👽 Added support for the new JSON Format (#34)

* 🙈 Added raw report to ignore * 📝 Moved warning to latest usage location * 👽 Adjusted coding to work with new JSON Stream format * 🧑‍💻 Added Github Actions Extension * ✅ Running Integration Tests for PRs * 🔧 Updated the default version to latest * ♻️ Refactored local execution Instead of a separate class now an function is leveraged. * 🍱 Replaced static data with new format * 💚 Using path.join for access of static data * 🐛 Fixed Path issue for Local vs Testing
Templum · Apr 11, 2023 · a5f05f9 · a5f05f9
1 parent 5140ea8
commit a5f05f9
Show file tree

Hide file tree

Showing 12 changed files with 937 additions and 896 deletions.
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -48,12 +48,13 @@
                 }
             },
             "extensions": [
-                "golang.Go",
-                "streetsidesoftware.code-spell-checker",
-                "premparihar.gotestexplorer",
-                "wayou.vscode-todo-highlight",
-                "bierner.github-markdown-preview"
-            ]
+				"golang.Go",
+				"streetsidesoftware.code-spell-checker",
+				"premparihar.gotestexplorer",
+				"wayou.vscode-todo-highlight",
+				"bierner.github-markdown-preview",
+				"GitHub.vscode-github-actions"
+			]
         }
     },
     // Set *default* container specific settings.json values on container create.

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
@@ -1,5 +1,9 @@
 name: Integration Test
 on:
+  pull_request:
+    branches-ignore:
+      - dependabot/github_actions/*
+      - dependabot/docker/*
   push:
     branches:
       - main

diff --git a/.gitignore b/.gitignore
@@ -19,4 +19,5 @@
 
 # Used for testing locally
 .env
-hack/output.json
+
+raw-report.json
diff --git a/README.md b/README.md
@@ -39,6 +39,8 @@ Please be aware there will be no direct output to the console, all found vulnera
   This configuration uses a different version of go (1.18) scans ./... and will fail if at least one vulnerability was found.
   </summary>
 
+  > :warning: Choosing `vulncheck-version: latest` can include breaking changes to the JSON format, which will break this action.
+
 ```yaml
 name: My Workflow
 on: [push, pull_request]
@@ -166,6 +168,4 @@ jobs:
 
 > :warning: Please be aware that go-version should be a valid tag name for the [golang dockerhub image](https://hub.docker.com/_/golang/tags).
 
-> :warning: New versions of govulncheck might introduce new report formats, breaking this action. Hence the default version is always the last known working version.
-
 > :lock: Please be aware if the token is not specified it uses `github.token` for more details on that check [those docs](https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token)
diff --git a/action.yml b/action.yml
@@ -11,9 +11,9 @@ inputs:
     required: false
     default: "1.19"
   vulncheck-version:
-    description: "Version of govulncheck that should be used, by default v0.0.0-20230320232729-bfc1eaef17a4"
+    description: "Version of govulncheck that should be used, by default v0.0.0-20230331150530-a42f9910daf3"
     required: false
-    default: "v0.0.0-20230320232729-bfc1eaef17a4"
+    default: "v0.0.0-20230331150530-a42f9910daf3"
   github-token:
     description: "Github App token to upload sarif report. Needs write permissions for security_events. By default it will use 'github.token' value"
     default: ${{ github.token }}