fixed preview bug in issue creation flow

Author: shailesh-veracode

.github/workflows/binary-ready-veracode-sast-pipeline-scan.yml

@@ -111,11 +111,11 @@ jobs:
       - name: Get scan results
         uses: actions/download-artifact@v4
         with:
-          name: "Veracode Pipeline-Scan Results"
+          name: "Veracode Pipeline-Scan Mitigated Filtered Results"
 
       - name: Convert pipeline scan output to SARIF format for Java language
         if: github.event.client_payload.repository.language == 'Java'
-        uses: Veracode/veracode-pipeline-scan-results-to-sarif@v2.0.2
+        uses: Veracode/veracode-pipeline-scan-results-to-sarif@master
         with:
           pipeline-results-json: filtered_results.json
           output-results-sarif: veracode-results.sarif
@@ -129,7 +129,7 @@ jobs:
 
       - name: Convert pipeline scan output to SARIF format for non Java language
         if: github.event.client_payload.repository.language != 'Java'
-        uses: Veracode/veracode-pipeline-scan-results-to-sarif@v2.0.2
+        uses: Veracode/veracode-pipeline-scan-results-to-sarif@master
         with:
           pipeline-results-json: filtered_results.json
           output-results-sarif: veracode-results.sarif
@@ -148,7 +148,7 @@ jobs:
       - name: Get scan results
         uses: actions/download-artifact@v4
         with:
-          name: 'Veracode Pipeline-Scan Results'
+          name: 'Veracode Pipeline-Scan Mitigated Filtered Results'
 
       - name: Create flaws as issues for Java language
         if: github.event.client_payload.repository.language == 'Java'
@@ -158,6 +158,7 @@ jobs:
           repo_owner: ${{ github.event.client_payload.repository.owner }}
           github-token: ${{ github.event.client_payload.token }}
           repo_name: ${{ github.event.client_payload.repository.name }}
+          commitHash:  ${{ github.event.client_payload.sha }}
           source_base_path_1: 'com/:src/main/java/com/'
           source_base_path_2: 'WEB-INF:src/main/webapp/WEB-INF'
 
@@ -169,3 +170,4 @@ jobs:
           repo_owner: ${{ github.event.client_payload.repository.owner }}
           github-token: ${{ github.event.client_payload.token }}
           repo_name: ${{ github.event.client_payload.repository.name }}
+          commitHash:  ${{ github.event.client_payload.sha }}

.github/workflows/binary-ready-veracode-sast-policy-scan.yml

@@ -121,7 +121,7 @@ jobs:
 
       - name: Convert policy scan output to SARIF format for Java language
         if: github.event.client_payload.repository.language == 'Java'
-        uses: Veracode/veracode-pipeline-scan-results-to-sarif@v2.0.0
+        uses: Veracode/veracode-pipeline-scan-results-to-sarif@master
         with:
           scan-type: policy
           results-json: '/tmp/policy_flaws.json'
@@ -136,7 +136,7 @@ jobs:
 
       - name: Convert policy scan output to SARIF format for non Java language
         if: github.event.client_payload.repository.language != 'Java'
-        uses: Veracode/veracode-pipeline-scan-results-to-sarif@v2.0.0
+        uses: Veracode/veracode-pipeline-scan-results-to-sarif@master
         with:
           scan-type: policy
           results-json: '/tmp/policy_flaws.json'
@@ -167,6 +167,7 @@ jobs:
           repo_owner: ${{ github.event.client_payload.repository.owner }}
           github-token: ${{ github.event.client_payload.token }}
           repo_name: ${{ github.event.client_payload.repository.name }}
+          commitHash: ${{ github.event.client_payload.sha }}
           source_base_path_1: 'com/:src/main/java/com/'
           source_base_path_2: 'WEB-INF:src/main/webapp/WEB-INF'
 
@@ -178,3 +179,4 @@ jobs:
           repo_owner: ${{ github.event.client_payload.repository.owner }}
           github-token: ${{ github.event.client_payload.token }}
           repo_name: ${{ github.event.client_payload.repository.name }}
+          commitHash: ${{ github.event.client_payload.sha }}

