Merged
Conversation
…d to validate entitlement is defined and/or valid (fixes fortify#682)
rsenden
added a commit
that referenced
this pull request
Mar 12, 2025
chore: SSC/SC-SAST/SC-DAST session refactoring
proposed-feat-breaking: `fcli sc-sast session`: All SC-SAST session commands have been removed; please use `fcli ssc session` commands instead
proposed-feat-breaking: `fcli sc-dast session`: All SC-DAST session commands have been removed; please use `fcli ssc session` commands instead
proposed-feat-breaking: `fcli ssc session`: Now manages combined SSC/SC-SAST/SC-DAST sessions, allowing a single session to be used for invoking all SSC/SC-SAST/SC-DAST commands
proposed-feat-breaking: `fcli ssc session login`: Removed `--ci-token` option; please use `--token` option instead
proposed-feat: `fcli ssc session login`: Default session lifetime when authenticating with user credentials is now 3 days for recent SSC versions, instead of only 1 day
proposed-feat-breaking: `fcli sc-sast scan start`: If `--ssc-ci-token` is not explicitly specified, the SSC upload will be attempted using the SSC session token even if it is not a CIToken
proposed-feat: `fcli fod action run`: Add support for `--session=from-env` to dynamically create/clean up session from environment variables
proposed-feat: `fcli ssc action run`: Add support for `--session=from-env` to dynamically create/clean up session from environment variables
proposed-feat: `fcli ssc action run`: Add support for `sc-sast` and `sc-dast` request targets
docs: FoD/SSC: Various command usage help improvements, for example with regards to FCLI_DEFAULT_* usage on session login commands
chore: Refactor ActionRunner to use ActionData
chore: Refactor action classes for better structure
chore: Display dynamic session login/logout output
chore: Actions: refactor SpelEvaluator handling
chore: Schema changes: config
proposed-feat-breaking: Various changes to fcli action yaml syntax
chore: action-schema: `defaults:requestTarget` -> `config:defaultRequestTarget`
chore: action-schema: Add `config:output: immediate|delayed`
chore: action-schema: Add `config:sessionFromEnvOutput: suppress|show`
chore: Schema changes: addRequestTargets
chore: action-schema: `addRequestTargets` -> `steps:addRequestTargets`
chore: Fix action schema generation
chore: Rename dev action schema from fcli-action-schema-dev.json to fcli-action-schema-dev-<schema major version>.json to avoid for example fcli 3.x development releases from overwriting the dev schema for fcli 2.x development releases (if major schema version changed between those versions)
chore: Add 'fcli tool * run' commands
proposed-feat: New `fcli tool bugtracker-utility run` command
proposed-feat: New `fcli tool debricked-cli run` command
proposed-feat: New `fcli tool fod-uploader run` command
proposed-feat: New `fcli tool sc-client run` command
proposed-feat: New `fcli tool vuln-exporter run` command
chore: `fcli tool * run` updates
chore: Remove deprecated copy option values
proposed-feat-breaking: `fcli ssc appversion create`: Removed deprecated `BugTrackerConfiguration` as allowed value for `--copy` option; use `bugtracker` instead
proposed-feat-breaking: `fcli ssc appversion create`: Removed deprecated `AnalysisProcessingRules` as allowed value for `--copy` option; use `processing-rules` instead
docs: Update tool install usage help
chore: Minor `fcli tool * run` refactoring
chore: Add fcli run cmd, change stdout->debug log
proposed-feat: New `fcli tool fcli run` command
chore: Fix debug statement to use debug log instead of stdout
chore: Action variable/valueTemplate refactoring
chore: action-schema: `steps:set` -> `steps:var.set` with new syntax
chore: action-schema: `steps:append` removed; use new `steps:var.set` syntax
chore: action-schema: `steps:unset` - > `steps:var.unset` with new syntax
chore: action-schema: `steps:write` -> `steps:file.write`
chore: action-schema: `steps:write:valueTemplate` -> `steps:file.write:fmt`
chore: action-schema: `valueTemplates` -> `formatters`; use `${#action.fmt('<formatter name>',<input>)}` SpEL expression to format given input using given formatter name
ftest: Update session management
chore: Action schema changes
chore: action-schema: `config:defaultRequestTarget` -> `config:rest.target.default`
chore: action-schema: `steps:addRequestTargets` -> `steps:rest.target`
chore: action-schema: `steps:requests` -> `steps:rest.call`
chore: action-schema: `steps:fcli` -> `steps:run.fcli`
chore: action-schema: `steps:progress` -> `steps:log.progress`
chore: action-schema: `steps:warn` -> `steps:log.warn`
chore: action-schema: `steps:debug` -> `steps:log.debug`
ftest: Update session management
ftest: Fix `fcli action * run` tests
chore: Actions: Remove custom parameter converters
reason: Although resulting in slightly more complex syntax, it allows for much easier parameter processing implementation. This will allow us to use picocli for parameter processing in a future release, which would result in consistent option behavior and help output across regular fcli commands and fcli actions. It also provides better re-use; custom parameter types were only available on parameters, whereas the new SpEL-based approach can be use in any action step.
