Skip to content

Releases: suzuki-shunsuke/github-action-tfsec

v1.0.0

22 Oct 00:33
@suzuki-shunsuke suzuki-shunsuke
v1.0.0
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Learn about vigilant mode.
6b4afce
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.0.0 Latest
Latest

Issues | Pull Requests | v0.1.9...v1.0.0

#642 update Node.js 16 to 20

https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/#for-actions-maintainers

#658 Fix a bug that action succeeds even if tfsec fails

This bug was caused by a bug of reviewdog.

Assets 2
Loading

v0.1.9

09 Sep 00:41
@suzuki-shunsuke suzuki-shunsuke
v0.1.9
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Learn about vigilant mode.
dc436b3
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.9

Issues | Pull Requests | v0.1.8...v0.1.9

Features

#618 #620 Support tfsec v1.28.2. Parse the output of tfsec properly

As of tfsec v1.28.2, tfsec outputs the transition message to the standard output.

e.g.

======================================================
tfsec is joining the Trivy family

tfsec will continue to remain available
for the time being, although our engineering
attention will be directed at Trivy going forward.

You can read more here:
https://github.com/aquasecurity/tfsec/discussions/1994
======================================================
{
  "results": []
}

Because of this message, this action couldn't parse the output as JSON.

Parsing tfsec result
Error: Unexpected token = in JSON at position 1

This release enables to parse the output properly by removing the transition message before parsing the output as JSON.

Assets 2
Loading

v0.1.8

02 Sep 11:26
@suzuki-shunsuke suzuki-shunsuke
v0.1.8
This tag was signed with the committer’s verified signature. The key has expired.
suzuki-shunsuke Shunsuke Suzuki
GPG key ID: 8C1396BBB3626865
Expired
Learn about vigilant mode.
122c054
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.8

Pull Requests | v0.1.7...v0.1.8

Features

#612 Add an input ignore_hcl_errors

This option is disabled by default.

If this is enabled, tfsec's --ignore-hcl-errors is enabled.

tfsec v0.40.0 (Jun 9, 2021) supports --ignore-hcl-errors.

Assets 2
Loading

v0.1.7

18 Apr 02:51
@suzuki-shunsuke suzuki-shunsuke
v0.1.7
07dc756
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.7

Pull Requests | v0.1.6...v0.1.7

Bug Fixes

#103 Fix links to tfsec document

image

Assets 2
Loading

v0.1.6

08 Apr 22:56
@suzuki-shunsuke suzuki-shunsuke
v0.1.6
467b44b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.6

Pull Requests | v0.1.5...v0.1.6

Bug Fixes

#92 Support tfsec's CRITICAL severity type

Thanks to kei711

Assets 2
Loading

v0.1.5

25 Feb 00:02
@suzuki-shunsuke suzuki-shunsuke
v0.1.5
fa2b08e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.5

Pull Requests | v0.1.4...v0.1.5

Bug Fixes

#49 Make working_directory optional

Assets 2
Loading

v0.1.4

15 Feb 12:10
@suzuki-shunsuke suzuki-shunsuke
v0.1.4
5aeef1d
Compare
Choose a tag to compare
v0.1.4

Pull Requests | v0.1.3...v0.1.4

Feature

#31 Support Notification with github-comment

image

e.g.

- uses: suzuki-shunsuke/github-action-tfsec@main
  with:
    github_token: ${{ secrets.GITHUB_TOKEN }}
    working_directory: tests
    github_comment: true # Enable github-comment notification
Assets 2
Loading

v0.1.4-0

13 Feb 10:01
@suzuki-shunsuke suzuki-shunsuke
v0.1.4-0
a69403d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.4-0 Pre-release
Pre-release

Pull Requests | v0.1.3...v0.1.4-0

Feature

#31 Support Notification with github-comment

image

e.g.

- uses: suzuki-shunsuke/github-action-tfsec@main
  with:
    github_token: ${{ secrets.GITHUB_TOKEN }}
    working_directory: tests
    github_comment: true # Enable github-comment notification
Assets 2
Loading

v0.1.3

02 Feb 12:54
@suzuki-shunsuke suzuki-shunsuke
v0.1.3
cbf912c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.3

Pull Requests | v0.1.2...v0.1.3

Feature

#16 Change Reviewdog format from checkstyle to Reviewdog Diagnostic Format

Rewrite the composite action to Javascript Action.

TO BE (RDFormat)

The tfsec's rule id and link to the document are added.

image

Assets 2
Loading

v0.1.2

13 Jan 17:15
@suzuki-shunsuke suzuki-shunsuke
v0.1.2
db1480e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.2

Pull Requests | v0.1.1...v0.1.2

#4

  • Make inputs optional
  • Refactor
  • Improve README
  • Add test
Assets 2
Loading