.github/workflows/veracode-pipeline-scan.yml

@@ -108,9 +108,10 @@ jobs:
         uses: actions/download-artifact@v4
         with:
           name: "Veracode Pipeline-Scan Mitigated Filtered Results"
+
       - name: Convert pipeline scan output to SARIF format for java language
         if: inputs.language == 'Java'
-        uses: Veracode/veracode-pipeline-scan-results-to-sarif@severity-label
+        uses: Veracode/veracode-pipeline-scan-results-to-sarif@master
         with:
           pipeline-results-json: filtered_results.json
           output-results-sarif: veracode-results.sarif
@@ -121,9 +122,10 @@ jobs:
           githubToken: ${{ inputs.token }}
           source-base-path-1: 'com/:src/main/java/com/'
           source-base-path-2: 'WEB-INF:src/main/webapp/WEB-INF'
+
       - name: Convert pipeline scan output to SARIF format for non java language
         if: inputs.language != 'Java'
-        uses: Veracode/veracode-pipeline-scan-results-to-sarif@severity-label
+        uses: Veracode/veracode-pipeline-scan-results-to-sarif@master
         with:
           pipeline-results-json: filtered_results.json
           output-results-sarif: veracode-results.sarif
@@ -143,6 +145,7 @@ jobs:
         uses: actions/download-artifact@v4
         with:
           name: 'Veracode Pipeline-Scan Mitigated Filtered Results'
+
       - name: Create flaws as issues for java language
         if: inputs.language == 'Java'
         uses: veracode/[email protected]
@@ -154,6 +157,7 @@ jobs:
           commitHash: ${{ inputs.sha }}
           source_base_path_1: 'com/:src/main/java/com/'
           source_base_path_2: 'WEB-INF:src/main/webapp/WEB-INF'
+
       - name: Create flaws as issues for non java language
         if: inputs.language != 'Java'
         uses: veracode/[email protected]

.github/workflows/veracode-policy-scan.yml

@@ -117,9 +117,10 @@ jobs:
         with:
           name: policy-flaws
           path: /tmp
+
       - name: Convert policy scan output to SARIF format for java language
         if: inputs.language == 'Java'
-        uses: Veracode/veracode-pipeline-scan-results-to-sarif@v2.0.0
+        uses: Veracode/veracode-pipeline-scan-results-to-sarif@master
         with:
           scan-type: policy
           results-json: '/tmp/policy_flaws.json'
@@ -131,9 +132,10 @@ jobs:
           githubToken: ${{ inputs.token }}
           source-base-path-1: 'com/:src/main/java/com/'
           source-base-path-2: 'WEB-INF:src/main/webapp/WEB-INF'
+
       - name: Convert policy scan output to SARIF format for non java language
         if: inputs.language != 'Java'
-        uses: Veracode/veracode-pipeline-scan-results-to-sarif@v2.0.0
+        uses: Veracode/veracode-pipeline-scan-results-to-sarif@master
         with:
           scan-type: policy
           results-json: '/tmp/policy_flaws.json'
@@ -155,9 +157,10 @@ jobs:
         with:
           name: 'policy-flaws'
           path: /tmp
+
       - name: Create flaws as issues for java language
         if: inputs.language == 'Java'
-        uses: veracode/veracode-flaws-to-issues@severity-label
+        uses: veracode/veracode-flaws-to-issues@v2.2.24
         with:
           scan-results-json: '/tmp/policy_flaws.json'
           repo_owner: ${{ inputs.owner }}
@@ -166,9 +169,10 @@ jobs:
           commitHash: ${{ inputs.sha }}
           source_base_path_1: 'com/:src/main/java/com/'
           source_base_path_2: 'WEB-INF:src/main/webapp/WEB-INF'
+
       - name: Create flaws as issues for non java language
         if: inputs.language != 'Java'
-        uses: veracode/veracode-flaws-to-issues@severity-label
+        uses: veracode/veracode-flaws-to-issues@v2.2.24
         with:
           scan-results-json: '/tmp/policy_flaws.json'
           repo_owner: ${{ inputs.owner }}