Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
30 commits
Select commit Hold shift + click to select a range
d11d67c
feat: add CVE priority levels to vulnerability GraphQL API and issue …
ybelMekk May 25, 2026
3367094
feat(vulnerability): expose CVE priority, EPSS, KEV fields in GraphQL…
ybelMekk May 28, 2026
ee0b576
chore: bump v13s to v0.0.0-20260528121134-739c7136ac8e (cve-priority …
ybelMekk May 28, 2026
b4b3aff
refactor: simplify toWorkloadVulnerabilitySummary — v13s now zeroes c…
ybelMekk May 28, 2026
465f96f
fix: resolve leftover go.mod/go.sum conflict markers
ybelMekk Jun 2, 2026
35b7b36
fix: address gosec int32 cast and update issue expectation
ybelMekk Jun 2, 2026
4066d98
chore(deps): bump v13s api to af9d5e6
ybelMekk Jun 2, 2026
11bee74
fix(vulnerability): adapt API to v13s risk-tier model
ybelMekk Jun 2, 2026
2a88725
test(vulnerability): cover CVE risk-tier derivation
ybelMekk Jun 2, 2026
454089c
feat(vulnerability): expose fixVersion on image vulnerabilities
ybelMekk Jun 2, 2026
5878acd
fix(vulnerability): handle RISK_TIER_UNSPECIFIED in risk-tier mapping
ybelMekk Jun 3, 2026
2132f96
feat(vulnerability): expose KEV and EPSS fields on ImageVulnerability
ybelMekk Jun 3, 2026
e9d2a7c
fix(vulnerability): map PRIORITY sort to cve priority order
ybelMekk Jun 3, 2026
ed07236
chore(deps): bump v13s api after exploitable removal
ybelMekk Jun 4, 2026
424abae
fix(vulnerability): clean enum docs and normalize fake EPSS percentile
ybelMekk Jun 4, 2026
e7866c4
feat(vulnerability): add ransomwareCount, highEpssCount, and topRiskT…
ybelMekk Jun 9, 2026
82b803e
feat(vulnerability): add riskTier field to vulnerability summaries
ybelMekk Jun 10, 2026
3d83790
chore(deps): bump v13s api
ybelMekk Jun 16, 2026
b59e801
feat(vulnerability): align CVE priority with v13s priority
ybelMekk Jun 16, 2026
008f079
fix(vulnerability): remove legacy risk-tier fallback
ybelMekk Jun 16, 2026
c9398f1
fix(issue): only flag immediate vulnerabilities
ybelMekk Jun 16, 2026
07448e3
test(vulnerability): remove outdated CVE priority derivation tests
ybelMekk Jun 16, 2026
6659e24
feat(vulnerability): add riskTier field to vulnerability summaries
ybelMekk Jun 16, 2026
11fe780
chore(deps): align v13s api with main
ybelMekk Jun 16, 2026
0786b7a
fix(issue): support haproxy external ingress class detection
ybelMekk Jun 17, 2026
71fd1ad
refactor(vulnerability): hard-remove priority summary extras
ybelMekk Jun 17, 2026
575e0db
refactor(vulnerability): hard-remove priority summary extras
ybelMekk Jun 17, 2026
f112eae
chore(deps): bump v13s api to latest main
ybelMekk Jun 17, 2026
4828624
fix(vulnerability): revert ingress class tests
ybelMekk Jun 17, 2026
9a09856
Merge branch 'origin/feat/cve-priority' into fix/external-ingress-cla…
ybelMekk Jun 17, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 6 additions & 6 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/nais/api

go 1.26.3
go 1.26.4

tool (
github.com/99designs/gqlgen
Expand Down Expand Up @@ -44,7 +44,7 @@ require (
github.com/nais/pgrator/pkg/api v0.0.0-20260219115817-cf954d58c04e
github.com/nais/tester v0.1.1
github.com/nais/unleasherator v0.0.0-20251216221129-efebc54203fe
