Skip to content

Fix SCS error message when no Scorecard flags are set (AST-93338) #1152

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Jun 2, 2025

Conversation

cx-rui-gomes
Copy link
Contributor

@cx-rui-gomes cx-rui-gomes commented May 21, 2025

By submitting this pull request, you agree to the terms within the Checkmarx Code of Conduct. Please review the contributing guidelines for guidance on creating high-quality pull requests.

Description

Handling bug where in the scenario of passing --scan-types "scs" and not specifying scorecard specific flags such as token and repo, an error would be triggered, blocking further execution. The correct behavior is that scorecard should be skipped and a warning should be displayed while secret-detection should run. This PR addresses this by only giving error if scorecard is specifically stated to run with --scs-engine flag set to scorecard.

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update

Related Issues

AST-93338

Checklist

  • I have performed a self-review of my code
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)
  • Any dependent changes have been merged and published in downstream modules
  • I have updated the CLI help for new/changed functionality in this PR (if applicable)
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used

Screenshots (if applicable)

Now:
image

Previously:
image

Additional Notes

Add any other relevant information.

Sorry, something went wrong.

@github-actions github-actions bot added the bug Something isn't working label May 21, 2025
@cx-rui-gomes cx-rui-gomes force-pushed the bug/scs-warning-msg branch from a61518d to d5a304f Compare May 21, 2025 11:55
Copy link

github-actions bot commented May 21, 2025

Logo
Checkmarx One – Scan Summary & Details3f64644e-e653-44bd-8a03-24fbdf23103f

Great job, no security vulnerabilities found in this Pull Request

cx-diogo-rocha
cx-diogo-rocha previously approved these changes May 21, 2025
@cx-rui-gomes cx-rui-gomes force-pushed the bug/scs-warning-msg branch from 43473d0 to 9f436f6 Compare May 29, 2025 14:19
@cx-rui-gomes cx-rui-gomes enabled auto-merge May 29, 2025 14:20
@cx-rui-gomes cx-rui-gomes merged commit d7521b6 into main Jun 2, 2025
9 of 12 checks passed
@cx-rui-gomes cx-rui-gomes deleted the bug/scs-warning-msg branch June 2, 2025 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants