From 9284d2f664ec201e83acab023f0d157642100d64 Mon Sep 17 00:00:00 2001 From: atishj99 <141334503+cx-atish-jadhav@users.noreply.github.com> Date: Tue, 26 May 2026 18:24:01 +0530 Subject: [PATCH 1/9] Changes for manifest parser for java and sbt --- go.mod | 6 +++++- go.sum | 2 -- .../realtimeengine/ossrealtime/oss-realtime.go | 14 +++++++++++--- 3 files changed, 16 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 5a93ebf35..7a0ea2237 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/Checkmarx/containers-types v1.0.9 github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 github.com/Checkmarx/gen-ai-wrapper v1.0.3 - github.com/Checkmarx/manifest-parser v0.1.2 + //github.com/Checkmarx/manifest-parser v0.1.2 github.com/Checkmarx/secret-detection v1.2.1 github.com/MakeNowJust/heredoc v1.0.0 github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74 @@ -36,6 +36,8 @@ require ( gotest.tools v2.2.0+incompatible ) +require github.com/Checkmarx/manifest-parser v0.0.0-00010101000000-000000000000 + require ( cel.dev/expr v0.25.1 // indirect cloud.google.com/go v0.123.0 // indirect @@ -394,3 +396,5 @@ require ( replace github.com/containerd/containerd => github.com/containerd/containerd v1.7.31 replace github.com/opencontainers/selinux => github.com/opencontainers/selinux v1.13.0 + +replace github.com/Checkmarx/manifest-parser => C:/Users/AtishJ/GitHub_Repo/manifest-parser diff --git a/go.sum b/go.sum index 705cd99ef..9600c01d2 100644 --- a/go.sum +++ b/go.sum @@ -97,8 +97,6 @@ github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 h1:SCuTcE github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63/go.mod h1:MI6lfLerXU+5eTV/EPTDavgnV3owz3GPT4g/msZBWPo= github.com/Checkmarx/gen-ai-wrapper v1.0.3 h1:p7lc/U4dFltsIxAEeWeDNW4+8ovvlJvdb5pVBLcbKs8= github.com/Checkmarx/gen-ai-wrapper v1.0.3/go.mod h1:xwRLefezwNNnRGu1EjGS6wNiR9FVV/eP9D+oXwLViVM= -github.com/Checkmarx/manifest-parser v0.1.2 h1:Sh2xkpeOWKu56Y7wo+ljckNGHAQX1uITEeH3cI2T0pg= -github.com/Checkmarx/manifest-parser v0.1.2/go.mod h1:hh5FX5FdDieU8CKQEkged4hfOaSylpJzub8PRFXa4kA= github.com/Checkmarx/secret-detection v1.2.1 h1:Hzpz74dcN/L14Q86ARvPOZpKBnERzGTpy6sl1RXKOTo= github.com/Checkmarx/secret-detection v1.2.1/go.mod h1:kbXbtIQisDdB/TNuV7r9HPclEznUyBHLQ5yr7IX7vBQ= github.com/CycloneDX/cyclonedx-go v0.10.0 h1:7xyklU7YD+CUyGzSFIARG18NYLsKVn4QFg04qSsu+7Y= diff --git a/internal/services/realtimeengine/ossrealtime/oss-realtime.go b/internal/services/realtimeengine/ossrealtime/oss-realtime.go index b2c5e0cfb..b221c3af7 100644 --- a/internal/services/realtimeengine/ossrealtime/oss-realtime.go +++ b/internal/services/realtimeengine/ossrealtime/oss-realtime.go @@ -144,7 +144,7 @@ func enrichResponseWithRealtimeScannerResults( for _, pkg := range result.Packages { entry := getPackageEntryFromPackageMap(packageMap, &pkg) response.Packages = append(response.Packages, OssPackage{ - PackageManager: pkg.PackageManager, + PackageManager: entry.PackageManager, PackageName: pkg.PackageName, PackageVersion: pkg.Version, FilePath: entry.FilePath, @@ -220,13 +220,17 @@ func prepareScan(pkgs []models.Package) (*OssPackageResults, *wrappers.RealtimeS func createPackageMap(pkgs []models.Package) map[string]OssPackage { packageMap := make(map[string]OssPackage) for _, pkg := range pkgs { - packageMap[generatePackageMapEntry(pkg.PackageManager, pkg.PackageName, pkg.Version)] = OssPackage{ + entry := OssPackage{ PackageManager: pkg.PackageManager, PackageName: pkg.PackageName, PackageVersion: pkg.Version, FilePath: pkg.FilePath, Locations: convertLocations(pkg.Locations), } + packageMap[generatePackageMapEntry(pkg.PackageManager, pkg.PackageName, pkg.Version)] = entry + if pkg.PackageManager == "gradle" || pkg.PackageManager == "sbt" { + packageMap[generatePackageMapEntry("mvn", pkg.PackageName, pkg.Version)] = entry + } } return packageMap } @@ -277,8 +281,12 @@ func createVersionMapping(requestPackages *wrappers.RealtimeScannerPackageReques // pkgToRequest transforms a parsed package into a scan request. func pkgToRequest(pkg *models.Package) wrappers.RealtimeScannerPackage { + pkgManager := pkg.PackageManager + if pkg.PackageManager == "gradle" || pkg.PackageManager == "sbt" { + pkgManager = "mvn" + } return wrappers.RealtimeScannerPackage{ - PackageManager: pkg.PackageManager, + PackageManager: pkgManager, PackageName: pkg.PackageName, Version: pkg.Version, } From 26d03eed15488a21983b700ce2ea1164df108c64 Mon Sep 17 