Add fix object in Kubescape generated SARIF reports when available #1183
Assignees
Labels
feature
New feature or request
Comments
|
Maybe we should wait until GitHub answers your feature request? |
I think we can merge it now, as the fix object is already defined in SARIF specification. The SARIF report with fix object is still valid for GitHub Code Scanning Tool. |
|
This will also help with GitHub Actions integration so I don't see any reason to wait! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Overview
Add the fix object in Kubescape generated SARIF reports to reflect the available fixes generated by Kubescape.
The fix object represents a proposed fix for the problem indicated by the Result. It specifies a set of artifacts to modify. For each artifact, it specifies regions to remove, and provides new content to insert.
Additional context
Although there maybe no instant benefit for this addition, hopefully there will be some in the future, as I have submitted a feature request at GitHub for supporting the fix object for their Code Scanning Tool: https://github.com/orgs/community/discussions/52156
The text was updated successfully, but these errors were encountered: