kics-github-action
kics-github-action copied to clipboard
Checkmarx
GitHub actions of KICS scan - Keeping Infrastructure as Code Secure
I saw that KICS supported pulumi so I added this action and noticed it was not getting [any results on the scan output](https://github.com/zacdirect/zac.direct/actions/runs/12426452309/job/34694751135). Looking over [the docs](https://docs.kics.io/latest/platforms/#pulumi), I see it...
When including the disable_secrets argument in the workflow, irrespective of the boolean value being passed it disables secrets scanning. To Reproduce: ``` yaml - name: "Scan with KICS" uses: checkmarx/[email protected]...
Hello, I would like to be able to exclude certain severities from being verbosely listed under the _Query Results_ table, while still being counted in the table which tallies the...
**Resolves: #137** This PR implements diff-aware reporting that filters KICS results to only show findings in files and lines changed in the pull request, eliminating noise from pre-existing issues in...
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. Release notes Sourced from actions/checkout's releases. v5.0.0 What's Changed Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226 Prepare v5.0.0 release by...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
### Problem Description Currently, when running KICS scans on pull requests, the action reports findings for **all files across the entire repository**, even when the PR only changes a small...
https://github.com/Checkmarx/kics-github-action/issues/134 This PR introduces a new fail_on_threshold input for the KICS GitHub Action, allowing users to specify severity thresholds using natural operators (e.g., high>1,low>5). When set, fail_on_threshold takes precedence over...
Hi , Would it be valuable to introduce a feature that allows end users to set custom severity thresholds—so that actions are marked as failed when these thresholds are exceeded?...
