Skip to content

Commit db168ff

Browse files
cx-diogo-rochacx-diogo-rocha
authored
Merge branch 'main' into AST-84346-add-scorecard-only-integration-test
2 parents 7370e54 + bb88b71 commit db168ff

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

41 files changed

+1019
-126
lines changed

.github/workflows/issue_automation.yml

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -2,15 +2,25 @@ name: Issue automation
22

33
on:
44
issues:
5-
types: [opened]
5+
types: [opened, closed]
66

77
jobs:
88
notify_jira:
9+
if: github.event.action == 'opened'
910
name: Notify Jira
1011
uses: Checkmarx/plugins-release-workflow/.github/workflows/jira_notify.yml@main
1112
with:
1213
title: ${{ github.event.issue.title }}
1314
body: ${{ github.event.issue.body }}
1415
html_url: ${{ github.event.issue.html_url }}
1516
repo: ${{ github.event.repository.full_name }}
16-
secrets: inherit
17+
secrets: inherit
18+
19+
close_jira:
20+
if: github.event.action == 'closed'
21+
name: Close Jira
22+
uses: Checkmarx/plugins-release-workflow/.github/workflows/jira_close.yml@main
23+
with:
24+
issue_number: ${{ github.event.issue.number }}
25+
repo: ${{ github.event.repository.full_name }}
26+
secrets: inherit

cmd/main.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,7 @@ func main() {
3636
results := viper.GetString(params.ResultsPathKey)
3737
scanSummary := viper.GetString(params.ScanSummaryPathKey)
3838
risksOverview := viper.GetString(params.RisksOverviewPathKey)
39+
riskManagement := viper.GetString(params.RiskManagementPathKey)
3940
scsScanOverview := viper.GetString(params.ScsScanOverviewPathKey)
4041
uploads := viper.GetString(params.UploadsPathKey)
4142
codebashing := viper.GetString(params.CodeBashingPathKey)
@@ -65,6 +66,7 @@ func main() {
6566
projectsWrapper := wrappers.NewHTTPProjectsWrapper(projects)
6667
applicationsWrapper := wrappers.NewApplicationsHTTPWrapper(applications)
6768
risksOverviewWrapper := wrappers.NewHTTPRisksOverviewWrapper(risksOverview)
69+
riskManagementWrapper := wrappers.NewHTTPRiskManagementWrapper(riskManagement)
6870
scsScanOverviewWrapper := wrappers.NewHTTPScanOverviewWrapper(scsScanOverview)
6971
resultsWrapper := wrappers.NewHTTPResultsWrapper(results, scanSummary)
7072
authWrapper := wrappers.NewAuthHTTPWrapper()
@@ -101,6 +103,7 @@ func main() {
101103
projectsWrapper,
102104
resultsWrapper,
103105
risksOverviewWrapper,
106+
riskManagementWrapper,
104107
scsScanOverviewWrapper,
105108
authWrapper,
106109
logsWrapper,