chore: action-schema: Removed `parameters:typeParameters`; no longer used
chore: action-schema: Removed `appversion_single` parameter type; use `av: ${#ssc.appVersion(parameters.appversion)}` in `var.set` step instead
chore: action-schema: Removed `filterset` parameter type; use `fs: ${#ssc.filterSet(av, parameters.filterset)}` in `var.set` step instead
chore: action-schema: Removed `release_single` parameter type; use `rel: ${#fod.release(parameters.release)}` in `var.set` step instead
chore: Update description for var.set
chore: Minor action refactoring/bug fix
chore: Request helpers configured through configuration we properly close, but request helpers configured through action steps were not
chore: Action schema changes
chore: Removed __sample__ action as many comments were outdated
chore: action-schema: Add `steps:var.fmt` as an easier alternative for `steps:set` with `valueTemplate` property
chore: action-schema: `parameters` -> `cli.options` with new syntax
chore: action-schema: `parameters:name` -> `cli.options` map keys
chore: action-schema: variable `parameters` -> `cli`
chore: action-schema: `parameters:cliAliases` -> `cli.options:alias`; only single alias allowed now, and 'cli' already mentioned in parent property
chore: action-schema: `formatters:name` -> `formatters` map keys
chore: action-schema: `formatters:contents` -> `formatters` map values
chore: Add action TODO
chore: Action schema changes
chore: action-schema: `steps:rest.target:name` -> `steps.rest.target` map keys
chore: Fix action formatter processing
chore: Cached SpEL expressions didn't account for formatter name, causing
different formatters to use the same (last processed) SpEL expression
if they have the same property path.
chore: Various action schema & implementation changes
chore: Update descriptions for action elements
chore: `parameters:defaultValue` -> `cli.options:default`
chore: `config:sessionFromEnvOutput` -> `config:session.from-env.output`
chore: Check that every action step contains exactly one instruction
chore: Fix postLoad() methods not being invoked on IActionElement instances in maps
chore: Action schema & implementation changes
chore: action-schema: `steps:check` now takes a map instead of list
chore: action-schema: `steps:check` outcome can now be accessed in later steps through ${checkStatus.<checkName>}
chore: Action elements contained in maps now have the ability to access the map key under which they are stored
chore: Action schema changes
chore: action-schema: `steps:rest.call:name` -> `steps:rest.call` map keys
chore: Update action yaml property description
chore: Rename interfaces
docs: Add initial 2.x->3.x migration guide
docs: Rename migration guide to prevent it being listed in list of release versions
chore: Action schema changes
chore: action-schema: Update property descriptions
chore: action-schema: `steps:rest.call:pagingProgress:prePageLoad` -> `steps:rest.call:log.progress:page.pre-load`
chore: action-schema: `steps:rest.call:pagingProgress:postPageLoad` -> `steps:rest.call:log.progress:page.post-load`
chore: action-schema: `steps:rest.call:pagingProgress:postPageProcess` -> `steps:rest.call:log.progress:page.post-process`
chore: action-schema: `steps:rest.call:onResponse` -> `steps:rest.call:on.success`
chore: action-schema: `steps:rest.call:onFail` -> `steps:rest.call:on.fail`
chore: action-schema: `steps:rest.call:forEach` -> `steps:rest.call:records.for-each`
chore: action-schema: `steps:forEach` -> `steps:records.for-each`
chore: action-schema: `steps:forEach:value` -> `steps:records.for-each:from`
chore: action-schema: `steps:forEach:processor` -> `steps:records.for-each:from`
chore: action-schema: All forEach-instructions: `name` property -> `record.var-name`
chore: action-schema: `steps:fcli:forEach` -> `steps:run.fcli:records.for-each`
chore: action-schema: `steps:fcli:name` -> `steps:run.fcli` map keys and `steps:run.fcli:records.collect=true`
chore: action-schema: `steps:fcli:args` -> `steps:run.fcli:cmd`
chore: action-schema: `steps:check:displayName` -> `steps:check:display-name`
chore: action-schema: `steps:check:failIf` -> `steps:check:fail.if`
chore: action-schema: `steps:check:passIf` -> `steps:check:pass.if`
chore: Action schema changes
chore: action-schema: `steps:var.unset` -> `steps:var.rm`
chore: action-schema: `steps:file.write` -> `steps:out.write` / `steps:out.fmt`
