v1.3.0 #123
Open
v1.3.0 #123
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* FR-91: Add cli arg only fixable vulnerability; use the variable in get_vuln_counts * Revert "FR-91: Add cli arg only fixable vulnerability; use the variable in get_vuln_counts" This reverts commit bc532d4. * FR-91: Add cli arg only fixable vulnerability; use the variable in get_vuln_counts * FR-91: Fix unit tests * FR-91: Fix typo in unit tests * Revert "FR-91: Fix typo in unit tests" This reverts commit e645542. * Revert "FR-91: Fix unit tests" This reverts commit f9157c9. * Revert "FR-91: Add cli arg only fixable vulnerability; use the variable in get_vuln_counts" This reverts commit 812c685. * FR-91: Change orchestrator to only find fixed vulnerabilities if flag show-only-fixed-vulnerabilities is present * FR-91: Fixed missing variable * FR-91: Fixed typo * FR-91: Fixed typo * FR-91: Another fix * FR-91: Another fix * FR-91: Another fix * FR-91: Another fix * FR-91: Another fix * FR-91: Another fix * FR-91: Another fix * Add unit test for get_vuln_count * Fix unit test for get_vuln_count --------- Co-authored-by: Maria Carolina Conceição <carolina.bento@floy.com>
Co-authored-by: Michael Long <mlongii@amazon.com>
* Add --threshold-fixable-only to CLI * implemented business logic * changed 'threshold_fixable_only' from str to bool * Added more test coverage and CLI refinements * debugging failing unit test * test threshold-fixable-only in workflow * test threshold-fixable-only in workflow * debugging CI/CD * debugging CI/CD * debugging * debugging * debugging * debugging * removed debug log showing CLI arguments * add missing argument, fixed_vuln_counts * simplify get_fixed_vuln_counts() return values * refactor return types in get_scan_result() * refactor * refine get_fixed_vuln_counts() * update test_get_fixed_vuln_counts() * testing case sensitivity * revert 'TRUE' to 'true' * use debug log when vuln doesnt have rating * integrate --show-only-fixable-vulns (part 1) * integrate only show fixable vulns * test example workflows * fix CLI input arguments * remove leading '-' character for conditional inclusion * add a no-op CLI arg (workaround) * enable new arguments in workflows * fix failing test * update workflows for prod --------- Co-authored-by: Michael Long <mlongii@amazon.com>
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
bluesentinelsec
temporarily deployed
to
plugin-development
GitHub Actions
Inactive
s-kenji
approved these changes
Jun 27, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Added a new option,
threshold_fixable_only. When set to true, only vulnerabilities with a fix count towards threshold exceeded vulnerability counts. Vulnerabilities without a fix do not count towards the threshold. This option is intended to support workflows that wish to invoke custom logic, such as job failure, only when fixable vulnerabilities are present.Added a new option,
show_only_fixable_vulns. When enabled, the action will only display vulnerabilities for which a fix is available in the GitHub Actions step summary. Vulnerabilities without a fix are still present in the raw Inspector scan JSON or CSV.Added reference in project README to the Amazon Inspector SBOM Generator software license: AWS Intellectual Property License.
An example workflow demonstrating these new features is available here.
For more information, feel encouraged to peruse the source code changes: #123