Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
eb42d78
feat: add CVE priority levels to vulnerability GraphQL API and issue …
ybelMekk May 25, 2026
de05bd4
feat(vulnerability): expose CVE priority, EPSS, KEV fields in GraphQL…
ybelMekk May 28, 2026
fb8abd0
chore: bump v13s to v0.0.0-20260528121134-739c7136ac8e (cve-priority …
ybelMekk May 28, 2026
6b10eb6
refactor: simplify toWorkloadVulnerabilitySummary — v13s now zeroes c…
ybelMekk May 28, 2026
c44e4cf
fix: address gosec int32 cast and update issue expectation
ybelMekk Jun 2, 2026
2837b5d
chore(deps): bump v13s api to af9d5e6
ybelMekk Jun 2, 2026
8715772
fix(vulnerability): adapt API to v13s risk-tier model
ybelMekk Jun 2, 2026
92438d5
test(vulnerability): cover CVE risk-tier derivation
ybelMekk Jun 2, 2026
571be08
feat(vulnerability): expose fixVersion on image vulnerabilities
ybelMekk Jun 2, 2026
4902d26
fix(vulnerability): handle RISK_TIER_UNSPECIFIED in risk-tier mapping
ybelMekk Jun 3, 2026
9b73b2b
feat(vulnerability): expose KEV and EPSS fields on ImageVulnerability
ybelMekk Jun 3, 2026
3c9d4f4
fix(vulnerability): map PRIORITY sort to cve priority order
ybelMekk Jun 3, 2026
19626b1
chore(deps): bump v13s api after exploitable removal
ybelMekk Jun 4, 2026
c9a6541
fix(vulnerability): clean enum docs and normalize fake EPSS percentile
ybelMekk Jun 4, 2026
c66a29c
feat(vulnerability): add ransomwareCount, highEpssCount, and topRiskT…
ybelMekk Jun 9, 2026
b664cbe
feat(vulnerability): add riskTier field to vulnerability summaries
ybelMekk Jun 10, 2026
1e5d874
chore(deps): bump v13s api
ybelMekk Jun 16, 2026
ba67dd5
feat(vulnerability): align CVE priority with v13s priority
ybelMekk Jun 16, 2026
1c6e0a1
fix(vulnerability): remove legacy risk-tier fallback
ybelMekk Jun 16, 2026
b698e60
fix(issue): only flag immediate vulnerabilities
ybelMekk Jun 16, 2026
d036af8
test(vulnerability): remove outdated CVE priority derivation tests
ybelMekk Jun 16, 2026
9c91c28
feat(vulnerability): add riskTier field to vulnerability summaries
ybelMekk Jun 16, 2026
80315d0
chore(deps): align v13s api with main
ybelMekk Jun 16, 2026
1f20931
refactor(vulnerability): hard-remove priority summary extras
ybelMekk Jun 17, 2026
dbed331
chore(deps): bump v13s api to latest main
ybelMekk Jun 17, 2026
c66f0f3
fix(vulnerability): revert ingress class tests
ybelMekk Jun 17, 2026
2f2c37f
refactor(vulnerability): rename CVE priority IMMEDIATE to ACT_NOW
ybelMekk Jun 18, 2026
cd253be
fix(issue): replace immediate wording with ACT_NOW
ybelMekk Jun 19, 2026
ecae3a7
refactor(vulnerability): rename riskTier to priority and remove highE…
ybelMekk Jun 19, 2026
abcef0a
fix(vulnerability): update ACT_NOW wording to lowercase 'act_now' in …
ybelMekk Jun 19, 2026
bf020ad
fix(vulnerability): deprecate ExternalIngressCriticalVulnerabilityIss…
ybelMekk Jun 25, 2026
fb12224
refactor(vulnerability): clarify priority summary and urgent issue na…
ybelMekk Jun 30, 2026
817f7e3
chore: resolve dependency file conflicts after rebase
ybelMekk Jun 30, 2026
be7e343
refactor(vulnerability): adjust formatting of deprecation annotations…
ybelMekk Jun 30, 2026
ac07782
refactor(vulnerability): improve formatting of deprecation annotation…
ybelMekk Jun 30, 2026
7d3d693
refactor(vulnerability): enhance ordering enums and improve error han…
ybelMekk Jun 30, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ require (
github.com/nais/pgrator/pkg/api v0.0.0-20260219115817-cf954d58c04e
github.com/nais/tester v0.1.1
github.com/nais/unleasherator v0.0.0-20251216221129-efebc54203fe
github.com/nais/v13s/pkg/api v0.0.0-20260528080657-d4f49e5737da
github.com/nais/v13s/pkg/api v0.0.0-20260617075806-adadfda4fd8d
github.com/patrickmn/go-cache v2.1.0+incompatible
github.com/pressly/goose/v3 v3.27.0
github.com/prometheus/client_golang v1.23.2
Expand Down Expand Up @@ -76,10 +76,10 @@ require (
go.opentelemetry.io/otel/trace v1.44.0
golang.org/x/exp v0.0.0-20260218203240-3dfff04db8fa
golang.org/x/oauth2 v0.36.0
golang.org/x/sync v0.20.0
golang.org/x/sync v0.21.0
golang.org/x/text v0.37.0
golang.org/x/tools v0.45.0
google.golang.org/api v0.280.0
google.golang.org/api v0.284.0
google.golang.org/genproto/googleapis/api v0.0.0-20260526163538-3dc84a4a5aaa
google.golang.org/grpc v1.81.1
google.golang.org/protobuf v1.36.11
Expand Down Expand Up @@ -239,7 +239,7 @@ require (
github.com/google/flatbuffers v25.12.19+incompatible // indirect
github.com/google/gnostic-models v0.7.1 // indirect
github.com/google/s2a-go v0.1.9 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.15 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.16 // indirect
github.com/googleapis/gax-go/v2 v2.22.0 // indirect
github.com/gookit/color v1.6.0 // indirect
github.com/gorilla/mux v1.8.1 // indirect
Expand Down
16 changes: 8 additions & 8 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -520,8 +520,8 @@ github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/enterprise-certificate-proxy v0.3.15 h1:xolVQTEXusUcAA5UgtyRLjelpFFHWlPQ4XfWGc7MBas=
github.com/googleapis/enterprise-certificate-proxy v0.3.15/go.mod h1:vqVt9yG9480NtzREnTlmGSBmFrA+bzb0yl0TxoBQXOg=
github.com/googleapis/enterprise-certificate-proxy v0.3.16 h1:F/VPrx0YPBdksZJQdCAp0WUsqnNmZpUZszzfYt0M5Dw=
github.com/googleapis/enterprise-certificate-proxy v0.3.16/go.mod h1:9Yb0eAkH/Xqhvv3zbeKf/+wMJqCeocWc6KIhDvEAuYE=
github.com/googleapis/gax-go/v2 v2.22.0 h1:PjIWBpgGIVKGoCXuiCoP64altEJCj3/Ei+kSU5vlZD4=
github.com/googleapis/gax-go/v2 v2.22.0/go.mod h1:irWBbALSr0Sk3qlqb9SyJ1h68WjgeFuiOzI4Rqw5+aY=
github.com/gookit/assert v0.1.1 h1:lh3GcawXe/p+cU7ESTZ5Ui3Sm/x8JWpIis4/1aF0mY0=
Expand Down Expand Up @@ -813,8 +813,8 @@ github.com/nais/tester v0.1.1 h1:tpJ5HKpu3mEIWX/mec0Yj0xLHEpt+MwTAsj282n0Py0=
github.com/nais/tester v0.1.1/go.mod h1:NCQMcgftHz/EXorob1XwDTOqkQmImDqr51YQ2Uea9Pc=
github.com/nais/unleasherator v0.0.0-20251216221129-efebc54203fe h1:CdRVopOihru4tXVwKZjhg6C8SbPLCQYOhJKpjBZYhjg=
github.com/nais/unleasherator v0.0.0-20251216221129-efebc54203fe/go.mod h1:Tiz/1If3WgcfvNhmsO5DiQC+L+1XhBG3KWbIfbjx4EU=
github.com/nais/v13s/pkg/api v0.0.0-20260528080657-d4f49e5737da h1:59leNz7qKRctGQS6xUnPzVUqa2NnEzVlwMDAWyhUwJs=
