smithy-security / smithy

6%

main: 6%

LAST BUILD ON BRANCH fix/semgrep-paths

branch: fix/semgrep-paths

CHANGE BRANCH

x

Reset

Sync Branches

• fix/semgrep-paths
• 332-fix-pdf-consumer
• 712-reachability-enricher-works-with-all-languages
• SAAS-7606-osv-do-not-differentiate-between-empty-and-malformed-file
• SAAS-7700-fix-abs-path-issue
• SAAS-7700-update-sarif-package
• SMITHY-540-codeql-node
• SMITHY-639-update-checkov
• SMITHY-642-improve-kics
• SMITHY_539_fix-vendor-detection-in-reachability-enricher
• add-component-release-channels
• add-logging-to-image-metadata-get
• add-metadata-publishing-to-image-get
• add-metadata-to-scanners
• add_soocon25_slides
• allow-reporters-to-run-without-findings
• andream16/OCU-223-local-example
• andream16/OCU-254/register-and-run-components-v1
• andream16/OCU-254/register-and-run-components-v2
• andream16/OCU-472/basic-smithyctl-boilerplate
• andream16/OCU-472/basic-smithyctl-boilerplate-and-cleanup
• andream16/add-annotations
• andream16/adding-attr-to-exploitability-enrichment
• andream16/adding-ocsf-ext
• andream16/automigrate-on-sqlite
• andream16/bump-components-targets
• andream16/bump-sarif-v0.0.4
• andream16/bump-sdk
• andream16/bump-sdk-0.0.7-alpha
• andream16/bump-sdk-v0.0.3-alpha
• andream16/bumping-deps
• andream16/discord-improvements
• andream16/dogfooding-duo
• andream16/feature/OCU-471-build-execute
• andream16/feature/dra-148-release-sarif-to-ocsf-package-and-update-dependant
• andream16/feature/ocu-267-explore-go-enum-on-sdk
• andream16/feature/ocu-268-replace-errors-and-fmterrorf-utilisations-for-go-errors-in
• andream16/feature/ocu-421-jira-on-new-sdk-pt-1
• andream16/feature/ocu-473-package--and-push-components-using-oras
• andream16/feature/ocu-481-version-command
• andream16/feature/saas-5016-as-a-smithy-engineer-i-want-to-extend-the-source-code
• andream16/feature/saas-610-implement-findings-storage-gateway-reader-and-writer/pt-1
• andream16/feature/saas-610/implement-findings-storage-gateway-reader-and-writer/pt-1
• andream16/feature/saas-610/implement-findings-storage-gateway-reader-and-writer/pt-2
• andream16/feature/saas-610/implement-findings-storage-gateway-reader-and-writer/pt-3
• andream16/feature/saas-610/implement-findings-storage-gateway-reader-and-writer/pt-4
• andream16/feature/smithy-556-linear-on-new-sdk
• andream16/feature/smithy-573-output-gitdiff-file-with-diff-of-branch-or-pr-against-the
• andream16/feature/user-98-rename-the-s3-target-to-source-code-artefact-and-extend-it
• andream16/fix-bug-not-handling-prs-refs
• andream16/fix-checkov-kics
• andream16/fix-linear-base-url
• andream16/fix-osv-scanner
• andream16/fix-smithyctl-target
• andream16/fix-typo-tf
• andream16/fix-wrong-custom-annotation-enrichment
• andream16/fixing-malformed-component-config
• andream16/git-clone-component
• andream16/go-sec-pipeline-components
• andream16/hack-me
• andream16/improve-local-golang-pipeline-example
• andream16/jira-reporter-template
• andream16/label
• andream16/link-to-runs
• andream16/lower-go-version-to-1.23
• andream16/misc-fixes
• andream16/pr-diff-enrichment
• andream16/prefix-targets
• andream16/prefix-targets-v2
• andream16/refreshing-docs
• andream16/removing-zap-with-orchestration-script
• andream16/repackage-components
• andream16/sdk-docs
• andream16/simplify-git-clone-diff-reporting
• andream16/stop-deleting-sqlite-db
• andream16/test-gh
• andream16/test-vuln
• andream16/track-reachability-type
• andream16/track-sdk-version
• andream16/tweak-components-no-findings
• andream16/unit-tests-jira-reporter
• andream16/update-discord-link
• andream16/update-docs
• andream16/update-references-to-smithy
• andream16/use-plain-http-setting-correctly
• battlecard-reporter
• better-issue-info
• bugfix/453/investigate/dependency-check