go.mod

Lines changed: 19 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,11 @@ require (
66
github.com/Checkmarx/containers-resolver v1.0.6-0.20250130184119-42af4015f216
77
github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63
88
github.com/Checkmarx/gen-ai-wrapper v1.0.2
9+
github.com/Checkmarx/secret-detection v0.0.3-0.20250327150305-31c2c3be9edf
910
github.com/MakeNowJust/heredoc v1.0.0
1011
github.com/bouk/monkey v1.0.0
1112
github.com/gofrs/flock v0.12.1
12-
github.com/golang-jwt/jwt/v5 v5.2.1
13+
github.com/golang-jwt/jwt/v5 v5.2.2
1314
github.com/gomarkdown/markdown v0.0.0-20241102151059-6bc1ffdc6e8c
1415
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
1516
github.com/google/uuid v1.6.0
@@ -22,11 +23,12 @@ require (
2223
github.com/stretchr/testify v1.10.0
2324
github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80
2425
github.com/xeipuuv/gojsonschema v1.2.0
25-
golang.org/x/crypto v0.33.0
26+
golang.org/x/crypto v0.35.0
2627
golang.org/x/sync v0.11.0
2728
golang.org/x/text v0.22.0
2829
google.golang.org/grpc v1.67.3
2930
google.golang.org/protobuf v1.36.3
31+
gopkg.in/yaml.v2 v2.4.0
3032
gopkg.in/yaml.v3 v3.0.1
3133
gotest.tools v2.2.0+incompatible
3234
)
@@ -36,6 +38,7 @@ require (
3638
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
3739
github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20240914100643-eb91380d8434 // indirect
3840
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
41+
github.com/BobuSumisu/aho-corasick v1.0.3 // indirect
3942
github.com/BurntSushi/toml v1.4.0 // indirect
4043
github.com/Checkmarx/containers-images-extractor v1.0.3 // indirect
4144
github.com/Checkmarx/containers-syft-packages-extractor v1.0.6-0.20250130183701-3874a3497983 // indirect
@@ -75,22 +78,24 @@ require (
7578
github.com/beorn7/perks v1.0.1 // indirect
7679
github.com/blang/semver/v4 v4.0.0 // indirect
7780
github.com/bmatcuk/doublestar/v4 v4.8.0 // indirect
81+
github.com/bwmarrin/discordgo v0.27.1 // indirect
7882
github.com/cespare/xxhash/v2 v2.3.0 // indirect
7983
github.com/chai2010/gettext-go v1.0.3 // indirect
8084
github.com/charmbracelet/lipgloss v1.0.0 // indirect
8185
github.com/charmbracelet/x/ansi v0.4.5 // indirect
86+
github.com/checkmarx/2ms v1.4.1-0.20250327145719-b78804cb08c7 // indirect
8287
github.com/cloudflare/circl v1.3.8 // indirect
8388
github.com/containerd/cgroups/v3 v3.0.3 // indirect
8489
github.com/containerd/containerd v1.7.24 // indirect
85-
github.com/containerd/containerd/api v1.7.19 // indirect
86-
github.com/containerd/continuity v0.4.2 // indirect
90+
github.com/containerd/containerd/api v1.8.0 // indirect
91+
github.com/containerd/continuity v0.4.4 // indirect
8792
github.com/containerd/errdefs v0.3.0 // indirect
8893
github.com/containerd/errdefs/pkg v0.3.0 // indirect
8994
github.com/containerd/fifo v1.1.0 // indirect
9095
github.com/containerd/log v0.1.0 // indirect
9196
github.com/containerd/platforms v0.2.1 // indirect
9297
github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect
93-
github.com/containerd/ttrpc v1.2.5 // indirect
98+
github.com/containerd/ttrpc v1.2.7 // indirect
9499
github.com/containerd/typeurl/v2 v2.2.0 // indirect
95100
github.com/cyphar/filepath-securejoin v0.3.6 // indirect
96101
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
@@ -114,12 +119,14 @@ require (
114119
github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
115120
github.com/facebookincubator/nvdtools v0.1.5 // indirect
116121
github.com/fatih/color v1.17.0 // indirect
122+
github.com/fatih/semgroup v1.2.0 // indirect
117123
github.com/felixge/fgprof v0.9.3 // indirect
118124
github.com/felixge/httpsnoop v1.0.4 // indirect
119125
github.com/fsnotify/fsnotify v1.7.0 // indirect
120126
github.com/fxamacker/cbor/v2 v2.7.0 // indirect
121127
github.com/gabriel-vasile/mimetype v1.4.8 // indirect
122128
github.com/github/go-spdx/v2 v2.3.2 // indirect
129+
github.com/gitleaks/go-gitdiff v0.9.0 // indirect
123130
github.com/go-errors/errors v1.4.2 // indirect
124131
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
125132
github.com/go-git/go-billy/v5 v5.6.2 // indirect
@@ -147,6 +154,7 @@ require (
147154
github.com/gorilla/websocket v1.5.0 // indirect
148155
github.com/gosuri/uitable v0.0.4 // indirect
149156
github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
157+
github.com/h2non/filetype v1.1.3 // indirect
150158
github.com/hashicorp/errwrap v1.1.0 // indirect
151159
github.com/hashicorp/go-multierror v1.1.1 // indirect
152160
github.com/hashicorp/hcl v1.0.0 // indirect
@@ -169,6 +177,7 @@ require (
169177
github.com/lib/pq v1.10.9 // indirect
170178
github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
171179
github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
180+
github.com/lucasjones/reggen v0.0.0-20200904144131-37ba4fa293bb // indirect
172181
github.com/magiconair/properties v1.8.9 // indirect
173182
github.com/mailru/easyjson v0.7.7 // indirect
174183
github.com/mattn/go-colorable v0.1.13 // indirect
@@ -230,6 +239,7 @@ require (
230239
github.com/shopspring/decimal v1.4.0 // indirect
231240
github.com/sirupsen/logrus v1.9.3 // indirect
232241
github.com/skeema/knownhosts v1.3.0 // indirect
242+
github.com/slack-go/slack v0.12.2 // indirect
233243
github.com/sourcegraph/conc v0.3.0 // indirect
234244
github.com/spdx/tools-golang v0.5.5 // indirect
235245
github.com/spf13/afero v1.12.0 // indirect
@@ -253,6 +263,7 @@ require (
253263
github.com/xlab/treeprint v1.2.0 // indirect
254264
github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
255265
github.com/zclconf/go-cty v1.13.0 // indirect
266+
github.com/zricethezav/gitleaks/v8 v8.18.2 // indirect
256267
go.opencensus.io v0.24.0 // indirect
257268
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
258269
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.58.0 // indirect
@@ -262,7 +273,7 @@ require (
262273
go.uber.org/multierr v1.11.0 // indirect
263274
golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
264275
golang.org/x/mod v0.22.0 // indirect
265-
golang.org/x/net v0.34.0 // indirect
276+
golang.org/x/net v0.36.0 // indirect
266277
golang.org/x/oauth2 v0.25.0 // indirect
267278
golang.org/x/sys v0.30.0 // indirect
268279
golang.org/x/term v0.29.0 // indirect
@@ -294,3 +305,5 @@ require (
294305
sigs.k8s.io/structured-merge-diff/v4 v4.4.2 // indirect
295306
sigs.k8s.io/yaml v1.4.0 // indirect
296307
)
308+
309+
replace github.com/containerd/containerd => github.com/containerd/containerd v1.7.27

0 commit comments

Comments
 (0)