ide_extensions_count": 4,
"mcp_configs_count": 2,
"node_projects_count": 0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@shubham-stepsecurity