v1.3.0

[bluesentinelsec]

Added a new option, threshold_fixable_only. When set to true, only vulnerabilities with a fix count towards threshold exceeded vulnerability counts. Vulnerabilities without a fix do not count towards the threshold. This option is intended to support workflows that wish to invoke custom logic, such as job failure, only when fixable vulnerabilities are present.

• Resolves Feature Request: Only Fail if Vendor Fix Available #91

Added a new option, show_only_fixable_vulns. When enabled, the action will only display vulnerabilities for which a fix is available in the GitHub Actions step summary. Vulnerabilities without a fix are still present in the raw Inspector scan JSON or CSV.

• 🎉 Special thanks for the community contribution from @CarolMebiom! Feature request 91 #115

Added reference in project README to the Amazon Inspector SBOM Generator software license: AWS Intellectual Property License.

• Resolves Please clarify the license #120

An example workflow demonstrating these new features is available here.

For more information, feel encouraged to peruse the source code changes: #123

---

This discussion was created from the release v1.3.0.