chore: Fix error due to global search/replace
chore: Action schema & implementation changes
chore: `steps:run.fcli`: Add `on.exception` property
chore: `steps:run.fcli`: Add `on.exit-fail` property
chore: `steps:rest.call`: Store exception in `<identifier>_exception` instead of `exception`
chore: Minor consistency improvement
chore: Remove fcli custom action PREVIEW labels
chore: Action schema changes
chore: action-schema: `steps:run.fcli`: Add `stdout.parse` and `stderr.parse` instructions
chore: Add generic actions
proposed-feat: Add `fcli action` commands for managing and running generic fcli actions that are not (directly) related to a specific product like SSC or FoD
proposed-feat: Add `fcli action run package` command for packaging source code using ScanCentral Client
chore: WIP: Add 'ci' and 'ci-vars' actions
chore: Action schema & implementation changes
chore: Move variable array/property operations to ActionRunnerVars for better reuse
chore: ActionRunnerVars: Add functionality for managing global variables
chore: action-schema: Add `steps:var.set-global` instruction
chore: action-schema: Add `steps:var.fmt-global` instruction
chore: action-schema: Add `steps:var.rm-global` instruction
chore: action-schema: Remove `steps:run.fcli:stdout.parse` instruction; use global variables instead
chore: action-schema: Remove `steps:run.fcli:stderr.parse` instruction; use global variables instead
chore: Although parsing fcli JSON output seemed to be a slightly more structured approach than global
variables, behavior was dependent on whether only one or both stdout.parse & stderr.parse was configured,
which could lead to errors if initially only stdout was parsed, but then later stderr was also being
parsed. Also, this approach didn't allow for sub-actions o output any progress/status messages, as
that would interfere with (JSON) parsing.
chore: Action changes
chore: Fix NPE for null template expressions
chore: Initial implementation for ci-vars action
chore: Action schema changes
chore: action-schema: `steps:run.fcli`: Allow either simple command expression or nested object
chore: action-schema: `steps:var.set`, `steps:var.set-global`, `steps:out.write`: Allow either simple expression or nested object with formatter & if-expression
chore: action-schema: `steps:var.fmt`, `steps:var.fmt-global`, `steps:out.fmt`: Removed as formatting is now supported on `steps:var.set*` and `steps:out.write`
chore: CI action changes
chore: Move 'package' and 'ci-vars' actions to common module, to have these available in 'action', 'ssc', and 'fod' modules
chore: Allow override of ci-vars action through CI_VARS_ACTION environment variable
chore: Allow extra options to be specified for ci-vars action through CI_VARS_ACTION_EXTRA_OPTS, for example to disable signature checks
chore: Action schema changes
chore: action-schema: `cli.options`: Add required `names` property to explicitly declare option names
chore: action-schema: `cli.options`: Remove `alias` property; merged into `names` property
chore: action-schema: `cli.options`: Map keys are no longer rendered as option names, to allow for easier SpEL references like `${cli.optName}` instead of `${cli['opt-name']}
chore: Add SpEL functions for handling env vars
chore: Minor action changes
chore: Allow for using existing package
chore: `fcli sc-sast scan` updates
proposed-feat: `fcli sc-sast scan start`: Add `-f / --file` option to specify scan payload; automatically detects MBS or package file
proposed-feat-breaking: `fcli sc-sast scan start`: Remove `-m / --mbs-file` option; replaced by `-f / --file`
proposed-feat-breaking: `fcli sc-sast scan start`: Remove `-p / --package-file` option; replaced by `-f / --file`
proposed-fix: `fcli sc-sast scan start`: Request Linux sensor if package contains file names that are incompatible with Windows sensors
proposed-feat: `fcli sc-sast scan start`: Add `--publish-as` option to specify the name of the FPR file that is uploaded to SSC
proposed-feat: `fcli sc-sast scan start`: Add `--no-replace` option to keep existing scan jobs
proposed-feat: `fcli sc-sast scan start`: Add `--scan-timeout` option to specify scan job time-out
proposed-feat: `fcli sc-sast scan start`: Add `--debug` option to request debug (diagnosis) logs to be collected for the scan job
proposed-feat: `fcli sc-sast scan download`: New command for downloading FPR, logs, job files
