Fix Audit Xray scan Sarif output #996

attiasas · 2023-10-16T15:12:15Z

All tests passed. If this feature is not already covered by the tests, I added new tests.
All static analysis checks passed.
This pull request is on the dev branch.
I used gofmt for formatting the code before submitting the pull request.

"shortDescription": null,

Adding one rule per combination of CVE + impacted dependency (name + version).
Results for the rule are one per direct dependency.

xray/utils/resultwriter.go

fix xray version output

8890969

attiasas added the bug Something isn't working label Oct 16, 2023

attiasas had a problem deploying to frogbot October 16, 2023 15:12 — with GitHub Actions Failure

Merge remote-tracking branch 'upstream/dev' into fix_sarif_xray

8bd96dc

attiasas had a problem deploying to frogbot October 16, 2023 15:15 — with GitHub Actions Failure

done

5fb061c

attiasas had a problem deploying to frogbot October 17, 2023 09:29 — with GitHub Actions Failure

Merge remote-tracking branch 'upstream/dev' into fix_sarif_xray

a6bb0a1

attiasas marked this pull request as ready for review October 17, 2023 09:32

attiasas had a problem deploying to frogbot October 17, 2023 09:32 — with GitHub Actions Failure

attiasas requested review from omerzi and yahavi October 17, 2023 09:40

attiasas changed the title ~~Audit Sarif xray driver on docker scan~~ Audit Xray scan Sarif output Oct 17, 2023

omerzi reviewed Oct 17, 2023

View reviewed changes

xray/utils/resultwriter.go Outdated Show resolved Hide resolved

review changes

141ed3e

attiasas had a problem deploying to frogbot October 17, 2023 10:06 — with GitHub Actions Failure

fix static

56c82f1

attiasas had a problem deploying to frogbot October 17, 2023 10:07 — with GitHub Actions Failure

fix license as well and combine

5619086

attiasas had a problem deploying to frogbot October 17, 2023 11:52 — with GitHub Actions Failure

fix static

09372c1

attiasas had a problem deploying to frogbot October 17, 2023 11:59 — with GitHub Actions Failure

fix static

e72129a

attiasas had a problem deploying to frogbot October 17, 2023 12:00 — with GitHub Actions Failure

fix text

c576584

attiasas had a problem deploying to frogbot October 17, 2023 12:02 — with GitHub Actions Failure

fix title

439485f

attiasas had a problem deploying to frogbot October 17, 2023 12:16 — with GitHub Actions Failure

attiasas merged commit b7891b0 into jfrog:dev Oct 17, 2023
7 of 8 checks passed

attiasas mentioned this pull request Oct 18, 2023

jfrog 2.50.1 - Invalid SARIF file for GHAS upload jfrog/jfrog-cli#2268

Closed

attiasas changed the title ~~Audit Xray scan Sarif output~~ Fix Audit Xray scan Sarif output Oct 18, 2023

chenrui333 mentioned this pull request Oct 18, 2023

jfrog-cli 2.50.2 Homebrew/homebrew-core#151650

Merged

Provide feedback