Devassist: Realtime scanners (OSS, Secrets, Containers, IaC) with unified wrapper and enhanced parsing(AST-115438) #451
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…te and stub obsolete result classes
… Jackson deserialization
Collaborator
|
Great job! No new security vulnerabilities introduced in this pull requestUse @Checkmarx to reach out to us for assistance. Just send a PR comment with Examples: |
cx-atish-jadhav
requested review from
cx-anand-nandeshwar,
cx-anurag-dalke and
cx-umesh-waghode
cx-atish-jadhav
added a commit
that referenced
this pull request
Dec 29, 2025
commit d95cdea Merge: 09bebed bfcd160 Author: AST Sypher <astsypher@checkmarx.com> Date: Mon Dec 15 15:41:37 2025 +0530 Merge pull request #452 from Checkmarx/feature/update_cli_2.3.41 Update checkmarx-ast-cli binaries with 2.3.41 commit bfcd160 Author: cx-anurag-dalke <120229307+cx-anurag-dalke@users.noreply.github.com> Date: Mon Dec 15 09:54:20 2025 +0000 Update checkmarx-ast-cli to 2.3.41 commit 87bb7ad Author: github-actions <github-actions@github.com> Date: Mon Dec 15 09:54:19 2025 +0000 Track Checkmarx CLI binaries with Git LFS commit 09bebed Author: Atish Jadhav <141334503+cx-atish-jadhav@users.noreply.github.com> Date: Mon Dec 15 13:26:35 2025 +0530 Devassist: Realtime scanners (OSS, Secrets, Containers, IaC) with unified wrapper and enhanced parsing(AST-115438) (#451) * aimcp server changes * oss-realtime scanner changes * Create OssRealtimeVulnerability.java * Unify realtime scan wrappers; consolidate Secrets/IaC models; deprecate and stub obsolete result classes * Add ContainersRealtimeVulnerability model for containers realtime scan parsing * Add @JsonCreator constructor to OssRealtimeVulnerability for reliable Jackson deserialization * Refactoring package name and adding test for oss and mcp flag * Add integration tests for OSS, Container, and Secrets realtime scanners * Changed variable from id to CVE as per OSS response * Add maskedResult for secret remediation and change log level from INFO to DEBUG * Remove masked secrets functionality from codebase * Implemented mask cmd in java wrapper --------- Co-authored-by: cx-anand-nandeshwar <73646287+cx-anand-nandeshwar@users.noreply.github.com> Merge branch 'main' into feature/agentic_ai
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
References
Testing Automated
Unit tests:
Integration tests (assumption-guarded):
Manual
Prerequisites: Configure PATH_TO_EXECUTABLE for the Checkmarx CLI and ensure environment access as needed.
OSS:
Secrets:
Containers:
IaC:
Not covered / notes
Expected outcomes