Malicious vulnerabilities support was introduced in #889 but the CLI severity argument for SCA was not updated.
What has been done
Add support for --minimum-severity MALICIOUS, only for SCA scans
Validation
pipenv run ggshield sca scan ci -h should display MALICIOUS in the possible values of --minimum-severity
pipenv run ggshield sca scan all -h should display MALICIOUS in the possible values of --minimum-severity
pipenv run ggshield iac scan ci -h should NOT display MALICIOUS in the possible values of --minimum-severity
pipenv run ggshield iac scan all -h should NOT display MALICIOUS in the possible values of --minimum-severity
PR check list
[ ] As much as possible, the changes include tests (unit and/or functional)
[X] If the changes affect the end user (new feature, behavior change, bug fix) then the PR has a changelog entry (see doc/dev/getting-started.md). If the changes do not affect the end user, then the skip-changelog label has been added to the PR.
Context
Malicious vulnerabilities support was introduced in #889 but the CLI severity argument for SCA was not updated.
What has been done
Add support for
--minimum-severity MALICIOUS, only for SCA scansValidation
pipenv run ggshield sca scan ci -hshould display MALICIOUS in the possible values of--minimum-severitypipenv run ggshield sca scan all -hshould display MALICIOUS in the possible values of--minimum-severitypipenv run ggshield iac scan ci -hshould NOT display MALICIOUS in the possible values of--minimum-severitypipenv run ggshield iac scan all -hshould NOT display MALICIOUS in the possible values of--minimum-severityPR check list
skip-changeloglabel has been added to the PR.