This pull request introduces two significant improvements to the PDS-IaC implementation. It addresses the need for customizable KICS version installations and refines the CWE handling in SARIF reports post KICS 1.7.13 update.
Changes
Customizable KICS Version (Closes #2835):
Implemented support for a $KICS_VERSION environment variable to specify the version of KICS to be installed during the Docker image build process.
The version number is included in the build process so it will later show when queried
Refined SARIF CWE Handling (Closes #3155):
Modified the SecHub workaround to conditionally add a default CWE identifier in SARIF reports only when KICS does not provide one.
Overview
This pull request introduces two significant improvements to the PDS-IaC implementation. It addresses the need for customizable KICS version installations and refines the CWE handling in SARIF reports post KICS 1.7.13 update.
Changes
Customizable KICS Version (Closes #2835):
$KICS_VERSION
environment variable to specify the version of KICS to be installed during the Docker image build process.Refined SARIF CWE Handling (Closes #3155):