Skip to content

Fix SCS error message when no Scorecard flags are set (AST-93338) #1152

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Jun 2, 2025
Merged

Fix SCS error message when no Scorecard flags are set (AST-93338) #1152

merged 5 commits into from
Jun 2, 2025
+84 −22

Conversation

cx-rui-gomes
Copy link
Contributor

@cx-rui-gomes cx-rui-gomes commented May 21, 2025
edited by jira bot
Loading

By submitting this pull request, you agree to the terms within the Checkmarx Code of Conduct. Please review the contributing guidelines for guidance on creating high-quality pull requests.

Description

Handling bug where in the scenario of passing --scan-types "scs" and not specifying scorecard specific flags such as token and repo, an error would be triggered, blocking further execution. The correct behavior is that scorecard should be skipped and a warning should be displayed while secret-detection should run. This PR addresses this by only giving error if scorecard is specifically stated to run with --scs-engine flag set to scorecard.

Type of Change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation update

Related Issues

AST-93338

Checklist

  • I have performed a self-review of my code
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)
  • Any dependent changes have been merged and published in downstream modules
  • I have updated the CLI help for new/changed functionality in this PR (if applicable)
  • All active GitHub checks for tests, formatting, and security are passing
  • The correct base branch is being used

Screenshots (if applicable)

Now:
image

Previously:
image

Additional Notes

Add any other relevant information.

Sorry, something went wrong.

@github-actions github-actions bot added the bug Something isn't working label May 21, 2025
@cx-rui-gomes cx-rui-gomes force-pushed the bug/scs-warning-msg branch from a61518d to d5a304f Compare May 21, 2025 11:55
@github-actions GitHub Actions
Copy link

github-actions bot commented May 21, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Details3f64644e-e653-44bd-8a03-24fbdf23103f

Great job, no security vulnerabilities found in this Pull Request

cx-diogo-rocha
cx-diogo-rocha previously approved these changes May 21, 2025
View reviewed changes
@cx-rui-gomes cx-rui-gomes force-pushed the bug/scs-warning-msg branch from 3beac77 to e505464 Compare May 22, 2025 16:36
@cx-rui-gomes cx-rui-gomes marked this pull request as ready for review May 23, 2025 11:17
@cx-rui-gomes cx-rui-gomes force-pushed the bug/scs-warning-msg branch from e505464 to 43473d0 Compare May 28, 2025 11:32
@cx-rui-gomes cx-rui-gomes force-pushed the bug/scs-warning-msg branch from 43473d0 to 9f436f6 Compare May 29, 2025 14:19
@cx-rui-gomes cx-rui-gomes enabled auto-merge May 29, 2025 14:20
@cx-rui-gomes cx-rui-gomes merged commit d7521b6 into main Jun 2, 2025
9 of 12 checks passed
@cx-rui-gomes cx-rui-gomes deleted the bug/scs-warning-msg branch June 2, 2025 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cx-diogo-rocha cx-diogo-rocha

@cx-ben-alvo cx-ben-alvo

@cx-daniel-greenspan cx-daniel-greenspan

@cx-anurag-dalke cx-anurag-dalke

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@cx-rui-gomes @cx-diogo-rocha @cx-ben-alvo