Closed Paul-GitGuardian closed 10 months ago
Merging #790 (418523f) into main (dad570f) will decrease coverage by
0.02%
. Report is 9 commits behind head on main. The diff coverage is96.00%
.
:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.
@@ Coverage Diff @@
## main #790 +/- ##
==========================================
- Coverage 91.75% 91.73% -0.02%
==========================================
Files 154 154
Lines 6401 6428 +27
==========================================
+ Hits 5873 5897 +24
- Misses 528 531 +3
Flag | Coverage Δ | |
---|---|---|
unittests | 91.73% <96.00%> (-0.02%) |
:arrow_down: |
Flags with carried forward coverage won't be shown. Click here to find out more.
Files | Coverage Δ | |
---|---|---|
ggshield/verticals/iac/output/schemas.py | 100.00% <100.00%> (ø) |
|
...ld/verticals/iac/output/iac_json_output_handler.py | 92.10% <85.71%> (-3.25%) |
:arrow_down: |
And it lacks a changelog. This is a customer facing change that should be "changeloged"
And it lacks a changelog. This is a customer facing change that should be "changeloged"
I also added an example inside a collapsible section, I assume these work in the Github changelog ?
Changes the format of the JSON output for an iac diff scan.
Before
```json { "added_vulns": [ { "filename": "terraform/aws/s3.tf", "incidents": [ { "policy": "Allowing public exposure of a S3 bucket can lead to data leakage", "policy_id": "GG_IAC_0055", "line_end": 8, "line_start": 1, "description": "AWS S3 Block Public Access is a feature that allows setting up centralized controls\\nto manage public access to S3 resources.\\n\\nEnforcing the BlockPublicAcls, BlockPublicPolicy and IgnorePublicAcls rule on a bucket\\nallows to make sure that no ACL (Access control list) or policy giving public access\\ncan be associated with the bucket, and that existing ACL giving public access to\\nthe bucket will not be taken into account.", "documentation_url": "After
```json { "id": "fb0e9a92-de34-43f9-b779-17d25e99ab35", "iac_engine_version": "1.15.0", "type": "diff_scan", "entities_with_incidents": { "unchanged": [ { "filename": "s3.tf", "incidents": [ { "policy": "Allowing public exposure of a S3 bucket can lead to data leakage", "policy_id": "GG_IAC_0055", "line_end": 118, "line_start": 96, "description": "AWS S3 Block Public Access is a feature that allows setting up centralized controls\\nto manage public access to S3 resources.\\n\\nEnforcing the BlockPublicAcls, BlockPublicPolicy and IgnorePublicAcls rule on a bucket\\nallows to make sure that no ACL (Access control list) or policy giving public access\\ncan be associated with the bucket, and that existing ACL giving public access to\\nthe bucket will not be taken into account.", "documentation_url": "