fcli icon indicating copy to clipboard operation
fcli copied to clipboard
verified publisher icon fortify

`fcli fod sast-scan start`: Allow overriding tool/version/method

Open rsenden opened this issue 2 years ago • 1 comments

When using fcli to submit scan requests from CI-specific integrations like fortify/github-action, we'd like to be able to specify the following scan attributes:

  • Method = CICD
  • Tool = GitHub Action
  • Tool Version = GitHub Action version

However, currently fcli doesn't provide options for overriding these attributes. Once implemented, we'll want to update the GitHub Action to utilize this.

Just wondering whether it's a good idea to allow anyone to override these, potentially making troubleshooting more difficult if people start specifying arbitrary tool names/versions. Maybe these options should be hidden?

rsenden avatar Oct 31 '23 17:10 rsenden

I think these fields should only be set by the integration itself and not user editable .

kadraman avatar Mar 26 '25 12:03 kadraman