Added a new option, threshold_fixable_only. When set to true, only vulnerabilities with a fix count towards threshold exceeded vulnerability counts. Vulnerabilities without a fix do not count towards the threshold. This option is intended to support workflows that wish to invoke custom logic, such as job failure, only when fixable vulnerabilities are present.
- Resolves #91
Added a new option, show_only_fixable_vulns. When enabled, the action will only display vulnerabilities for which a fix is available in the GitHub Actions step summary. Vulnerabilities without a fix are still present in the raw Inspector scan JSON or CSV.
- 🎉 Special thanks for the community contribution from @CarolMebiom! #115
Added reference in project README to the Amazon Inspector SBOM Generator software license: AWS Intellectual Property License.
- Resolves #120
An example workflow demonstrating these new features is available here.
For more information, feel encouraged to peruse the source code changes: #123
