Skip to content

Release - 0.2.0 features #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 75 commits into from
Apr 10, 2024
Merged

Release - 0.2.0 features #27

merged 75 commits into from
Apr 10, 2024

Conversation

@shailesh-veracode
Copy link
Collaborator

@shailesh-veracode shailesh-veracode commented Mar 12, 2024
edited
Loading

Below feature are covering for release 0.2.0 :

  • Display error message as annotations when invalid credentials or API keys occurs
  • Error message when the policy name isn’t found in the Veracode platform
  • Repository scan allow listing is now configurable in the central yaml file
  • Individual repository configuration - using the local build to overwrite the central configuration, which apply to application profile, policy
  • On-demand scanning based on a new GitHub issue creation
  • Static scan findings will be created under Issue upon developer code events
  • Static scan findings will be created under Security Issue upon developer code events
  • When open a PR against the analysis branch, a sandbox scan will be created off the developer branch
  • When the PR merged, a policy scan will be ran on the analysis branch
  • App Profile Mapping
  • Update configuration to supports tsql, plsql, php, scala, dart languages.
  • Update config to support break_build_policy_findings for IAC scan
  • CLI configuration

shailesh-veracode and others added 19 commits December 20, 2023 19:33
@shailesh-veracode
Update veracode-iac-secrets-scan.yml
56c60b8
@veeranjaneya-reddy
Implemented Veracode Policy Name Validation
681540c
@veeranjaneya-reddy
Added Break Build for Policy validation
a396cd2
@veeranjaneya-reddy
updated veracode-code-analysis.yml
113dea0
@veeranjaneya-reddy
Implemented Annotation Object to display annotations
5980eaa
@veeranjaneya-reddy
change in generate_signature file
9341d9b
@veeranjaneya-reddy
Update veracode-update-check-run.yml
d63ec00
@julz0815
Merge pull request #20 from veracode/feature/DXS_124
5f350bb 
Implemented Veracode Policy Name Validation
@julz0815
Revert "Implemented Veracode Policy Name Validation"
0881027
@julz0815
Merge pull request #24 from veracode/revert-20-feature/DXS_124
e6424b8 
Revert "Implemented Veracode Policy Name Validation"
@shailesh-veracode
Merge branch 'main' of github.com:veracode/github-actions-integration…
c94a295 
… into develop
@shailesh-veracode
added condition to support sandbox scan for all supporting language
4874fc8
@shailesh-veracode
added create issue and send report to security tab for policy and pip…
acead4b 
…eline scan
@shailesh-veracode
update properties name for security scanning
7e2f785
@shailesh-veracode
update properties name for code scanning alert
c0f8257
@shailesh-veracode
update java version
94127fe
@shailesh-veracode
added config for some of the new languages and update the sandbox con…
07c8bba 
…figuration
@shailesh-veracode
added analysis_on_platform flag for analysis feature
ee0cd35
@shailesh-veracode
added config for trigger scan on issue functionality
f447bf4
@shailesh-veracode shailesh-veracode changed the title Develop Release - 0.2.0 features Mar 13, 2024
p-nayak and others added 22 commits March 26, 2024 22:21
@p-nayak
Update veracode.yml
1ccdba2
@p-nayak
Update veracode.yml
bdd2519
@shailesh-veracode
Merge pull request #35 from p-nayak/yml_update
f46e901 
yml file update
@shailesh-veracode
update issue flaws config to show preview
99d263f
@shailesh-veracode
Merge branch 'develop' of github.com:veracode/github-actions-integrat…
3635b55 
…ion into develop
@shailesh-veracode
update code scanning alert action version which having the fixed for …
245ea6e 
…severity lable
@shailesh-veracode
fixed preview bug in issue creation flow
e002245
@shailesh-veracode
updated the version for action-helper
ef5d102
@shailesh-veracode
removed flaws_report.yml
b941d48
@shailesh-veracode
update workflow to handle multiple file
c914ee1
@shailesh-veracode
update tags to test the functionality
ec69dac
@veraakarthikbharadwaj
Artifact name to artifact file
f91ffa7
@shailesh-veracode
update version and mitigation artifact name
3956af1
@shailesh-veracode
Merge branch 'develop' of github.com:veracode/github-actions-integrat…
0ee3acc 
…ion into develop
@veraakarthikbharadwaj
Added register step template
f4b245e
@shailesh-veracode
executing remove-sandbox action after completing execution of policy …
10d6a30 
…scan
@veraakarthikbharadwaj
Introduce issue_trigger_flow flag to the metadata
11d1ad9
@shailesh-veracode
Added support for break build on finding for IAC scan
e08bbb5
@shailesh-veracode
Sandbox scan should not show on the PR checks for static scan
9be4881
@shailesh-veracode
Merge pull request #37 from veracode/issue/DXS-412
62565e6 
Sandbox scan should not show on the PR checks for static scan
@shailesh-veracode
Update binary-ready-veracode-sast-sandbox-scan
f98bbb6
@shailesh-veracode
fixed typo in sandbox scan workflow name
9bff1f2
@shailesh-veracode shailesh-veracode marked this pull request as ready for review April 10, 2024 05:05
julz0815
julz0815 approved these changes Apr 10, 2024
View reviewed changes
Copy link
Member

@julz0815 julz0815 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks fine to me and is based on the pre-prod testing we did.

@shailesh-veracode shailesh-veracode merged commit 522f0a2 into main Apr 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@julz0815 julz0815 julz0815 approved these changes

@mtawadrousv mtawadrousv Awaiting requested review from mtawadrousv

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@shailesh-veracode @julz0815 @veeranjaneya-reddy @veraakarthikbharadwaj @p-nayak