github.com/nais/v13s/pkg/api v0.0.0-20260528080657-d4f49e5737da
github.com/nais/v13s/pkg/api v0.0.0-20260617075806-adadfda4fd8d
github.com/patrickmn/go-cache v2.1.0+incompatible
github.com/pressly/goose/v3 v3.27.0
github.com/prometheus/client_golang v1.23.2
Expand Down Expand Up @@ -76,10 +76,10 @@ require (
go.opentelemetry.io/otel/trace v1.43.0
golang.org/x/exp v0.0.0-20260218203240-3dfff04db8fa
golang.org/x/oauth2 v0.36.0
golang.org/x/sync v0.20.0
golang.org/x/sync v0.21.0
golang.org/x/text v0.37.0
golang.org/x/tools v0.44.0
google.golang.org/api v0.280.0
google.golang.org/api v0.284.0
google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9
google.golang.org/grpc v1.81.1
google.golang.org/protobuf v1.36.11
Expand Down Expand Up @@ -240,7 +240,7 @@ require (
github.com/google/flatbuffers v25.12.19+incompatible // indirect
github.com/google/gnostic-models v0.7.1 // indirect
github.com/google/s2a-go v0.1.9 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.15 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.16 // indirect
github.com/googleapis/gax-go/v2 v2.22.0 // indirect
github.com/gookit/color v1.6.0 // indirect
github.com/gorilla/mux v1.8.1 // indirect
Expand Down Expand Up @@ -465,7 +465,7 @@ require (
gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
google.golang.org/genai v1.54.0 // indirect
google.golang.org/genproto v0.0.0-20260319201613-d00831a3d3e7 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20260511170946-3700d4141b60 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20260526163538-3dc84a4a5aaa // indirect
gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
Expand Down
20 changes: 10 additions & 10 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -524,8 +524,8 @@ github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/enterprise-certificate-proxy v0.3.15 h1:xolVQTEXusUcAA5UgtyRLjelpFFHWlPQ4XfWGc7MBas=
github.com/googleapis/enterprise-certificate-proxy v0.3.15/go.mod h1:vqVt9yG9480NtzREnTlmGSBmFrA+bzb0yl0TxoBQXOg=
github.com/googleapis/enterprise-certificate-proxy v0.3.16 h1:F/VPrx0YPBdksZJQdCAp0WUsqnNmZpUZszzfYt0M5Dw=
github.com/googleapis/enterprise-certificate-proxy v0.3.16/go.mod h1:9Yb0eAkH/Xqhvv3zbeKf/+wMJqCeocWc6KIhDvEAuYE=
github.com/googleapis/gax-go/v2 v2.22.0 h1:PjIWBpgGIVKGoCXuiCoP64altEJCj3/Ei+kSU5vlZD4=
github.com/googleapis/gax-go/v2 v2.22.0/go.mod h1:irWBbALSr0Sk3qlqb9SyJ1h68WjgeFuiOzI4Rqw5+aY=
github.com/gookit/assert v0.1.1 h1:lh3GcawXe/p+cU7ESTZ5Ui3Sm/x8JWpIis4/1aF0mY0=
Expand Down Expand Up @@ -813,8 +813,8 @@ github.com/nais/tester v0.1.1 h1:tpJ5HKpu3mEIWX/mec0Yj0xLHEpt+MwTAsj282n0Py0=
github.com/nais/tester v0.1.1/go.mod h1:NCQMcgftHz/EXorob1XwDTOqkQmImDqr51YQ2Uea9Pc=
github.com/nais/unleasherator v0.0.0-20251216221129-efebc54203fe h1:CdRVopOihru4tXVwKZjhg6C8SbPLCQYOhJKpjBZYhjg=
github.com/nais/unleasherator v0.0.0-20251216221129-efebc54203fe/go.mod h1:Tiz/1If3WgcfvNhmsO5DiQC+L+1XhBG3KWbIfbjx4EU=
github.com/nais/v13s/pkg/api v0.0.0-20260528080657-d4f49e5737da h1:59leNz7qKRctGQS6xUnPzVUqa2NnEzVlwMDAWyhUwJs=
github.com/nais/v13s/pkg/api v0.0.0-20260528080657-d4f49e5737da/go.mod h1:KBuEYLBJOFM36G7D5RAZ5oRyUv0/IOK9JCgkUS1eqqY=