• bugfix/456/defectdojo-crashes-if-engagement-time-zero
• bugfix/460/tfsec-parser
• bugfix/component-description-fix
• bugfix/component-descriptions
• bugfix/pdf-consumer-fixes
• bugfix/scorecard-producer
• bugfix/trufflehog-missing-vendor-name-in-pr-commenter
• bugifx/pdf-consumer-file-path
• bugifx/pdf-format
• bugifx/pdf-format-2
• cdxgen-v1
• checkov
• close-713-port-reachability-to-new-sdk
• codeql-javascript-own-container
• codeql-producer
• codeql-producer-compiled-languages
• debug-jira
• default-temp-dir
• defectdojo-to-ocsf
• elasticsearch-component-yaml
• elasticsearch-to-new-sdk
• elixir-sast
• example-zap-with-script-orchestration
• exploitability-enrichment
• feature/440/changelog-utility
• feature/PythonSDKsmithyctlreadme
• feature/convert-pdf-consumer-to-new-sdk
• feature/ocsf_tests_old_path
• feature/ocu-221-implement-embedded-storage-backend-reader-and-writer
• feature/ocu-221-implement-embedded-storage-backend-reader-and-writer-pt-2
• feature/oscf_tests
• feature/saas-604-switch-saas-to-use-oss-v1-data-types
• filter_component
• fix-SAAS-1025-bandit-explodes-with-line-ranges
• fix-codeql-helm-template
• fix-custom-annotaiton-enricher
• fix-data-propagation-snyk
• fix-flaky-zap-test
• fix-pip-audit-experience
• fix-readme
• fix-revive-ignore-rules
• fix-trufflehog
• fix-zap-metadata-propagation
• fix-zap-packaging
• fix_dev_components
• github-link-enricher
• hack-hack
• image-go-getter
• k8s-clientset-debug-log-object
• kics
• localfileloader-filepath
• main
• make-bandit-run
• make-battlecard-actually-print-battlecard
• make-pdf-reporter-upload-to-configurable-s3-backends
• make-scanners-not-exit-on-0-findings
• make-scanners-with-wrapped-tools-flat-dirs
• make-slack-work-as-discord
• make-snyk-producers-produce-at-least-an-empty-result
• make-trivy-have-scanner-and-package
• make-zap-wait-for-passive-scan
• make-zaproxy-report-telemetry
• minor-improvement-for-checkov
• mobscan
• mobsf
• nancy-to-new-sdk
• new_bandit_component
• new_trufflehog_component
• nits
• nscuro-patch-1
• opencreEnrichers
• pip-safety-to-ocsf
• pretty-results-printer
• ptruscott/feature/data-enrichement-proto-messages
• ptzianos-northdpole/extend-artefact-fetcher
• ptzianos/add-labels-to-oci-packages-and-nits
• ptzianos/add-make-targets-for-tags
• ptzianos/add-more-docs
• ptzianos/add-package-writing-permission
• ptzianos/add-parameters-to-zap
• ptzianos/add-values-to-enum
• ptzianos/allow-component-params-with-no-value
• ptzianos/allow-targets-to-propagate-metadata
• ptzianos/bugfix-for-scanner-sdk
• ptzianos/bugfix-stdout-report
• ptzianos/build-images-with-smithyctl
• ptzianos/cleanup-deprecated-components
• ptzianos/cleanup-leftover-pipeline
• ptzianos/cleanup-migrations
• ptzianos/cleanup-some-refs
• ptzianos/codeql-v0-sdk-fix
• ptzianos/deprecate-git-clone-results
• ptzianos/ensure-zap-results-have-guids
• ptzianos/extend-data-source-proto
• ptzianos/extend-ocsf-validation-helpers
• ptzianos/extend-smithyctl-and-sdk-for-target-metadata-injection
• ptzianos/filter-out-jira-investigated-findings
• ptzianos/fix-component-image-pushing-and-docs
• ptzianos/fix-component-path-publish-workflow
• ptzianos/fix-container-generation-of-mobsf
• ptzianos/fix-go-versions-and-action-caching
• ptzianos/fix-gosec-params
• ptzianos/fix-image-push-flag
• ptzianos/fix-invocation-of-custom-image-targets
• ptzianos/fix-make-target
• ptzianos/fix-packaging-components
• ptzianos/fix-parameter-types-typo
• ptzianos/fix-path-reporting-of-zap
• ptzianos/fix-permissions-for-proto-gen
• ptzianos/fix-revive
• ptzianos/fix-sdk-version-resolution
• ptzianos/fix-typo-in-sdk
• ptzianos/fix-version-tag-of-packaged-components
• ptzianos/fix-workflow-run-build-labels
• ptzianos/force-users-to-set-executable-paths
