Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: IaC SARIF output improvements [CFG-1313] [CFG-1314] #2524

Merged
merged 1 commit into from
Jan 9, 2022
Merged

feat: IaC SARIF output improvements [CFG-1313] [CFG-1314] #2524

merged 1 commit into from
Jan 9, 2022

Conversation

YairZ101
Copy link
Contributor

@YairZ101 YairZ101 commented Jan 4, 2022
edited

What does this PR do?

The snyk CLI generate SARIF output, which is then used for code scanning by GitHub.
We would like to improve our SARIF output which will enhance the UX when using GH code scanning.

How should this be manually tested?

  1. Test an IaC file/directory and save the output using snyk-dev iac test {path to the file/directory} --sarif > sarif.snyk
  2. Create a test repo and upload the sarif.snyk file to it
  3. Configure the Snyk IaC scanning tool in your repo
  4. Commit any changes and check the scanning results in the Securit tab.

Any background context you want to provide?

The following Notion page provides additional context.

What are the relevant tickets?

Screenshots

Before
image
After
image

Additional questions

@YairZ101 YairZ101 changed the title feat: IaC SARIF output improvements [CFG-1313] [ CFG-1314] feat: IaC SARIF output improvements [CFG-1313] [CFG-1314] Jan 4, 2022
@YairZ101 YairZ101 force-pushed the feat/iac_sarif_ouutput_improvements branch 7 times, most recently from 0b43fde to 4df6f71 Compare January 6, 2022 11:46
@YairZ101 YairZ101 marked this pull request as ready for review January 6, 2022 11:48
@YairZ101 YairZ101 requested a review from a team as a code owner January 6, 2022 11:48
@YairZ101 YairZ101 requested review from karniwl and teodora-sandu and removed request for karniwl January 6, 2022 11:48
@YairZ101 YairZ101 force-pushed the feat/iac_sarif_ouutput_improvements branch from 4df6f71 to 30746ef Compare January 6, 2022 13:47
@YairZ101 YairZ101 force-pushed the feat/iac_sarif_ouutput_improvements branch 2 times, most recently from 9931335 to 5728a57 Compare January 6, 2022 15:59
@github-actions
Copy link
Contributor

github-actions bot commented Jan 6, 2022
edited

Warnings
⚠️

Since the CLI is unifying on a standard and improved tooling, we're starting to migrate old-style imports and exports to ES6 ones.
A file you've modified is using either module.exports or require(). If you can, please update them to ES6 import syntax and export syntax.
Files found:

  • src/lib/formatters/iac-output.ts

Generated by 🚫 dangerJS against 0eb6429

@YairZ101 YairZ101 force-pushed the feat/iac_sarif_ouutput_improvements branch from 5728a57 to 4bbba68 Compare January 6, 2022 16:05
@YairZ101 YairZ101 force-pushed the feat/iac_sarif_ouutput_improvements branch from 4bbba68 to 0eb6429 Compare January 6, 2022 16:10
teodora-sandu
teodora-sandu approved these changes Jan 6, 2022
View reviewed changes
Copy link
Contributor

@teodora-sandu teodora-sandu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🎉

@YairZ101 YairZ101 merged commit 6bb68b3 into master Jan 9, 2022
@YairZ101 YairZ101 deleted the feat/iac_sarif_ouutput_improvements branch January 9, 2022 08:19
@YairZ101 YairZ101 mentioned this pull request Jan 16, 2022
Merged
1 task
@RotemMiara RotemMiara mentioned this pull request Aug 5, 2022
Open
@Jimimaku Jimimaku mentioned this pull request Aug 17, 2022
Open
@snyk-bot snyk-bot mentioned this pull request Aug 30, 2022
Closed
@snyk-bot snyk-bot mentioned this pull request Aug 31, 2022
Closed
@orfattal orfattal mentioned this pull request Sep 1, 2022
Closed
@snyk-bot snyk-bot mentioned this pull request Sep 2, 2022
Closed
@RyanPHigh RyanPHigh mentioned this pull request Nov 27, 2023
Open
@romathur romathur mentioned this pull request Nov 28, 2023
Open
This was referenced Nov 28, 2023
Open
Open
This was referenced Nov 29, 2023
Open
Open
This was referenced Mar 29, 2024
Open
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@teodora-sandu teodora-sandu teodora-sandu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@YairZ101 @teodora-sandu