sechub icon indicating copy to clipboard operation
sechub copied to clipboard

Published 20 hours ago verified publisher icon mercedes-benz

feat: improve scan and implement falsePositives

Open tvcsantos opened this issue 1 year ago • 3 comments

This PR adds support for false positives on GitHub actions by implementing falsePositives action. This action works for the following SecHub CLI actions:

  • defineFalsePositives with input action specified as DEFINE.
  • markFalsePositives with input action specified as MARK.
  • unmarkFalsePositives with input action specified as UNMARK.

This PR also improves and fixes scan action to be fully working with the latest client version. Previous getReport was failing since getReport does not support the additional input --reportformat. According to documentation getReport on CLI always outputs in JSON. This PR fixes that.

In addition also improved CLI binaries release download by using GitHub tool cache, so that we can download and cache the tool in runners.

Closes: #2078

tvcsantos avatar Feb 18 '24 21:02 tvcsantos