• ptzianos/gha-producer-improvements
• ptzianos/github-codeql-runner-fixes
• ptzianos/improve-component-logging-output
• ptzianos/improve-fmt-job
• ptzianos/improve-sdk-ocsf-validation
• ptzianos/improve-snyk-node-folder-discovery
• ptzianos/improve-tagging-targets
• ptzianos/imrpove-sdk-testing-utils
• ptzianos/integrate-docker-creds-to-smithyctl
• ptzianos/make-component-step-image-resolution-more-flexible
• ptzianos/make-helpers-and-dependency-updates
• ptzianos/minor-makefile-cleanup
• ptzianos/ocu-502/allow-dynamic-volume-provisioning
• ptzianos/ocu-503/build-component-helper-images
• ptzianos/ocu-530/allow-git-clone-to-manage-pr-refs
• ptzianos/package-and-release-smithyctl
• ptzianos/pass-push-signal-to-custom-image-building
• ptzianos/prevent-codeql-images-from-overwriting-each-other
• ptzianos/push-auth-creds-to-custom-images
• ptzianos/refactor-linters-to-catch-all-components
• ptzianos/refactor-osv-scanner
• ptzianos/refactor-workspaces
• ptzianos/reintroduce-deduplication-db-migrations
• ptzianos/reintroduce-scripts
• ptzianos/reintroduce-third-party-scripts
• ptzianos/remediation-enrichment-type
• ptzianos/remove-tekton-from-clientset
• ptzianos/remove-trufflehog-debug-echo
• ptzianos/remove-unused-sobelow-var
• ptzianos/sdk-updates-for-zap
• ptzianos/simplify-git-clone-component
• ptzianos/smithy-576/improve-zap-entrypoint-subprocess-management
• ptzianos/smithy-582/print-error-stacktraces
• ptzianos/smithy-612/batch-findings
• ptzianos/smithy-614/paginate-everything
• ptzianos/smithy-631/add-default-high-severity-to-trufflehog
• ptzianos/smithyctl-dynamic-image-resolution
• ptzianos/smithyctl-packaging-and-building-improvements
• ptzianos/source-code-artefact/improve-target-metadata
• ptzianos/trivy-finding-ids
• ptzianos/update-all-components-to-sdk-v0.0.18-alpha
• ptzianos/update-sdk-env-dep-to-v0.0.3
• ptzianos/update-zap-sarif-to-ocsf-transformer
• ptzianos/update-zap-sdk
• ptzianos/update-zaproxy-sarif-transformer-library
• ptzianos/update-zaproxy-sdk-to-v0.0.16
• ptzianos/use-release-action-instead-of-artifact-upload
• ptzianos/v1-sdk-components
• refactor-zap-make-it-less-memory-hungry
• remove-rules-silencing-zap
• remove-unused-env-var
• revampt-docs
• saibamo-patch-1
• saibamo/add-python-sdk-classes
• saibamo/add-python-test-github-actions
• saibamo/add_correct_install_python_sdk_readme
• saibamo/add_new_enrichment_type_for_git_intel
• saibamo/add_note_to_git_history_enrichment
• saibamo/add_python_sdk_fix
• saibamo/debug_python_sdk_grpc_problems
• saibamo/fix_auto_proto_gen_python
• saibamo/fix_git_dependencies_in_pyproject_toml_causing_errors
• saibamo/fix_logger_error_in_enricher
• saibamo/fix_readme
• saibamo/improve_imports_python_sdk
• scanner-mapping-instructions
• semgrep-to-ocsf
• semgrep-with-rules
• senglezou/credo-improvements
• senglezou/fix-sobelow-readme
• senglezou/sobelow-improvements
• set-target-type-trivy
• set-vendor-info-for-vulnerabilities
• slack-to-new-sdk
• smithy-643-update-elasticsearch-client-version
• snyk-proxy
• snyk-sbom
• sobelow-support-for-empty-findings
• spain-2025-talks
• status-investigation-protos
• trivy-to-ocsf
• unified-snyk
• unify-code-ql
• update-credo-sarif-pkg
• update-credo-sobelow-components
• update-credo-sobelow-components-2
• update-make-file-to-work-on-macos-as-well
• update-sobelow-to-supported-version
• zap-browser-based-auth
• zap-nit-make-unauthenticated-scan-more-verbose
• zap-open-api
• zap-to-ocsf
• zap_orchestration_with_only_python

Build # 18406097447

Build Type

Pull #1115

github

Committed by web-flow

Commit Message

Merge 43c94e8e1 into c66ac062e

Pull Request Pull Request #1115: Fix Semgrep to use the relative paths instead of abosulte

Run Details

2070 of 37494 relevant lines covered (5.52%)

0.46 hits per line