proposed-feat: `fcli sc-sast scan list`: New command for listing scan jobs
ftest: Fix CLI option for specifying package file
chore: `fcli tool` & functional test updates
proposed-feat: `fcli tool * install`: Allow cached tool installations to be re-used if fcli state information is lost (for example across different CI pipeline runs)
chore: A copy of the tool installation descriptor is now stored inside the tool installation directory, to allow for a cached tool installation to be recognized even if fcli state data is lost
ftest: Trigger workflow from ci.yml, instead of on workflow_run trigger
ftest: Improve session management, failing instead of skipping tests on session login failures
chore: Fix `-v` option on `fcli sc-sast scan start`
chore: action-schema: Fix description for cli.options
ftest: Update check for startScanFilter
chore: `fcli sc-sast scan start`: Update `--sargs`
proposed-feat-breaking: `fcli sc-sast scan start`: Local files referenced in `--sargs` must now be preceded with `@`, not `file:`. This is a shorter, more common convention for referencing files.
chore: Support EXTRA_OPTS on `--session=from-env`
chore: Refactoring, fix race condition
chore: Singleton race considitions occurred due to FcliCommandExecutor re-using existing command instances; this has been fixed by creating new (leaf) command instances
chore: Remove System.out debugging
chore: Remove unused import
proposed-fix: `fcli fod action run gitlab-sast-report`: Output empty string instead of `null` for description field
chore: Action schema & implementation changes
chore: action-schema: Add `steps:run.fcli:on.success`
chore: Fix conversion issues if JSON object is passed to `steps:log.*`
chore: Add various utility methods to ActionSpelFunctions
chore: Only register public methods as SpEL functions
chore: Some updates to ci.yaml & ci-vars.yaml actions
chore: Improve exception management & output
chore: Improve logging
chore: Improve fcli exception hierarchy
ftest: Fix some expected outputs
chore: Various improvements
docs: Update migration guide
chore: Action schema & implementation changes:
chore: action-schema: Remove `steps:run.fcli:on.exception` as it's likely not needed
chore: Some changes to ci-vars.yaml action
chore: Simplify/improve session & progress handling
chore: Action schema/implementation changes
chore: action-schema: Add steps:with:sessions instruction
chore: Refactor action session management to be more explicit and to avoid incorrect session being used, with 'fcli ssc/fod action run' commands now requiring an existing session again
chore: Update global ci.yaml action for the changes above
chore: Minor refactoring & improvements
chore: Refactor action step processors
chore: Further refactoring, fixes, improvements
chore: Refactoring, improvements, initial CSV support
chore: Improve CSV implementation
chore: Add Graal reflect config
chore: Add manual reflect-config.json
chore: Add reachability-metadata.json
chore: Remove dynamic proxy due to native image issues
chore: Remove obsolete Graal metadata
chore: Fix exception handling
chore: Add extra info to exception message
chore: Add extra error info
chore: Fix constructor visibility to fix issue in native binaries
ftest: Attempt to fix FoD functional tests
chore: Minor step formatting update
chore: Minor ci action update
chore: Action schema changes
chore: action-schema: `steps:var.set` and `steps:var.rm` can now also set/remove global variables
chore: action-schema: Removed `steps:var.set-global` and `steps:var.rm-global`
explanation: Having variables names without 'global.' prefix in var.set-global/var.rm-global, and
having to reference them with 'global.' prefix is confusing and error-prone due to forgetting the
'global.' prefix in variable reference; with this change, the exact same variable name can be used
in both variable references, var.set, and var.rm
chore: Action changes
chore: Update ActionRunnerVars to accept global.* variable names
chore: Some refactoring on action record writer framework
chore: Add support for writing data from steps:with:writers to action variables
chore: Add simple JSON to variable record writer
chore: Improve/simplify/fix action output handling
chore: Updated implementation allows for easily creating stdout/stderr writers through steps:with:writers
chore: Updated implementation allows for writing directly to ctx.getStdout()/ctx.getStderr(), instead of having to call writeImmediateOrDelayed()
