Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix Audit Xray scan Sarif output #996

Merged
merged 11 commits into from
Oct 17, 2023
Merged

Conversation

attiasas
Copy link
Contributor

@attiasas attiasas commented Oct 16, 2023

  • All tests passed. If this feature is not already covered by the tests, I added new tests.
  • All static analysis checks passed.
  • This pull request is on the dev branch.
  • I used gofmt for formatting the code before submitting the pull request.

image
  • Fix xray version on docker scan

  • Fix x-ray attribute:

"shortDescription": null,

Adding one rule per combination of CVE + impacted dependency (name + version).
Results for the rule are one per direct dependency.

  • Fix License violation output to match Cve output information

@attiasas attiasas added the bug Something isn't working label Oct 16, 2023
@attiasas attiasas marked this pull request as ready for review October 17, 2023 09:32
@attiasas attiasas requested review from omerzi and yahavi October 17, 2023 09:40
@attiasas attiasas changed the title Audit Sarif xray driver on docker scan Audit Xray scan Sarif output Oct 17, 2023
xray/utils/resultwriter.go Outdated Show resolved Hide resolved
@attiasas attiasas merged commit b7891b0 into jfrog:dev Oct 17, 2023
7 of 8 checks passed
@attiasas attiasas changed the title Audit Xray scan Sarif output Fix Audit Xray scan Sarif output Oct 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants