Using the json output is missing information about the repository

aquasecurity / chain-bench

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Apache License 2.0

718 stars 62 forks source link

Using the json output is missing information about the repository #90

Closed krol3 closed 2 years ago

krol3 commented 2 years ago

Using the json output: chain-bench scan -r $repo --access-token ${GITHUB_AUTH_TOKEN} -o my.json

The result don't have any information about the repository URL.

{
  "metadata": {
    "date": "2022-09-14T22:49:49-03:00",
    "statistics": {
      "passed": 5,
      "failed": 3,
      "unknown": 28,
      "total": 36
    }
  },
  "results": [
    {
      "id": "1.1.3",
      "name": "Ensure any change to code receives approval of two strongly authenticated users",
      "description": "Ensure that every code change is reviewed and approved by

naortalmor1 commented 2 years ago

We've released a new version with the url in the output file 😄