github.com/nais/v13s/pkg/api v0.0.0-20260528080657-d4f49e5737da/go.mod h1:KBuEYLBJOFM36G7D5RAZ5oRyUv0/IOK9JCgkUS1eqqY=
github.com/nais/v13s/pkg/api v0.0.0-20260617075806-adadfda4fd8d h1:jEokr0rmq9Y4jk96QXb7lxq5qL0UdU6ZYauiyzxpVMM=
github.com/nais/v13s/pkg/api v0.0.0-20260617075806-adadfda4fd8d/go.mod h1:Ct3ihc4Qjjxt2h92Z+qttn0kkgtR8JQ7pmTF7PExH3s=
github.com/ncruces/go-sqlite3 v0.32.0 h1:hNBUXp88LrfQCsuyXLqWTbTUG35sUuktDsqhhgHvU20=
github.com/ncruces/go-sqlite3 v0.32.0/go.mod h1:MIWTK60ONDl0oVY073zYvJP21C3Dly6P9bxVpgkLwdQ=
github.com/ncruces/go-strftime v1.0.0 h1:HMFp8mLCTPp341M/ZnA4qaf7ZlsbTc+miZjCLOFAw7w=
Expand Down Expand Up @@ -1311,8 +1311,8 @@ golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
golang.org/x/sync v0.21.0 h1:HLII4xRRTtCRkxYp4HNFF0Js/Og6q2i++KXbg0gHCwM=
golang.org/x/sync v0.21.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
Expand Down Expand Up @@ -1387,8 +1387,8 @@ gonum.org/v1/gonum v0.0.0-20181121035319-3f7ecaa7e8ca/go.mod h1:Y+Yx5eoAFn32cQvJ
gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4=
gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E=
gonum.org/v1/netlib v0.0.0-20181029234149-ec6d1f5cefe6/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw=
google.golang.org/api v0.280.0 h1:F4OfEHZhZh6a7uTufJAXXVd/2TQ8EjM4vZH+jX/vFYk=
google.golang.org/api v0.280.0/go.mod h1:oGKmPZRDoD3vdkf6MA7F4VNkR1rxCiuaPSkhsf3EolU=
google.golang.org/api v0.284.0 h1:i+cKTgeQRcRySkP7QTl5PDO7/pAm8EcMFIUMlNbk4Vc=
google.golang.org/api v0.284.0/go.mod h1:AU44fU+XVZOCcd8uLaBIa/ZgzgPf/0qqY3+m7lQaado=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/genai v1.54.0 h1:ZQCa70WMTJDI11FdqWCzGvZ5PanpcpfoO6jl/lrSnGU=
Expand Down
4 changes: 2 additions & 2 deletions integration_tests/issues_for_team.lua
Original file line number Diff line number Diff line change
Expand Up @@ -555,8 +555,8 @@ Test.gql("VulnerableImageIssue", function(t)
nodes = {
{
__typename = "VulnerableImageIssue",
message = "Image 'vulnerable-image' has 5 critical vulnerabilities and a risk score of 250",
severity = "WARNING",
message = "Image 'vulnerable-image' has 2 urgent vulnerabilities",
severity = "CRITICAL",
critical = 5,
riskScore = 250,
workload = {
Expand Down
26 changes: 26 additions & 0 deletions integration_tests/vulnerabilities.lua
Original file line number Diff line number Diff line change
Expand Up @@ -63,6 +63,19 @@ Test.gql("List vulnerability summaries for team", function(t)
}
vulnerabilitySummary{
total
countsBySeverity {
critical
high
medium
low
unassigned
}
countsByPriority {
urgent
highRisk
elevatedRisk
monitor
}
critical
high
medium
Expand Down Expand Up @@ -94,6 +107,19 @@ Test.gql("List vulnerability summaries for team", function(t)
},
vulnerabilitySummary = {
total = NotNull(),
countsBySeverity = {
critical = NotNull(),
high = NotNull(),
medium = NotNull(),
low = NotNull(),
unassigned = NotNull(),
},
countsByPriority = {
urgent = NotNull(),
highRisk = NotNull(),
elevatedRisk = NotNull(),
monitor = NotNull(),
},
critical = NotNull(),
high = NotNull(),
medium = NotNull(),
Expand Down
Loading
Loading