Releases: jorge-abarca/github-security-report-action
Releases · jorge-abarca/github-security-report-action
v2.7
v2.6
v2.5
Bug Fixes
This version addresses the following issues:
v2.4
Bug Fixes
This version addresses the following issues:
- Repos with multiple languages configured in CodeQL throw a
sarifRules.push is not iterableexception, since there are instances where theextension.rulesare null.
v2.3
Bug Fixes
This version addresses the following issues:
- Applied rules and CWEs always yield 0 as reported in issue 7.
New Functionality
This version also adds the following functionality:
- It is possible to specify a report template using the
templateparameter. - Severity has been expanded to include
critical,highandlow, as presented by GitHub's UI. - The
summaryreport shows the new severity classifications with their number of incidences. - An
alertscomponent has been created to be available for reports. - The
reporttemplate has been modified to include all open alerts grouped by severity. - An
aggregated_reporttemplate has been included to create less verbose reports showing the number of instances a rule was matched.
Development Experience Improvements
Additionally, this version has the following proposed development experience improvements:
- The "Build and Test" action now generates a "results" file for debugging purposes.
- Mocking is introduced to allow tests to work without the need to have access to any repositories.
Mocking is achieved by leveraging a mocking directory inside samples. JSON files representing the mocked responses for the paginate and graphql methods are used by testUtils.js to provide this functionality.
v2.2
Release meant to allow specifying a report template.