Vulnerability Scan GitHub Action for Amazon Inspector

Version updated for https://github.com/aws-actions/vulnerability-scan-github-action-for-amazon-inspector to version v1.3.0.

• This publisher is shown as ‘verified’ by GitHub.
• This action is used across all versions by 25 repositories.

Go to the GitHub Marketplace to find the latest changes.

Release notes

Added a new option, threshold_fixable_only. When set to true, only vulnerabilities with a fix count towards threshold exceeded vulnerability counts. Vulnerabilities without a fix do not count towards the threshold. This option is intended to support workflows that wish to invoke custom logic, such as job failure, only when fixable vulnerabilities are present.

• Resolves #91

Added a new option, show_only_fixable_vulns. When enabled, the action will only display vulnerabilities for which a fix is available in the GitHub Actions step summary. Vulnerabilities without a fix are still present in the raw Inspector scan JSON or CSV.

• 🎉 Special thanks for the community contribution from @CarolMebiom! #115

Added reference in project README to the Amazon Inspector SBOM Generator software license: AWS Intellectual Property License.

• Resolves #120

An example workflow demonstrating these new features is available here.

For more information, feel encouraged to peruse the source code changes: #123

• aws-actions
• GitHub Actions