chore: Updated implementation fixes progress messages in for example steps:run.fcli:records.for-each:do:progress instructions being suppressed
chore: Add initial servicenow-csv-report action
chore: Delete test actions
chore: Update action schema & implementation
chore: action-schema: Update/improve instruction descriptions
chore: action-schema: For `with:session:to:`, rename `var.json:...` to `var.array:...`
proposed-feat: New `fcli ssc aviator audit` command
chore: Fix policy check output being suppressed
ftest: Fix SSC role create test
chore: Log progress messages
chore: Action schema & progress writer updates
chore: Add `IProgressWriter::writeInfo` method
chore: action-schema: Add `steps:log.info` instruction
chore: action-schema: Update descriptions for `steps:log.progress` & `steps:log.info`
chore: Various action writer updates
chore: The number of records processed by a writer can now be access through a `<writerId>.count` action variable
chore: Added `json` output format that can be used independent of `var.json` configuration
chore: Updated actions based on the updates above
chore: Update action schema & implementation
chore: action-schema: For `with:writers:to:`, remove support for `var.array:varName`; can be more easily done through `var.set: varName..: <value>`
chore: action schema: For `with:writers:to:`, rename `var.text:varName` to just `var:varName` due to the above
chore: Minor changes
chore: Remove superfluous newlines in output
chore: Rename `--session` option
proposed-feat-breaking: `fcli fod`: Renamed `--session` option to `--fod-session`
proposed-feat-breaking: `fcli ssc`: Renamed `--session` option to `--ssc-session`
proposed-feat-breaking: `fcli sc-sast`: Renamed `--session` option to `--ssc-session`
proposed-feat-breaking: `fcli sc-dast`: Renamed `--session` option to `--ssc-session`
chore: Aviator changes
chore: Rename `fcli-aviator` module to `fcli-aviator-common`
chore: Create new `fcli-aviator` module containing `fcli aviator` commands
chore: Implement `fcli aviator session` commands
chore: Use distinct headers for session arg-groups
chore: Action schema & writer updates
chore: action-schema: `with:writers`: Add `style` instruction
chore: action-schema: `with:writers`: Remove `csv-plain` output type
chore: action-schema: `with:writers`: `options` now takes single TemplateExpression instead of Map
chore: `fcli aviator`: Add `admin-session` commands
docs: Update migration guide
chore: Action writer updates
proposed-fix: `fcli fod sast-scan start`: `--validate-entitlement` option added to validate entitlement is defined and/or valid (fixes #682) (#684)
Co-authored-by: kadraman <klee2@opentext.com>
chore: Action writer updates
chore: Add/update writers, update action schema
chore: Add expr, xml, yaml writers
chore: Add generic functionality for appending enum values to JSON property descriptions in action schema
chore: Update action schema property descriptions, list supported writer types & styles from enum values
chore: Writer updates
chore: Move record writers to main output.writer package
chore: Update fcli output framework to use new record writers
proposed-feat-breaking: `--output` option: Removed `json-properties` as this isn't used much
proposed-feat-breaking: `--output` option: Removed 'tree` & `tree-flat` as these weren't used much and contained bugs
proposed-feat-breaking: `--output` option: Removed `*-plain`, `*-flat`; these have been replaced by a new `--style` option
proposed-feat: New `--style` option to allow for overriding default output styles
chore: Rename style-related classes/properties
chore: Rename 'style' to 'style element'
chore: Rename 'styles' to 'style', with a style being defined by a set of style elements
docs: Some doc updates
chore: Fix some writer-related issues/functional tests
chore: Output writer updates
chore: Output writer updates
chore: Writer updates/fixes
chore: Change property/header separator from '=' to ':'
chore: Rename record writer 'options' to 'args'
chore: Fix `fcli ssc session login` client-auth-token prompt
chore: Improve log message on startup if no files to delete
docs: Publish generic action docs
chore: CI action usage updates
docs: Fix generic actions doc generation
chore: Fix record write close handling
chore: ci-action related updates
