From b0b14d9641556293886e2971a1e6bd5cfaf997ab Mon Sep 17 00:00:00 2001 From: strtgbb <146047128+strtgbb@users.noreply.github.com> Date: Wed, 1 Jul 2026 14:24:26 -0400 Subject: [PATCH] add cve component to report --- .../actions/create_workflow_report/create_workflow_report.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/actions/create_workflow_report/create_workflow_report.py b/.github/actions/create_workflow_report/create_workflow_report.py index 2aadba55febd..a4e21f8e74eb 100755 --- a/.github/actions/create_workflow_report/create_workflow_report.py +++ b/.github/actions/create_workflow_report/create_workflow_report.py @@ -778,12 +778,17 @@ def format_prefix(pr_number, commit_sha, branch): rows = [] for scan_result in results: for match in scan_result["matches"]: + artifact = match.get("artifact", {}) + artifact_name = artifact.get("name", "") + artifact_version = artifact.get("version", "") + affected_component = f"{artifact_name} {artifact_version}".strip() rows.append( { "docker_image": scan_result["source"]["target"]["userInput"], "severity": match["vulnerability"]["severity"], "identifier": match["vulnerability"]["id"], "namespace": match["vulnerability"]["namespace"], + "affected_component": html.escape(affected_component), } )