00:00:00 2001 From: atishj99 <141334503+cx-atish-jadhav@users.noreply.github.com> Date: Mon, 22 Jun 2026 15:41:41 +0530 Subject: [PATCH 2/9] Squashed commit of the following: commit fc7392fc7f2bb3130bfa1aa58b227420583c23fd Author: Alon Rosenhek <80337069+cx-alon-rosenhek@users.noreply.github.com> Date: Thu Jun 18 16:57:08 2026 +0300 chore: remove .github/workflows/dependabot-auto-merge.yml --- .github/workflows/dependabot-auto-merge.yml | 25 --------------------- 1 file changed, 25 deletions(-) delete mode 100644 .github/workflows/dependabot-auto-merge.yml diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml deleted file mode 100644 index a048a3ec6..000000000 --- a/.github/workflows/dependabot-auto-merge.yml +++ /dev/null @@ -1,25 +0,0 @@ -name: Dependabot auto-merge -on: pull_request - -permissions: - contents: write - -jobs: - dependabot-merge: - runs-on: cx-public-ubuntu-x64 - if: ${{ github.actor == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: metadata - uses: step-security/dependabot-fetch-metadata@bf8fb6e0be0a711c669dc236de6e7f7374ba626e # v3.1.0 - with: - github-token: "${{ secrets.GH_TOKEN }}" - - name: Enable auto-merge for Dependabot PRs - env: - PR_URL: ${{github.event.pull_request.html_url}} - GITHUB_TOKEN: ${{secrets.GH_TOKEN}} - run: gh pr merge --auto --merge "$PR_URL" - - name: Auto approve dependabot PRs - uses: step-security/auto-approve-action@0c28339628c8e79ab2f6813291e7e6cd584b4d30 # v4.0.0 - with: - github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} From b37c9fb70e14f2a4d5d1bb19a29bc6f6286b2e6e Mon Sep 17 00:00:00 2001 From: atishj99 <141334503+cx-atish-jadhav@users.noreply.github.com> Date: Mon, 22 Jun 2026 16:00:18 +0530 Subject: [PATCH 3/9] used prerelease version of manifest parser --- go.mod | 4 +--- go.sum | 2 ++ 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 25b27f1ee..4fab08805 100644 --- a/go.mod +++ b/go.mod @@ -36,7 +36,7 @@ require ( gotest.tools v2.2.0+incompatible ) -require github.com/Checkmarx/manifest-parser v0.0.0-00010101000000-000000000000 +require github.com/Checkmarx/manifest-parser v0.1.3-0.20260608094502-6b5ebcc42e9f require ( cyphar.com/go-pathrs v0.2.1 // indirect @@ -335,6 +335,4 @@ replace github.com/containerd/containerd/v2 => github.com/containerd/containerd/ replace github.com/opencontainers/selinux => github.com/opencontainers/selinux v1.13.0 -replace github.com/Checkmarx/manifest-parser => C:/Users/AtishJ/GitHub_Repo/manifest-parser - replace github.com/opencontainers/runtime-spec => github.com/opencontainers/runtime-spec v1.2.0 diff --git a/go.sum b/go.sum index 34ee8d2aa..26d8075b4 100644 --- a/go.sum +++ b/go.sum @@ -77,6 +77,8 @@ github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 h1:SCuTcE github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63/go.mod h1:MI6lfLerXU+5eTV/EPTDavgnV3owz3GPT4g/msZBWPo= github.com/Checkmarx/gen-ai-wrapper v1.0.3 h1:p7lc/U4dFltsIxAEeWeDNW4+8ovvlJvdb5pVBLcbKs8= github.com/Checkmarx/gen-ai-wrapper v1.0.3/go.mod h1:xwRLefezwNNnRGu1EjGS6wNiR9FVV/eP9D+oXwLViVM= +github.com/Checkmarx/manifest-parser v0.1.3-0.20260608094502-6b5ebcc42e9f h1:G1Cv5y6aHJqqTNguJh3pXlHbqF8+IE0RBzM1p1UF+B0= +github.com/Checkmarx/manifest-parser v0.1.3-0.20260608094502-6b5ebcc42e9f/go.mod h1:hh5FX5FdDieU8CKQEkged4hfOaSylpJzub8PRFXa4kA= github.com/Checkmarx/secret-detection v1.2.1 h1:Hzpz74dcN/L14Q86ARvPOZpKBnERzGTpy6sl1RXKOTo= github.com/Checkmarx/secret-detection v1.2.1/go.mod h1:kbXbtIQisDdB/TNuV7r9HPclEznUyBHLQ5yr7IX7vBQ= github.com/CycloneDX/cyclonedx-go v0.10.0 h1:7xyklU7YD+CUyGzSFIARG18NYLsKVn4QFg04qSsu+7Y= From 3fa4166a7344803701228fc24b84edc565f9f5b0 Mon Sep 17 00:00:00 2001 From: atishj99 Date: Mon, 29 Jun 2026 18:24:19 +0530 Subject: [PATCH 4/9] refactor: extract package manager strings to constants Fix goconst lint warning by replacing repeated "gradle"/"sbt"/"mvn" string literals with named constants. Co-Authored-By: Claude Opus 4.7 (1M context) --- .../realtimeengine/ossrealtime/oss-realtime.go | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/internal/services/realtimeengine/ossrealtime/oss-realtime.go b/internal/services/realtimeengine/ossrealtime/oss-realtime.go index b221c3af7..9316b1a7e 100644 --- a/internal/services/realtimeengine/ossrealtime/oss-realtime.go +++ b/internal/services/realtimeengine/ossrealtime/oss-realtime.go @@ -16,6 +16,12 @@ import ( "github.com/pkg/errors" ) +const ( + pkgManagerGradle = "gradle" + pkgManagerSbt = "sbt" + pkgManagerMvn = "mvn" +) + // convertLocations converts models.Location to realtimeengine.Location func convertLocations(locations []models.Location) []realtimeengine.Location { var result []realtimeengine.Location @@ -228,8 +234,8 @@ func createPackageMap(pkgs []models.Package) map[string]OssPackage { Locations: convertLocations(pkg.Locations), } packageMap[generatePackageMapEntry(pkg.PackageManager, pkg.PackageName, pkg.Version)] = entry - if pkg.PackageManager == "gradle" || pkg.PackageManager == "sbt" { - packageMap[generatePackageMapEntry("mvn", pkg.PackageName, pkg.Version)] = entry + if pkg.PackageManager == pkgManagerGradle || pkg.PackageManager == pkgManagerSbt { + packageMap[generatePackageMapEntry(pkgManagerMvn, pkg.PackageName, pkg.Version)] = entry } } return packageMap @@ -282,8 +288,8 @@ func createVersionMapping(requestPackages *wrappers.RealtimeScannerPackageReques // pkgToRequest transforms a parsed package into a scan request. func pkgToRequest(pkg *models.Package) wrappers.RealtimeScannerPackage { pkgManager := pkg.PackageManager - if pkg.PackageManager == "gradle" || pkg.PackageManager == "sbt" { - pkgManager = "mvn" + if pkg.PackageManager == pkgManagerGradle || pkg.PackageManager == pkgManagerSbt { + pkgManager = pkgManagerMvn } return wrappers.RealtimeScannerPackage{ PackageManager: pkgManager, From ffffa1abada34489fd747c3ecc6553822cf5987e Mon Sep 17 00:00:00 2001 From: atishj99 Date: Mon, 29 Jun 2026 18:24:59 +0530 Subject: [PATCH 5/9] Updated version of manifest parser to use latest --- go.mod | 4 +--- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 4fab08805..ace9c1591 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/Checkmarx/containers-types v1.0.9 github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 github.com/Checkmarx/gen-ai-wrapper v1.0.3 - //github.com/Checkmarx/manifest-parser v0.1.2 + github.com/Checkmarx/manifest-parser v0.1.3 github.com/Checkmarx/secret-detection v1.2.1 github.com/MakeNowJust/heredoc v1.0.0 github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74 @@ -36,8 +36,6 @@ require ( gotest.tools v2.2.0+incompatible ) -require github.com/Checkmarx/manifest-parser v0.1.3-0.20260608094502-6b5ebcc42e9f - require ( cyphar.com/go-pathrs v0.2.1 // indirect github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect diff --git a/go.sum b/go.sum index 26d8075b4..236d15b7b 100644 --- a/go.sum +++ b/go.sum @@ -77,8 +77,8 @@ github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63 h1:SCuTcE github.com/Checkmarx/gen-ai-prompts v0.0.0-20240807143411-708ceec12b63/go.mod h1:MI6lfLerXU+5eTV/EPTDavgnV3owz3GPT4g/msZBWPo= github.com/Checkmarx/gen-ai-wrapper v1.0.3 h1:p7lc/U4dFltsIxAEeWeDNW4+8ovvlJvdb5pVBLcbKs8= github.com/Checkmarx/gen-ai-wrapper v1.0.3/go.mod h1:xwRLefezwNNnRGu1EjGS6wNiR9FVV/eP9D+oXwLViVM= -github.com/Checkmarx/manifest-parser v0.1.3-0.20260608094502-6b5ebcc42e9f h1:G1Cv5y6aHJqqTNguJh3pXlHbqF8+IE0RBzM1p1UF+B0= -github.com/Checkmarx/manifest-parser v0.1.3-0.20260608094502-6b5ebcc42e9f/go.mod h1:hh5FX5FdDieU8CKQEkged4hfOaSylpJzub8PRFXa4kA= +github.com/Checkmarx/manifest-parser v0.1.3 h1:cr+q7QkbkoCsoA5nQnv1/Pp23jnKWBePAwrcJNTk4x8= +github.com/Checkmarx/manifest-parser v0.1.3/go.mod h1:hh5FX5FdDieU8CKQEkged4hfOaSylpJzub8PRFXa4kA= github.com/Checkmarx/secret-detection v1.2.1 h1:Hzpz74dcN/L14Q86ARvPOZpKBnERzGTpy6sl1RXKOTo= github.com/Checkmarx/secret-detection v1.2.1/go.mod h1:kbXbtIQisDdB/TNuV7r9HPclEznUyBHLQ5yr7IX7vBQ= github.com/CycloneDX/cyclonedx-go v0.10.0 h1:7xyklU7YD+CUyGzSFIARG18NYLsKVn4QFg04qSsu+7Y= From 9e755cabdcadc107cff2e87391495ccf41bbfd43 Mon Sep 17 00:00:00 2001 From: atishj99 Date: Tue, 30 Jun 2026 14:53:16 +0530 Subject: [PATCH 6/9] trivy fixes --- go.mod | 8 ++++---- go.sum | 12 ++++++------ 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/go.mod b/go.mod index ace9c1591..dc8361b60 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/checkmarx/ast-cli -go 1.26.3 +go 1.26.4 require ( github.com/Checkmarx/containers-resolver v1.0.34 @@ -27,7 +27,7 @@ require ( github.com/stretchr/testify v1.11.1 github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 github.com/xeipuuv/gojsonschema v1.2.0 - golang.org/x/crypto v0.50.0 + golang.org/x/crypto v0.51.0 golang.org/x/sync v0.20.0 golang.org/x/text v0.37.0 google.golang.org/grpc v1.80.0 @@ -290,9 +290,9 @@ require ( go.yaml.in/yaml/v3 v3.0.4 // indirect golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f // indirect golang.org/x/mod v0.35.0 // indirect - golang.org/x/net v0.53.1-0.20260416132847-8c4c965e0284 // indirect + golang.org/x/net v0.55.0 // indirect golang.org/x/oauth2 v0.36.0 // indirect - golang.org/x/sys v0.44.0 // indirect + golang.org/x/sys v0.45.0 // indirect golang.org/x/term v0.43.0 // indirect golang.org/x/time v0.15.0 // indirect golang.org/x/tools v0.44.0 // indirect diff --git a/go.sum b/go.sum index 236d15b7b..3bcfb8bbd 100644 --- a/go.sum +++ b/go.sum @@ -1104,8 +1104,8 @@ golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/crypto v0.50.0 h1:zO47/JPrL6vsNkINmLoo/PH1gcxpls50DNogFvB5ZGI= -golang.org/x/crypto v0.50.0/go.mod h1:3muZ7vA7PBCE6xgPX7nkzzjiUq87kRItoJQM1Yo8S+Q= +golang.org/x/crypto v0.51.0 h1:IBPXwPfKxY7cWQZ38ZCIRPI50YLeevDLlLnyC5wRGTI= +golang.org/x/crypto v0.51.0/go.mod h1:8AdwkbraGNABw2kOX6YFPs3WM22XqI4EXEd8g+x7Oc8= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -1192,8 +1192,8 @@ golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qx golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.53.1-0.20260416132847-8c4c965e0284 h1:1Cik9TO30xv+Uycc5dXzAct+LiGidZMVM1U4chCI6o4= -golang.org/x/net v0.53.1-0.20260416132847-8c4c965e0284/go.mod h1:JvMuJH7rrdiCfbeHoo3fCQU24Lf5JJwT9W3sJFulfgs= +golang.org/x/net v0.55.0 h1:bcvxaJn3e1U6InsFWt1JUq1aSjnRxLzT2rtD2KfkDF8= +golang.org/x/net v0.55.0/go.mod h1:L5U2KuzuOe1lY7Z+aWVIKK6qEeJXnXV9yzGA+WCHJww= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1303,8 +1303,8 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.44.0 h1:ildZl3J4uzeKP07r2F++Op7E9B29JRUy+a27EibtBTQ= -golang.org/x/sys v0.44.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/sys v0.45.0 h1:dO4czNzziLiiXplLQgBCEpCvXQ3dnkn0SdaZSYdQ+FY= +golang.org/x/sys v0.45.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= From 5c6623a18d5a58410f1b1baaf4fbd28fd7709b1b Mon Sep 17 00:00:00 2001 From: atishj99 Date: Tue, 30 Jun 2026 14:55:38 +0530 Subject: [PATCH 7/9] kics changes --- internal/commands/scan.go | 50 ++----------------- internal/commands/util/remediation.go | 2 +- .../container_empty_folder_test.go | 2 +- .../container_images_validation_test.go | 2 +- 4 files changed, 8 insertions(+), 48 deletions(-) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index 583c596b5..62d205635 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -65,7 +65,7 @@ const ( containerVolumeFlag = "-v" containerNameFlag = "--name" containerRemove = "--rm" - containerImage = "checkmarx/kics:v2.1.20" + containerImage = "checkmarx/kics@sha256:643071cf0c1657eaea695a48b49d2d61b7e625bb87c51505530e624e0c0a1ad1" // v2.1.20 containerScan = "scan" containerScanPathFlag = "-p" containerScanPath = "/path" @@ -185,7 +185,6 @@ func NewScanCommand( groupsWrapper wrappers.GroupsWrapper, riskOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, - scanSummaryWrapper wrappers.ScanSummaryWrapper, jwtWrapper wrappers.JWTWrapper, scaRealTimeWrapper wrappers.ScaRealTimeWrapper, policyWrapper wrappers.PolicyWrapper, @@ -220,7 +219,6 @@ func NewScanCommand( groupsWrapper, riskOverviewWrapper, scsScanOverviewWrapper, - scanSummaryWrapper, jwtWrapper, policyWrapper, accessManagementWrapper, @@ -681,7 +679,6 @@ func scanCreateSubCommand( groupsWrapper wrappers.GroupsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, - scanSummaryWrapper wrappers.ScanSummaryWrapper, jwtWrapper wrappers.JWTWrapper, policyWrapper wrappers.PolicyWrapper, accessManagementWrapper wrappers.AccessManagementWrapper, @@ -716,7 +713,6 @@ func scanCreateSubCommand( groupsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, - scanSummaryWrapper, jwtWrapper, policyWrapper, accessManagementWrapper, @@ -792,7 +788,7 @@ func scanCreateSubCommand( ) createScanCmd.PersistentFlags().Bool(commonParams.ContainerResolveLocallyFlag, false, "Execute container resolver locally.") createScanCmd.PersistentFlags().String(commonParams.ContainerImagesFlag, "", "List of container images to scan, ex: manuelbcd/vulnapp:latest,debian:10") - createScanCmd.PersistentFlags().String(commonParams.ScanTypes, "", "Scan types, ex: (sast,iac-security,sca,api-security,aisc)") + createScanCmd.PersistentFlags().String(commonParams.ScanTypes, "", "Scan types, ex: (sast,iac-security,sca,api-security)") createScanCmd.PersistentFlags().String(commonParams.TagList, "", "List of tags, ex: (tagA,tagB:val,etc)") createScanCmd.PersistentFlags().StringP( @@ -1050,11 +1046,6 @@ func setupScanTypeProjectAndConfig( configArr = append(configArr, SCSConfig) } - var aiscConfig = addAiscScan(featureFlagsWrapper, resubmitConfig) - if aiscConfig != nil { - configArr = append(configArr, aiscConfig) - } - info["config"] = configArr var err2 error *input, err2 = json.Marshal(info) @@ -1182,25 +1173,6 @@ func overrideSastConfigValue(sastFastScanChanged, sastIncrementalChanged, sastLi } } -func addAiscScan(featureFlagWrapper wrappers.FeatureFlagsWrapper, resubmitConfig []wrappers.Config) map[string]interface{} { - // Add the aisc resubmit config, currently no value is passed in config - aiSupplyChainEnabled, _ := wrappers.GetSpecificFeatureFlag(featureFlagWrapper, wrappers.AISupplyChainEnabled) - aiSupplyChainGAEnabled, _ := wrappers.GetSpecificFeatureFlag(featureFlagWrapper, wrappers.AISupplyChainGAEnabled) - if scanTypeEnabled(commonParams.AiscType) && aiSupplyChainEnabled.Status && aiSupplyChainGAEnabled.Status { - aiscMapConfig := make(map[string]interface{}) - aiscConfig := wrappers.AISCConfig{} - aiscMapConfig[resultsMapType] = commonParams.AiscType - aiscMapConfig[resultsMapValue] = &aiscConfig - for _, config := range resubmitConfig { - if config.Type == commonParams.AiscType && config.Value == nil { - continue - } - } - return aiscMapConfig - } - return nil -} - func addKicsScan(cmd *cobra.Command, resubmitConfig []wrappers.Config) map[string]interface{} { if scanTypeEnabled(commonParams.KicsType) { kicsMapConfig := make(map[string]interface{}) @@ -1541,7 +1513,6 @@ func validateScanTypes(cmd *cobra.Command, jwtWrapper wrappers.JWTWrapper, featu scsLicensingV2Flag, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.ScsLicensingV2Enabled) allowedEngines, err := jwtWrapper.GetAllowedEngines(featureFlagsWrapper) - logger.PrintIfVerbose(fmt.Sprintf("Allowed scan types: %v", allowedEngines)) isSbomScan, _ := cmd.PersistentFlags().GetBool(commonParams.SbomFlag) @@ -2573,7 +2544,6 @@ func runCreateScanCommand( groupsWrapper wrappers.GroupsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, - scanSummaryWrapper wrappers.ScanSummaryWrapper, jwtWrapper wrappers.JWTWrapper, policyWrapper wrappers.PolicyWrapper, accessManagementWrapper wrappers.AccessManagementWrapper, @@ -2644,7 +2614,6 @@ func runCreateScanCommand( jwtWrapper, tenantWrapper, ) - defer cleanUpTempZip(zipFilePath) if err != nil { return errors.Errorf("%s", err) @@ -2685,7 +2654,6 @@ func runCreateScanCommand( resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, - scanSummaryWrapper, featureFlagsWrapper, ignorePolicyFlagOmit) if err != nil { @@ -2700,7 +2668,7 @@ func runCreateScanCommand( } results, reportErr := createReportsAfterScan(cmd, scanResponseModel.ID, scansWrapper, exportWrapper, resultsPdfReportsWrapper, resultsJSONReportsWrapper, - resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, scanSummaryWrapper, policyResponseModel, featureFlagsWrapper, ignorePolicyFlagOmit) + resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, policyResponseModel, featureFlagsWrapper, ignorePolicyFlagOmit) if reportErr != nil { return reportErr } @@ -2712,7 +2680,7 @@ func runCreateScanCommand( } } else { _, err = createReportsAfterScan(cmd, scanResponseModel.ID, scansWrapper, exportWrapper, resultsPdfReportsWrapper, resultsJSONReportsWrapper, resultsWrapper, - risksOverviewWrapper, scsScanOverviewWrapper, scanSummaryWrapper, nil, featureFlagsWrapper, ignorePolicyFlagOmit) + risksOverviewWrapper, scsScanOverviewWrapper, nil, featureFlagsWrapper, ignorePolicyFlagOmit) if err != nil { return err } @@ -2764,7 +2732,6 @@ func createScanModel( scanModel := wrappers.Scan{} // Try to parse to a scan model in order to manipulate the request payload err = json.Unmarshal(input, &scanModel) - if err != nil { return nil, "", errors.Wrapf(err, "%s: Input in bad format", failedCreating) } @@ -2877,7 +2844,6 @@ func handleWait( resultsWrapper wrappers.ResultsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, - scanSummaryWrapper wrappers.ScanSummaryWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper, ignorePolicyFlagOmit bool, ) error { @@ -2892,7 +2858,6 @@ func handleWait( resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, - scanSummaryWrapper, cmd, featureFlagsWrapper, ignorePolicyFlagOmit) @@ -2918,7 +2883,6 @@ func createReportsAfterScan( resultsWrapper wrappers.ResultsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, - scanSummaryWrapper wrappers.ScanSummaryWrapper, policyResponseModel *wrappers.PolicyResponseModel, featureFlagsWrapper wrappers.FeatureFlagsWrapper, ignorePolicyFlagOmit bool, @@ -2956,7 +2920,6 @@ func createReportsAfterScan( resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, - scanSummaryWrapper, exportWrapper, policyResponseModel, resultsPdfReportsWrapper, @@ -3132,7 +3095,6 @@ func waitForScanCompletion( resultsWrapper wrappers.ResultsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, - scanSummaryWrapper wrappers.ScanSummaryWrapper, cmd *cobra.Command, featureFlagsWrapper wrappers.FeatureFlagsWrapper, ignorePolicyFlagOmit bool, @@ -3150,7 +3112,7 @@ func waitForScanCompletion( logger.PrintfIfVerbose("Sleeping %v before polling", waitDuration) time.Sleep(waitDuration) running, err := isScanRunning(scansWrapper, exportWrapper, resultsPdfReportsWrapper, resultsJSONReportsWrapper, resultsWrapper, - risksOverviewWrapper, scsScanOverviewWrapper, scanSummaryWrapper, scanResponseModel.ID, cmd, featureFlagsWrapper, ignorePolicyFlagOmit) + risksOverviewWrapper, scsScanOverviewWrapper, scanResponseModel.ID, cmd, featureFlagsWrapper, ignorePolicyFlagOmit) if err != nil { return err } @@ -3182,7 +3144,6 @@ func isScanRunning( resultsWrapper wrappers.ResultsWrapper, risksOverViewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, - scanSummaryWrapper wrappers.ScanSummaryWrapper, scanID string, cmd *cobra.Command, featureFlagsWrapper wrappers.FeatureFlagsWrapper, @@ -3218,7 +3179,6 @@ func isScanRunning( resultsWrapper, risksOverViewWrapper, scsScanOverviewWrapper, - scanSummaryWrapper, nil, featureFlagsWrapper, ignorePolicyFlagOmit) // check this partial case, how to handle it if reportErr != nil { return false, errors.New("unable to create report for partial scan") diff --git a/internal/commands/util/remediation.go b/internal/commands/util/remediation.go index 7322a5fa8..a74c180ef 100644 --- a/internal/commands/util/remediation.go +++ b/internal/commands/util/remediation.go @@ -27,7 +27,7 @@ const ( filesContainerVolume = ":/files" resultsContainerLocation = "/kics/" containerRemove = "--rm" - ContainerImage = "checkmarx/kics:v2.1.20" + ContainerImage = "checkmarx/kics@sha256:643071cf0c1657eaea695a48b49d2d61b7e625bb87c51505530e624e0c0a1ad1" // v2.1.20 containerNameFlag = "--name" remediateCommand = "remediate" resultsFlag = "--results" diff --git a/test/integration/container_empty_folder_test.go b/test/integration/container_empty_folder_test.go index 07334373d..ff4345723 100644 --- a/test/integration/container_empty_folder_test.go +++ b/test/integration/container_empty_folder_test.go @@ -86,7 +86,7 @@ func TestContainerScan_EmptyFolderWithRegistryImages(t *testing.T) { "scan", "create", flag(params.ProjectName), getProjectNameForScanTests(), flag(params.SourcesFlag), "data/empty-folder.zip", - flag(params.ContainerImagesFlag), "checkmarx/kics:v2.1.11", + flag(params.ContainerImagesFlag), "checkmarx/kics@sha256:643071cf0c1657eaea695a48b49d2d61b7e625bb87c51505530e624e0c0a1ad1", // v2.1.20 flag(params.BranchFlag), "dummy_branch", flag(params.ScanTypes), params.ContainersTypeFlag, flag(params.ScanInfoFormatFlag), printer.FormatJSON, diff --git a/test/integration/container_images_validation_test.go b/test/integration/container_images_validation_test.go index ebe23f865..9a846f3eb 100644 --- a/test/integration/container_images_validation_test.go +++ b/test/integration/container_images_validation_test.go @@ -37,7 +37,7 @@ func TestContainerImageValidation_ValidFormats(t *testing.T) { }, { name: "ImageWithNamespaceAndTag", - imageFormat: "checkmarx/kics:v2.1.11", + imageFormat: "checkmarx/kics@sha256:643071cf0c1657eaea695a48b49d2d61b7e625bb87c51505530e624e0c0a1ad1", // v2.1.20 description: "Image with namespace and tag should be valid", }, { From 13f8601ebb849d41371c4feb40781f002200b0a6 Mon Sep 17 00:00:00 2001 From: atishj99 Date: Tue, 30 Jun 2026 17:11:30 +0530 Subject: [PATCH 8/9] Crypto vuln fixes --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index dc8361b60..04dbf0dec 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( github.com/stretchr/testify v1.11.1 github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 github.com/xeipuuv/gojsonschema v1.2.0 - golang.org/x/crypto v0.51.0 + golang.org/x/crypto v0.52.0 golang.org/x/sync v0.20.0 golang.org/x/text v0.37.0 google.golang.org/grpc v1.80.0 diff --git a/go.sum b/go.sum index 3bcfb8bbd..94aa7ba45 100644 --- a/go.sum +++ b/go.sum @@ -1104,8 +1104,8 @@ golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58= -golang.org/x/crypto v0.51.0 h1:IBPXwPfKxY7cWQZ38ZCIRPI50YLeevDLlLnyC5wRGTI= -golang.org/x/crypto v0.51.0/go.mod h1:8AdwkbraGNABw2kOX6YFPs3WM22XqI4EXEd8g+x7Oc8= +golang.org/x/crypto v0.52.0 h1:RMs7fP2rXdep0CftQlK8Uf+kibLm7qkCcradZWYz988= +golang.org/x/crypto v0.52.0/go.mod h1:1QgfPxDqh0T2M/elOJtp9RvuR95kVjir0e6/BvEmGbc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= From 85d56d1dd12a53642f2b459f202aac18e1e90e7b Mon Sep 17 00:00:00 2001 From: atishj99 Date: Wed, 1 Jul 2026 11:01:19 +0530 Subject: [PATCH 9/9] Updating the correct scan.go file --- internal/commands/scan.go | 48 +++++++++++++++++++++++++++++++++++---- 1 file changed, 44 insertions(+), 4 deletions(-) diff --git a/internal/commands/scan.go b/internal/commands/scan.go index 62d205635..0a5df02eb 100644 --- a/internal/commands/scan.go +++ b/internal/commands/scan.go @@ -185,6 +185,7 @@ func NewScanCommand( groupsWrapper wrappers.GroupsWrapper, riskOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, + scanSummaryWrapper wrappers.ScanSummaryWrapper, jwtWrapper wrappers.JWTWrapper, scaRealTimeWrapper wrappers.ScaRealTimeWrapper, policyWrapper wrappers.PolicyWrapper, @@ -219,6 +220,7 @@ func NewScanCommand( groupsWrapper, riskOverviewWrapper, scsScanOverviewWrapper, + scanSummaryWrapper, jwtWrapper, policyWrapper, accessManagementWrapper, @@ -679,6 +681,7 @@ func scanCreateSubCommand( groupsWrapper wrappers.GroupsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, + scanSummaryWrapper wrappers.ScanSummaryWrapper, jwtWrapper wrappers.JWTWrapper, policyWrapper wrappers.PolicyWrapper, accessManagementWrapper wrappers.AccessManagementWrapper, @@ -713,6 +716,7 @@ func scanCreateSubCommand( groupsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, + scanSummaryWrapper, jwtWrapper, policyWrapper, accessManagementWrapper, @@ -788,7 +792,7 @@ func scanCreateSubCommand( ) createScanCmd.PersistentFlags().Bool(commonParams.ContainerResolveLocallyFlag, false, "Execute container resolver locally.") createScanCmd.PersistentFlags().String(commonParams.ContainerImagesFlag, "", "List of container images to scan, ex: manuelbcd/vulnapp:latest,debian:10") - createScanCmd.PersistentFlags().String(commonParams.ScanTypes, "", "Scan types, ex: (sast,iac-security,sca,api-security)") + createScanCmd.PersistentFlags().String(commonParams.ScanTypes, "", "Scan types, ex: (sast,iac-security,sca,api-security,aisc)") createScanCmd.PersistentFlags().String(commonParams.TagList, "", "List of tags, ex: (tagA,tagB:val,etc)") createScanCmd.PersistentFlags().StringP( @@ -1046,6 +1050,11 @@ func setupScanTypeProjectAndConfig( configArr = append(configArr, SCSConfig) } + var aiscConfig = addAiscScan(featureFlagsWrapper, resubmitConfig) + if aiscConfig != nil { + configArr = append(configArr, aiscConfig) + } + info["config"] = configArr var err2 error *input, err2 = json.Marshal(info) @@ -1173,6 +1182,25 @@ func overrideSastConfigValue(sastFastScanChanged, sastIncrementalChanged, sastLi } } +func addAiscScan(featureFlagWrapper wrappers.FeatureFlagsWrapper, resubmitConfig []wrappers.Config) map[string]interface{} { + // Add the aisc resubmit config, currently no value is passed in config + aiSupplyChainEnabled, _ := wrappers.GetSpecificFeatureFlag(featureFlagWrapper, wrappers.AISupplyChainEnabled) + aiSupplyChainGAEnabled, _ := wrappers.GetSpecificFeatureFlag(featureFlagWrapper, wrappers.AISupplyChainGAEnabled) + if scanTypeEnabled(commonParams.AiscType) && aiSupplyChainEnabled.Status && aiSupplyChainGAEnabled.Status { + aiscMapConfig := make(map[string]interface{}) + aiscConfig := wrappers.AISCConfig{} + aiscMapConfig[resultsMapType] = commonParams.AiscType + aiscMapConfig[resultsMapValue] = &aiscConfig + for _, config := range resubmitConfig { + if config.Type == commonParams.AiscType && config.Value == nil { + continue + } + } + return aiscMapConfig + } + return nil +} + func addKicsScan(cmd *cobra.Command, resubmitConfig []wrappers.Config) map[string]interface{} { if scanTypeEnabled(commonParams.KicsType) { kicsMapConfig := make(map[string]interface{}) @@ -1513,6 +1541,7 @@ func validateScanTypes(cmd *cobra.Command, jwtWrapper wrappers.JWTWrapper, featu scsLicensingV2Flag, _ := wrappers.GetSpecificFeatureFlag(featureFlagsWrapper, wrappers.ScsLicensingV2Enabled) allowedEngines, err := jwtWrapper.GetAllowedEngines(featureFlagsWrapper) + logger.PrintIfVerbose(fmt.Sprintf("Allowed scan types: %v", allowedEngines)) isSbomScan, _ := cmd.PersistentFlags().GetBool(commonParams.SbomFlag) @@ -2544,6 +2573,7 @@ func runCreateScanCommand( groupsWrapper wrappers.GroupsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, + scanSummaryWrapper wrappers.ScanSummaryWrapper, jwtWrapper wrappers.JWTWrapper, policyWrapper wrappers.PolicyWrapper, accessManagementWrapper wrappers.AccessManagementWrapper, @@ -2614,6 +2644,7 @@ func runCreateScanCommand( jwtWrapper, tenantWrapper, ) + defer cleanUpTempZip(zipFilePath) if err != nil { return errors.Errorf("%s", err) @@ -2654,6 +2685,7 @@ func runCreateScanCommand( resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, + scanSummaryWrapper, featureFlagsWrapper, ignorePolicyFlagOmit) if err != nil { @@ -2668,7 +2700,7 @@ func runCreateScanCommand( } results, reportErr := createReportsAfterScan(cmd, scanResponseModel.ID, scansWrapper, exportWrapper, resultsPdfReportsWrapper, resultsJSONReportsWrapper, - resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, policyResponseModel, featureFlagsWrapper, ignorePolicyFlagOmit) + resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, scanSummaryWrapper, policyResponseModel, featureFlagsWrapper, ignorePolicyFlagOmit) if reportErr != nil { return reportErr } @@ -2680,7 +2712,7 @@ func runCreateScanCommand( } } else { _, err = createReportsAfterScan(cmd, scanResponseModel.ID, scansWrapper, exportWrapper, resultsPdfReportsWrapper, resultsJSONReportsWrapper, resultsWrapper, - risksOverviewWrapper, scsScanOverviewWrapper, nil, featureFlagsWrapper, ignorePolicyFlagOmit) + risksOverviewWrapper, scsScanOverviewWrapper, scanSummaryWrapper, nil, featureFlagsWrapper, ignorePolicyFlagOmit) if err != nil { return err } @@ -2732,6 +2764,7 @@ func createScanModel( scanModel := wrappers.Scan{} // Try to parse to a scan model in order to manipulate the request payload err = json.Unmarshal(input, &scanModel) + if err != nil { return nil, "", errors.Wrapf(err, "%s: Input in bad format", failedCreating) } @@ -2844,6 +2877,7 @@ func handleWait( resultsWrapper wrappers.ResultsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, + scanSummaryWrapper wrappers.ScanSummaryWrapper, featureFlagsWrapper wrappers.FeatureFlagsWrapper, ignorePolicyFlagOmit bool, ) error { @@ -2858,6 +2892,7 @@ func handleWait( resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, + scanSummaryWrapper, cmd, featureFlagsWrapper, ignorePolicyFlagOmit) @@ -2883,6 +2918,7 @@ func createReportsAfterScan( resultsWrapper wrappers.ResultsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, + scanSummaryWrapper wrappers.ScanSummaryWrapper, policyResponseModel *wrappers.PolicyResponseModel, featureFlagsWrapper wrappers.FeatureFlagsWrapper, ignorePolicyFlagOmit bool, @@ -2920,6 +2956,7 @@ func createReportsAfterScan( resultsWrapper, risksOverviewWrapper, scsScanOverviewWrapper, + scanSummaryWrapper, exportWrapper, policyResponseModel, resultsPdfReportsWrapper, @@ -3095,6 +3132,7 @@ func waitForScanCompletion( resultsWrapper wrappers.ResultsWrapper, risksOverviewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, + scanSummaryWrapper wrappers.ScanSummaryWrapper, cmd *cobra.Command, featureFlagsWrapper wrappers.FeatureFlagsWrapper, ignorePolicyFlagOmit bool, @@ -3112,7 +3150,7 @@ func waitForScanCompletion( logger.PrintfIfVerbose("Sleeping %v before polling", waitDuration) time.Sleep(waitDuration) running, err := isScanRunning(scansWrapper, exportWrapper, resultsPdfReportsWrapper, resultsJSONReportsWrapper, resultsWrapper, - risksOverviewWrapper, scsScanOverviewWrapper, scanResponseModel.ID, cmd, featureFlagsWrapper, ignorePolicyFlagOmit) + risksOverviewWrapper, scsScanOverviewWrapper, scanSummaryWrapper, scanResponseModel.ID, cmd, featureFlagsWrapper, ignorePolicyFlagOmit) if err != nil { return err } @@ -3144,6 +3182,7 @@ func isScanRunning( resultsWrapper wrappers.ResultsWrapper, risksOverViewWrapper wrappers.RisksOverviewWrapper, scsScanOverviewWrapper wrappers.ScanOverviewWrapper, + scanSummaryWrapper wrappers.ScanSummaryWrapper, scanID string, cmd *cobra.Command, featureFlagsWrapper wrappers.FeatureFlagsWrapper, @@ -3179,6 +3218,7 @@ func isScanRunning( resultsWrapper, risksOverViewWrapper, scsScanOverviewWrapper, + scanSummaryWrapper, nil, featureFlagsWrapper, ignorePolicyFlagOmit) // check this partial case, how to handle it if reportErr != nil { return false, errors.New("unable to create report for partial scan")