chore: Add SpEL function to determine whether built-in action exists, which might come in useful at some point
chore: Restructure SSC ci action
chore: Action schema & implementation changes
chore: action-schema: Add `steps:run.fcli:skip.if` instruction
chore: Remove obsolete SpEL functions
chore: Update SSC ci action based on the above
proposed-fix: Updated `app create` command for optional owner (fixes #686)
Co-authored-by: kadraman <klee2@opentext.com>
chore: `fcli tool * run`: Fix NPE if no descriptors found
chore: action-schema: Remove obsolete `config::session.from-env.output` property
chore: Improve serializer output
chore: Add missing `@JsonIgnore`
chore: Add `@ToString` for debugging purposes
chore: CI action & implementation changes
chore: action-schema: Rename variables set by run.fcli step to avoid conflicts
chore: action-schema: Add `<key>.skipped` variable in run.fcli output
chore: Update ci-vars action functionality
chore: Update SSC ci action functionality
proposed-feat: Add ability to configure fcli trust store through environment variables (#690)
proposed-feat: New aviator `Project`, `Entitlement` and `Token` Commands commands (#689)
Co-authored-by: cdatla <cdatla@opentext.com>
proposed-fix: `fod action run setup-release` added tech stack and language level (fixes #691) (#692)
Co-authored-by: kadraman <klee2@opentext.com>
chore: Remove unused imports
chore: Fix UnirestInstance::close/shutdown handling
chore: Fix unused/unchecked warnings
chore: Hide Aviator commands until Aviator release
chore: Minor usage header updates
chore: Update SSC ci action & related implementation
chore: Initial work for listing ci env vars
chore: ci env var description update
chore: ci action help updates
chore: Add missing native image resource config
chore: Update/fix action description ::include
docs: Add/update `-o`, `--style`, env vars, ...
docs: Enhance action usage help/AsciiDoc
docs: Fix AsciiDoc literal table layout
chore: Move incomplete ServiceNow action to temp location
chore: CI action fixes & new features
chore: Various ci action updates
chore: Attempt to fix build time action resources
proposed-fix: `fcli sc-sast scan status`: Use v4 endpoint to retrieve SSC-related properties
chore: Move data/state directories to ~/.fortify/fcli/v3/... to avoid conflicts with v2
chore: `fcli ssc session login`: Validate SC-SAST & SC-DAST connection
chore: ci-related updates
chore: action-schema: Add `config:run.fcli.group.default` and `steps:run.fcli:group` instructions
chore: Update output of `check` instructions to output a Markdown table
chore: Add `md-border` output style for table output
chore: Update SSC ci action
chore: Generate proper exit code
ftest: Fix functional tests due to changed fcli output
chore: Propagate exit code from nested fcli invocations
chore: Attempt to fix Gradle build
chore: Provide better error if SC-SAST/SC-DAST not available
ci: Only run FoD scan if secrets defined
ci: Run FoD scan on every branch
ci: Update for new rel/dev branch names
---------
Co-authored-by: kireetivar <81861747+kireetivar@users.noreply.github.com>
Co-authored-by: Kevin A. Lee <4321872+kadraman@users.noreply.github.com>
Co-authored-by: kadraman <klee2@opentext.com>
Co-authored-by: SangameshV <60685551+SangameshV@users.noreply.github.com>
Co-authored-by: cdatla <cdatla@opentext.com>
rsenden
added a commit
that referenced
this pull request
Mar 18, 2025
feat!: `fcli`:`--output` option: Removed some output formats, partially replaced by new `--style` option feat: `fcli`: New `--style` option to allow for overriding default output styles fix: `fcli fod action`: `setup-release`: Add tech stack and language level options (fixes #691) (#692) fix: `fcli fod action`: `gitlab-sast-report`: Output empty string instead of `null` for description field fix: `fcli fod app create`: Allow for optional or numeric owner (fixes #686) feat: `fcli fod app create`: New `--skip-if-exists` option fix: `fcli fod sast-scan start`: New `--validate-entitlement` option to validate entitlement is defined and/or valid (fixes #682) (#684) fix: `fcli fod dast-scan start`: New `--validate-entitlement` option to validate entitlement is defined and/or valid (fixes #682) (#684) fix: `fcli fod dast-scan start-legacy`: New `--validate-entitlement` option to validate entitlement is defined and/or valid (fixes #682) (#684) fix: `fcli fod mast-scan start`: New `--validate-entitlement` option to validate entitlement