search

checkmarx-ltd / cx-flow

Checkmarx Scan and Result Orchestration
Apache License 2.0
88 stars 86 forks source link

ADO Work Items that have been partially remediated do not change to reflect remediation (SAST) #935

Closed CxRW closed 6 months ago

CxRW commented 2 years ago

Description

ADO Work Items that contain multiple instances of a flaw (e.g., multiple lines) do not change in any way if some, but not all, of those instances are remediated.

Expected Behavior

Any lines corresponding to remediated instances of vulnerabilities should be struck through to indicate that they no longer apply.

Actual Behavior

There is no change to the Work Item and remediated lines are still shown in their original state.

Reproduction

1: Run SAST scan that creates Work Items in ADO 2: Identify a Work Item that shows multiple instances (line numbers) 3: Remediate one instance 4: Re-run SAST scan 5: Open Work Item and note that no change has occurred

Environment Details

CxFlow 1.6.28

itsKedar commented 6 months ago

Please check on our latest version 1.7.0 . If does not work please reopen issue.