Vulnerability Scan GitHub Action for Amazon Inspector
Version updated for https://github.com/aws-actions/vulnerability-scan-github-action-for-amazon-inspector to version v1.3.0.
- This publisher is shown as ‘verified’ by GitHub.
- This action is used across all versions by 25 repositories.
Go to the GitHub Marketplace to find the latest changes.
Release notes
Added a new option, threshold_fixable_only
. When set to true, only vulnerabilities with a fix count towards threshold exceeded vulnerability counts. Vulnerabilities without a fix do not count towards the threshold. This option is intended to support workflows that wish to invoke custom logic, such as job failure, only when fixable vulnerabilities are present.
- Resolves #91
Added a new option, show_only_fixable_vulns
. When enabled, the action will only display vulnerabilities for which a fix is available in the GitHub Actions step summary. Vulnerabilities without a fix are still present in the raw Inspector scan JSON or CSV.
- 🎉 Special thanks for the community contribution from @CarolMebiom! #115
Added reference in project README to the Amazon Inspector SBOM Generator software license: AWS Intellectual Property License.
- Resolves #120
An example workflow demonstrating these new features is available here.
For more information, feel encouraged to peruse the source code changes: #123