github.com/nais/v13s/pkg/api v0.0.0-20260617075806-adadfda4fd8d h1:jEokr0rmq9Y4jk96QXb7lxq5qL0UdU6ZYauiyzxpVMM=
github.com/nais/v13s/pkg/api v0.0.0-20260617075806-adadfda4fd8d/go.mod h1:Ct3ihc4Qjjxt2h92Z+qttn0kkgtR8JQ7pmTF7PExH3s=
github.com/ncruces/go-sqlite3 v0.32.0 h1:hNBUXp88LrfQCsuyXLqWTbTUG35sUuktDsqhhgHvU20=
github.com/ncruces/go-sqlite3 v0.32.0/go.mod h1:MIWTK60ONDl0oVY073zYvJP21C3Dly6P9bxVpgkLwdQ=
github.com/ncruces/go-strftime v1.0.0 h1:HMFp8mLCTPp341M/ZnA4qaf7ZlsbTc+miZjCLOFAw7w=
Expand Down Expand Up @@ -1323,8 +1323,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
golang.org/x/sync v0.20.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
golang.org/x/sync v0.21.0 h1:HLII4xRRTtCRkxYp4HNFF0Js/Og6q2i++KXbg0gHCwM=
golang.org/x/sync v0.21.0/go.mod h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
Expand Down Expand Up @@ -1416,8 +1416,8 @@ gonum.org/v1/gonum v0.0.0-20181121035319-3f7ecaa7e8ca/go.mod h1:Y+Yx5eoAFn32cQvJ
gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4=
gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E=
gonum.org/v1/netlib v0.0.0-20181029234149-ec6d1f5cefe6/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw=
google.golang.org/api v0.280.0 h1:F4OfEHZhZh6a7uTufJAXXVd/2TQ8EjM4vZH+jX/vFYk=
google.golang.org/api v0.280.0/go.mod h1:oGKmPZRDoD3vdkf6MA7F4VNkR1rxCiuaPSkhsf3EolU=
google.golang.org/api v0.284.0 h1:i+cKTgeQRcRySkP7QTl5PDO7/pAm8EcMFIUMlNbk4Vc=
google.golang.org/api v0.284.0/go.mod h1:AU44fU+XVZOCcd8uLaBIa/ZgzgPf/0qqY3+m7lQaado=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/genai v1.54.0 h1:ZQCa70WMTJDI11FdqWCzGvZ5PanpcpfoO6jl/lrSnGU=
Expand All @@ -1430,8 +1430,8 @@ google.golang.org/genproto v0.0.0-20260319201613-d00831a3d3e7 h1:XzmzkmB14QhVhgn
google.golang.org/genproto v0.0.0-20260319201613-d00831a3d3e7/go.mod h1:L43LFes82YgSonw6iTXTxXUX1OlULt4AQtkik4ULL/I=
google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9 h1:VPWxll4HlMw1Vs/qXtN7BvhZqsS9cdAittCNvVENElA=
google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9/go.mod h1:7QBABkRtR8z+TEnmXTqIqwJLlzrZKVfAUm7tY3yGv0M=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260511170946-3700d4141b60 h1:seT2EwLWM78plQ7wcDfuWBc/4FAEAXDDiaSol4ku4qo=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260511170946-3700d4141b60/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260526163538-3dc84a4a5aaa h1:mZHHdPZl0dbGHCflZgAq/Q468DWVFcU2whhB2KAo8fk=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260526163538-3dc84a4a5aaa/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
google.golang.org/grpc v1.12.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
Expand Down
4 changes: 2 additions & 2 deletions integration_tests/issues_for_team.lua
Original file line number Diff line number Diff line change
Expand Up @@ -579,8 +579,8 @@ Test.gql("VulnerableImageIssue", function(t)
nodes = {
{
__typename = "VulnerableImageIssue",
message = "Image 'vulnerable-image' has 5 critical vulnerabilities and a risk score of 250",
severity = "WARNING",
message = "Image 'vulnerable-image' has 2 immediate vulnerabilities",
severity = "CRITICAL",
critical = 5,
riskScore = 250,
workload = {
Expand Down
Loading
Loading