Closed de-jcup closed 5 months ago
With #3092 (and others) we will integrate SCM history secret scanning.
But revision information is currently not available inside model.
The SecHub report model shall contain revision information possibility for findings
{ "jobUUID": "6cf02ccf-da13-4dee-b529-0225ed9661bd", "trafficLight": "YELLOW", "messages": [], "status": "SUCCESS", "reportVersion": "1.0", "result": { "count": 2, "findings": [ { "id": 1, "description": "Use of hard coded credentials", "severity": "HIGH", "code": { "location": "java/org/example/SomewhereWithCredentials.java", "line": 137, "column": 5, "source": "xyz", }, "revision" : { "id" : "57adf786209eaf01d9f26beb0a9e9fffdcf5f04b" } "type": "secretScan", "cweId": 798, } ] } }
When the revision information for a finding is NOT set, the revision will be always the revision defined inside the meta data for version control (see #3094 )
Situation
With #3092 (and others) we will integrate SCM history secret scanning.
But revision information is currently not available inside model.
Wanted
The SecHub report model shall contain revision information possibility for findings
Solution
When the revision information for a finding is NOT set, the revision will be always the revision defined inside the meta data for version control (see #3094 )