Releases · sysdiglabs/scan-action

Fix package and risk acceptance filtering (#97)

* fix: regression on filter by package in action summary

* Add test for accepted risk filter in summary

* Add test for severity filter in summary report

* Fix vulnerability counts in summary report

* Fix accepted risk filtering logic

    Refine filtering logic to correctly handle risk acceptance at the vulnerability level versus package level.

    1. Stopped associating accepted risks from vulnerabilities to their packages in the Sysdig adapter. This prevents the 'withoutAcceptedRisks' filter from discarding the entire package when only a specific vulnerability has an accepted risk.
    2. Updated SummaryReportPresenter to explicitly filter out vulnerabilities with accepted risks when generating the report tables, ensuring that even if the package remains (due to other active vulnerabilities), the accepted ones are hidden/not counted.

* Add package level acceptance risks and tests

* Add message about applied filters in the summary

* Add details about filter in summary

Assets 2

27 Nov 13:08

github-actions

v6.3.1

90e7e27

v6.3.1

Fix package sorting in scan summary report (#96)

* fix: package sorting by vulnerability

* Extract sorting logic to a domain service and add testing

* Refactor to extract ISummary instead of using core.summary + testing to validate output

Assets 2

26 Nov 16:35

github-actions

v6.3.0

0225eb0

v6.3.0

Fix duplicate ruleID in SARIF and others (#95)

- Fix duplicate ruleID in SARIF when grouping by package
- Don't add rules and results in SARIF, when grouping by package, if the package does not have vulnerabilities
- Use package name, version and path as the rule id
- Clean SARIF messages after result URL has been removed
- Update test fixture for V1 scan result
- Update fixture for SARIF report
- Bump CLI scanner to 1.24.1
- Improve download test to support multi os/arch

Assets 2