Skip to content

Releases: sysdiglabs/scan-action

v6.3.6

Choose a tag to compare

@github-actions github-actions released this 06 May 13:55
607e6bc

Bug Fixes

  • resolve TypeError in SummaryReportPresenter (issue #108) (#110)

Continuous Integration

  • add multi-image matrix scan (34 images) (#111)

v6.3.5

Choose a tag to compare

@github-actions github-actions released this 16 Apr 08:27
9ccb0a0

Bug Fixes

  • restore scanReport output (#107)

Small Modifications

  • upgrade Node.js runtime from 20 to 24 (#106)
  • add justfile, pin actions, and update cli-scanner (#105)

v6.3.4

Choose a tag to compare

@github-actions github-actions released this 27 Jan 15:28
6015202

Bug Fixes

  • resolve ReportParsingError in IaC mode (#101)
  • use curl instead of wget and add agent docs (#100)

Small Modifications

  • bump version to 6.3.4 (#102)

v6.3.3

Choose a tag to compare

@github-actions github-actions released this 10 Dec 12:51
554e4d5

Bug Fixes

  • support uppercase in package-type filters (#98)

v6.3.2

Choose a tag to compare

@github-actions github-actions released this 05 Dec 09:08
e2429d1
Fix package and risk acceptance filtering (#97)

* fix: regression on filter by package in action summary

* Add test for accepted risk filter in summary

* Add test for severity filter in summary report

* Fix vulnerability counts in summary report

* Fix accepted risk filtering logic

    Refine filtering logic to correctly handle risk acceptance at the vulnerability level versus package level.

    1. Stopped associating accepted risks from vulnerabilities to their packages in the Sysdig adapter. This prevents the 'withoutAcceptedRisks' filter from discarding the entire package when only a specific vulnerability has an accepted risk.
    2. Updated SummaryReportPresenter to explicitly filter out vulnerabilities with accepted risks when generating the report tables, ensuring that even if the package remains (due to other active vulnerabilities), the accepted ones are hidden/not counted.

* Add package level acceptance risks and tests

* Add message about applied filters in the summary

* Add details about filter in summary

v6.3.1

Choose a tag to compare

@github-actions github-actions released this 27 Nov 13:08
90e7e27
Fix package sorting in scan summary report (#96)

* fix: package sorting by vulnerability

* Extract sorting logic to a domain service and add testing

* Refactor to extract ISummary instead of using core.summary + testing to validate output

v6.3.0

Choose a tag to compare

@github-actions github-actions released this 26 Nov 16:35
0225eb0
Fix duplicate ruleID in SARIF and others (#95)

- Fix duplicate ruleID in SARIF when grouping by package
- Don't add rules and results in SARIF, when grouping by package, if the package does not have vulnerabilities
- Use package name, version and path as the rule id
- Clean SARIF messages after result URL has been removed
- Update test fixture for V1 scan result
- Update fixture for SARIF report
- Bump CLI scanner to 1.24.1
- Improve download test to support multi os/arch

v6.2.1

Choose a tag to compare

@github-actions github-actions released this 27 Oct 08:31
5645a29

Bug Fixes

  • scan: respect global evaluation result for accepted risks (#93)

Continuous Integration

  • workflows: add stale issues and PRs workflow (#91)

v6.2.0

Choose a tag to compare

@github-actions github-actions released this 24 Oct 11:20
7e92d3a

Code Refactoring

  • split code into a clean architecture (#89)

Features

  • scanner: Add checksum verification for scanner download (#90)

v6.1.3

Choose a tag to compare

@github-actions github-actions released this 23 Sep 13:08
f82dfca

Compilation & Dependencies

  • update dependencies to remove vulns (#86)

Small Modifications

  • deps: update sysdig-cli-scanner to v1.22.6 (#87)