Sync main to v1.3.0 (#126)

* Feature request 91 (#115)

* FR-91: Add cli arg only fixable vulnerability; use the variable in get_vuln_counts

* Revert "FR-91: Add cli arg only fixable vulnerability; use the variable in get_vuln_counts"

This reverts commit bc532d4.

* FR-91: Add cli arg only fixable vulnerability; use the variable in get_vuln_counts

* FR-91: Fix unit tests

* FR-91: Fix typo in unit tests

* Revert "FR-91: Fix typo in unit tests"

This reverts commit e645542.

* Revert "FR-91: Fix unit tests"

This reverts commit f9157c9.

* Revert "FR-91: Add cli arg only fixable vulnerability; use the variable in get_vuln_counts"

This reverts commit 812c685.

* FR-91: Change orchestrator to only find fixed vulnerabilities if flag show-only-fixed-vulnerabilities is present

* FR-91: Fixed missing variable

* FR-91: Fixed typo

* FR-91: Fixed typo

* FR-91: Another fix

* FR-91: Another fix

* FR-91: Another fix

* FR-91: Another fix

* FR-91: Another fix

* FR-91: Another fix

* FR-91: Another fix

* Add unit test for get_vuln_count

* Fix unit test for get_vuln_count

---------

Co-authored-by: Maria Carolina Conceição <carolina.bento@floy.com>

* Clarify license of inspector-sbomgen dependency (#121)

Co-authored-by: Michael Long <mlongii@amazon.com>

* [v1.3.0] Only trigger vuln threshold on fixable vulns (#122)

* Add --threshold-fixable-only to CLI

* implemented business logic

* changed 'threshold_fixable_only' from str to bool

* Added more test coverage and CLI refinements

* debugging failing unit test

* test threshold-fixable-only in workflow

* test threshold-fixable-only in workflow

* debugging CI/CD

* debugging CI/CD

* debugging

* debugging

* debugging

* debugging

* removed debug log showing CLI arguments

* add missing argument, fixed_vuln_counts

* simplify get_fixed_vuln_counts() return values

* refactor return types in get_scan_result()

* refactor

* refine get_fixed_vuln_counts()

* update test_get_fixed_vuln_counts()

* testing case sensitivity

* revert 'TRUE' to 'true'

* use debug log when vuln doesnt have rating

* integrate --show-only-fixable-vulns (part 1)

* integrate only show fixable vulns

* test example workflows

* fix CLI input arguments

* remove leading '-' character for conditional inclusion

* add a no-op CLI arg (workaround)

* enable new arguments in workflows

* fix failing test

* update workflows for prod

---------

Co-authored-by: Michael Long <mlongii@amazon.com>

* set workflows to v1.3.0 for burn-in

---------

Co-authored-by: CarolMebiom <59604360+CarolMebiom@users.noreply.github.com>
Co-authored-by: Maria Carolina Conceição <carolina.bento@floy.com>
Co-authored-by: Michael Long <mlongii@amazon.com>

Author: 4 people