Skip to content

Fix reachability filtering, add config file support #169

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
lelia merged 18 commits into from
Mar 12, 2026
Merged

Fix reachability filtering, add config file support #169

Changes from 1 commit
Commits
Show all changes
18 commits
Select commit Hold shift + click to select a range
e35491b
Add SARIF scoping/reachability controls, config file support
lelia Mar 10, 2026
44cd7f0
Add coverage for new SARIF scoping, config file behavior
lelia Mar 10, 2026
1b82588
Add config examples for different use cases
lelia Mar 10, 2026
464549a
Refactor docs to reduce README complexity, create dedicated CLI and C…
lelia Mar 10, 2026
98e8ee5
Bump version for release
lelia Mar 10, 2026
3cf14b6
Add shared selector/filter module
lelia Mar 11, 2026
b79a0f8
Refactor output handling to use shared alert selection
lelia Mar 11, 2026
b0673c8
Refactor Slack diff filtering to use shared selection semantics, fact…
lelia Mar 11, 2026
c9960d8
Add unit tests for shared selection logic
lelia Mar 11, 2026
ece3aa5
Add unit tests for new Slack behavior
lelia Mar 11, 2026
e0c766d
Update output tests for strict-blocking and SARIF
lelia Mar 11, 2026
9ded636
Add JSON config examples for reference
lelia Mar 11, 2026
3098639
Remove unnecessary backwards compat logic
lelia Mar 11, 2026
43ab7ff
Docs refactor for better readability, dedicated guides for CLI + CI/C…
lelia Mar 11, 2026
9b855c2
Bump version for release
lelia Mar 11, 2026
fe75425
Fix missing version check expected in PR preview
lelia Mar 11, 2026
0d95fbb
Fix PR preview worklfow to use updated version check
lelia Mar 11, 2026
3e6f722
Fix e2e regression tests to use correct SARIF flags and remove legacy…
lelia Mar 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Fix e2e regression tests to use correct SARIF flags and remove legacy… 
… assertions

Signed-off-by: lelia <lelia@socket.dev>
  • Loading branch information
@lelia
lelia committed Mar 11, 2026
commit 3e6f72278aaeb059b0b924fc58e62d1c457c8010
22 changes: 9 additions & 13 deletions .github/workflows/e2e-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,15 +63,6 @@ jobs:
python -m pip install --upgrade pip
pip install .

- name: Verify --sarif-reachable-only without --reach exits non-zero
run: |
if socketcli --sarif-reachable-only --api-token dummy 2>&1; then
echo "FAIL: Expected non-zero exit"
exit 1
else
echo "PASS: Exited non-zero as expected"
fi

- name: Run Socket CLI scan with --sarif-file
env:
SOCKET_SECURITY_API_KEY: ${{ secrets.SOCKET_CLI_API_TOKEN }}
Expand Down Expand Up @@ -164,23 +155,28 @@ jobs:
--target-path tests/e2e/fixtures/simple-npm \
--reach \
--sarif-file /tmp/sarif-all.sarif \
--sarif-scope full \
--sarif-reachability all \
--disable-blocking \
2>/dev/null || true
2>/dev/null

- name: Run scan with --sarif-file --sarif-reachable-only (filtered results)
- name: Run scan with --sarif-file --sarif-reachability reachable (filtered results)
env:
SOCKET_SECURITY_API_KEY: ${{ secrets.SOCKET_CLI_API_TOKEN }}
run: |
socketcli \
--target-path tests/e2e/fixtures/simple-npm \
--reach \
--sarif-file /tmp/sarif-reachable.sarif \
--sarif-reachable-only \
--sarif-scope full \
--sarif-reachability reachable \
--disable-blocking \
2>/dev/null || true
2>/dev/null

- name: Verify reachable-only results are a subset of all results
run: |
test -f /tmp/sarif-all.sarif
test -f /tmp/sarif-reachable.sarif
python3 -c "
import json
with open('/tmp/sarif-all.sarif') as f:
Expand Down
Loading