Skip to content

Fix container-images flag to support prefix syntax advanced parsing (AST-108903) #1318

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cx-anurag-dalke merged 24 commits into from
Oct 14, 2025
Merged

Fix container-images flag to support prefix syntax advanced parsing (AST-108903) #1318

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
29f12db
Fix container-images flag to support prefix syntax and restrict to si…
Sep 29, 2025
c4cf787
Improve container-images validation error messages
Sep 29, 2025
46cf172
Fix file: prefix handling for syft compatibility
Sep 29, 2025
e9b3597
Implement proper scheme extraction for syft compatibility
Sep 29, 2025
b272519
Fix vendor library panic by adding default tags to file paths
Sep 29, 2025
5eea15d
Revert automatic tag addition - causes syft file resolution issues
Sep 29, 2025
16a00d0
Update .gitignore to exclude test files and update go.mod dependencie…
Oct 9, 2025
463c10c
Improve container image validation with comprehensive error reporting…
Oct 9, 2025
43fc92a
Remove unused containers-resolver dependency from go.mod
Oct 9, 2025
aad6007
Update .gitignore to remove exclusions for test files and temporary d…
Oct 9, 2025
2ee3f54
Enhance container security scan functionality with detailed validatio…
Oct 9, 2025
e2c0b00
Update go.sum to include new dependency for containers-resolver v1.0.21
Oct 9, 2025
6afae81
Refactor container image validation logic for improved readability an…
Oct 9, 2025
4146698
Refactor error messages and improve variable usage in container image…
Oct 9, 2025
c29332c
Fix magic number linting issues in extractSchemeSource function
Oct 9, 2025
b6c4a20
Refactor error handling in container image validation tests
Oct 10, 2025
94a3ed3
Add tar file detection and local resolution enforcement in scan commands
Oct 10, 2025
93fbfd5
Fix magic number linting error and correct tar file validation logic
Oct 10, 2025
1e124f3
Fix oci-dir validation to allow directories without tags
Oct 12, 2025
8139e7c
Update dependencies and refactor container image handling
Oct 12, 2025
9605e76
Update dependencies to latest versions
Oct 13, 2025
2b775f6
fixed kics test error msg
cx-anjali-deore Oct 13, 2025
3c01503
fixed expected err assertion in container integration test
cx-anjali-deore Oct 14, 2025
94ae890
Update ci-tests.yml
cx-anurag-dalke Oct 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/ci-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ jobs:
name: ${{ runner.os }}-coverage-latest
path: coverage.html

- name: Check if total coverage is greater then 77.5
- name: Check if total coverage is greater then 76
shell: bash
run: |
CODE_COV=$(go tool cover -func cover.out | grep total | awk '{print substr($3, 1, length($3)-1)}')
Expand Down
3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,3 +63,6 @@ override.tf.json

# Ignore pkgs directory
vendor/*

# Build artifacts and temporary directories
internal/commands/data/manifests/obj/
6 changes: 3 additions & 3 deletions go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ module github.com/checkmarx/ast-cli
go 1.24.6

require (
github.com/Checkmarx/containers-resolver v1.0.21
github.com/Checkmarx/containers-resolver v1.0.24
github.com/Checkmarx/containers-types v1.0.9
github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63
github.com/Checkmarx/gen-ai-wrapper v1.0.2
Expand Down Expand Up @@ -50,7 +50,7 @@ require (
github.com/BobuSumisu/aho-corasick v1.0.3 // indirect
github.com/BurntSushi/toml v1.5.0 // indirect
github.com/Checkmarx/containers-images-extractor v1.0.18
github.com/Checkmarx/containers-syft-packages-extractor v1.0.17 // indirect
github.com/Checkmarx/containers-syft-packages-extractor v1.0.20 // indirect
github.com/CycloneDX/cyclonedx-go v0.9.2 // indirect
github.com/DataDog/zstd v1.5.6 // indirect
github.com/Masterminds/goutils v1.1.1 // indirect
Expand Down Expand Up @@ -194,7 +194,7 @@ require (
github.com/mitchellh/go-homedir v1.1.0 // indirect
github.com/mitchellh/go-wordwrap v1.0.1 // indirect
github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
github.com/mitchellh/mapstructure v1.5.0 // indirect
github.com/mitchellh/mapstructure v1.5.1-0.20220423092549-19e70c243037 // indirect
github.com/mitchellh/reflectwalk v1.0.2 // indirect
github.com/moby/docker-image-spec v1.3.1 // indirect
github.com/moby/locker v1.0.1 // indirect
Expand Down
12 changes: 6 additions & 6 deletions go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -65,10 +65,10 @@ github.com/BurntSushi/toml v1.5.0/go.mod h1:ukJfTF/6rtPPRCnwkur4qwRxa8vTRFBF0uk2
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/Checkmarx/containers-images-extractor v1.0.18 h1:vj22lJurK72Zw28uenlzntDKIiXK0zN993lfsMdJh+w=
github.com/Checkmarx/containers-images-extractor v1.0.18/go.mod h1:n3B8u4/WZCtsIwamIz7Prz6Ktl169i+aJb9Yq5R3D2M=
github.com/Checkmarx/containers-resolver v1.0.21 h1:HFl9ZfdzH7Fh3jvdRxnTIHYotI/3ZNMJTFP70c1jZWU=
github.com/Checkmarx/containers-resolver v1.0.21/go.mod h1:Kq7Jb+bvCx+BObImrydImkFIPWyhaZaX6lJyoz+IhA4=
github.com/Checkmarx/containers-syft-packages-extractor v1.0.17 h1:OrqJ7Z+9Cpz+258B9uMGgxA8/prTuHmG0w7UJ+y6Fvw=
github.com/Checkmarx/containers-syft-packages-extractor v1.0.17/go.mod h1:o5O/uQuZVaHTsOU4PXQyRseGSblR+HXsdfZv7Hrt5CA=
github.com/Checkmarx/containers-resolver v1.0.24 h1:IjDb1PBr1nd9ZGdr5V5B0jcYbrKw0U1mallo1sTKmu0=
github.com/Checkmarx/containers-resolver v1.0.24/go.mod h1:O4YbwZbFPMe8JVpjH2hW7MQtI2HtH/IxQlv6Gr6ANw4=
github.com/Checkmarx/containers-syft-packages-extractor v1.0.20 h1:F8ODMTsAP3f97EFTGQYbScz6nOeUlcE4vV6biBvHFpI=
github.com/Checkmarx/containers-syft-packages-extractor v1.0.20/go.mod h1:LBuo6NbNip0iZUCwmd5gFWYaLAlnl5STidlI2FYwoUw=
github.com/Checkmarx/containers-types v1.0.9 h1:LbHDj9LZ0x3f28wDx398WC19sw0U0EfEewHMLStBwvs=
github.com/Checkmarx/containers-types v1.0.9/go.mod h1:KR0w8XCosq3+6jRCfQrH7i//Nj2u11qaUJM62CREFZA=
github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 h1:SCuTcE+CFvgjbIxUNL8rsdB2sAhfuNx85HvxImKta3g=
Expand Down Expand Up @@ -741,8 +741,8 @@ github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/z
github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/mapstructure v1.5.1-0.20220423092549-19e70c243037 h1:HFfFxOGn95p7f1McxDK/LbYRMTjNKiDEOMgUIzMSXdU=
github.com/mitchellh/mapstructure v1.5.1-0.20220423092549-19e70c243037/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
Expand Down
Loading
Loading