is defined and/or valid (fixes #682) (#684) fix: `fcli fod oss-scan start`: New `--validate-entitlement` option to validate entitlement is defined and/or valid (fixes #682) (#684) feat: `fcli fod issue`: New `update` command (resolves #669) (#698) feat!: `fcli fod`: Renamed `--session` option to `--fod-session` feat: `fcli config`: Add ability to configure fcli trust store through environment variables (#690) feat: `fcli aviator`: New module to manage Fortify Aviator and run Aviator audits (hidden until Aviator has been released) feat: `fcli * action`: New `package` action for packaging source code using ScanCentral Client feat!: `fcli * action`: Significant changes to fcli action yaml syntax; custom actions developed for fcli 2.x will not run on fcli 3.x, and vice versa feat: `fcli action`: New top-level action command for cross-product or product-agnostic actions feat!: `fcli sc-dast session`: All SC-DAST session commands have been removed; please use `fcli ssc session` commands instead feat!: `fcli sc-dast`: Renamed `--session` option to `--ssc-session` feat!: `fcli sc-sast session`: All SC-SAST session commands have been removed; please use `fcli ssc session` commands instead feat!: `fcli sc-sast`: Renamed `--session` option to `--ssc-session` fix: `fcli sc-sast scan status`: Use v4 endpoint to retrieve SSC-related properties feat: `fcli sc-sast scan list`: New command for listing scan jobs feat: `fcli sc-sast scan download`: New command for downloading FPR, logs, job files fix: `fcli sc-sast scan start`: Request Linux sensor if package contains file names that are incompatible with Windows sensors feat: `fcli sc-sast scan start`: Add `--debug` option to request debug (diagnosis) logs to be collected for the scan job feat: `fcli sc-sast scan start`: Add `--scan-timeout` option to specify scan job time-out feat: `fcli sc-sast scan start`: Add `--no-replace` option to keep existing scan jobs feat: `fcli sc-sast scan start`: Add `--publish-as` option to specify the name of the FPR file that is uploaded to SSC feat: `fcli sc-sast scan start`: Add `-f / --file` option to specify scan payload; automatically detects MBS or package file feat!: `fcli sc-sast scan start`: Local files referenced in `--sargs` must now be preceded with `@`, not `file:`. This is a shorter, more common convention for referencing files. feat!: `fcli sc-sast scan start`: Renamed `--ssc-ci-token` option to `--publish-token` to better describe the purpose feat!: `fcli sc-sast scan start`: Remove `-p / --package-file` option; replaced by `-f / --file` feat!: `fcli sc-sast scan start`: Remove `-m / --mbs-file` option; replaced by `-f / --file` feat!: `fcli ssc session`: Now manages combined SSC/SC-SAST/SC-DAST sessions, allowing a single session to be used for invoking all SSC/SC-SAST/SC-DAST commands feat!: `fcli ssc`: Renamed `--session` option to `--ssc-session` feat: `fcli ssc session login`: Default session lifetime when authenticating with user credentials is now 3 days for recent SSC versions, instead of only 1 day feat: `fcli ssc session login`: New `--sc-sast-url` option due to SC-SAST sessions now being managed through SSC sessions feat: `fcli ssc session login`: New `--client-auth-token` option due to SC-SAST sessions now being managed through SSC sessions feat!: `fcli ssc session login`: Removed `--ci-token` option; please use `--token` option instead feat: `fcli ssc action`: Add support for `sc-sast` and `sc-dast` request targets in action implementations feat!: `fcli ssc appversion create`: Removed deprecated `AnalysisProcessingRules` as allowed value for `--copy` option; use `processing-rules` instead feat!: `fcli ssc appversion create`: Removed deprecated `BugTrackerConfiguration` as allowed value for `--copy` option; use `bugtracker` instead feat!: `fcli ssc issue`: Removed hidden/preview `check` command, as this is now implemented through the `check-policy` action feat: `fcli tool`: Allow cached tool installations to be re-used if fcli state information is lost (for example across different CI pipeline runs) feat: `fcli tool`: New `run` commands for directly running installed tools through fcli
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is the fix for (#682) - the behaviour for SAST scans is now to NOT validate entitlement by default as this has caused some issues with entitlements that customers have been given.