Skip to content

chore(main): release 1.5.1#1

Open
github-actions[bot] wants to merge 2 commits into
mainfrom
release-please--branches--main
Open

chore(main): release 1.5.1#1
github-actions[bot] wants to merge 2 commits into
mainfrom
release-please--branches--main

Conversation

@github-actions
Copy link
Copy Markdown

@github-actions github-actions Bot commented May 25, 2026

🤖 I have created a release beep boop

1.5.1 (2026-05-25)

⚠ BREAKING CHANGES

  • fortify/github-action/setup: Now uses @fortify/setup NPM component instead of GitHub-specific implementation, resulting in changes to supported action inputs and environment variables
  • fortify/github-action: Now uses fcli action run ci instead of GitHub-specific scripts, resulting in changes to supported action inputs and environment variables
  • fortify/github-action/*: All sub-actions except for the setup action have been removed; use the top-level fortify/github-action to run a full AST scan pipeline, or use the setup action in combination with fcli commands or actions to implement custom workflows
  • Upgrade fcli to v3.4.1
  • Removed SC_SAST_LOGIN_EXTRA_OPTS
  • EXTRA_SC_SAST_SCAN_OPTS may need to be updated according to new fcli sc-sast scan start syntax
  • Any custom fcli actions referenced in *_ACTION inputs will need to be migrated to fcli 3.x action syntax

Features

  • EXTRA_SC_SAST_SCAN_OPTS may need to be updated according to new fcli sc-sast scan start syntax (63455f2)
  • fortify/github-action/*: All sub-actions except for the setup action have been removed; use the top-level fortify/github-action to run a full AST scan pipeline, or use the setup action in combination with fcli commands or actions to implement custom workflows (899cd9b)
  • fortify/github-action/setup: Now uses @fortify/setup NPM component instead of GitHub-specific implementation, resulting in changes to supported action inputs and environment variables (899cd9b)
  • fortify/github-action: Now uses fcli action run ci instead of GitHub-specific scripts, resulting in changes to supported action inputs and environment variables (899cd9b)
  • SC_SAST_SENSOR_VERSION is now optional (63455f2)
  • Ability to override tool versions (resolves #50) (121db14)
  • Add DO_POLICY_CHECK and related inputs to enable policy checks after scan completion (6ee342d)
  • Add DO_PR_COMMENT and related inputs to enable Pull Request comment generation (6ee342d)
  • Add DO_SETUP and related inputs to enable application version/release creation/setup (6ee342d)
  • Add EXPORT_ACTION and EXPORT_EXTRA_OPTS inputs to allow for export customization (6ee342d)
  • Add fortify/github-action/with-ghes-artifacts sub-action to upload CI workflow debug artifacts to GitHub Enterprise Server artifact storage (15c59a7)
  • Add fortify/github-action/with-github-artifacts sub-action to upload CI workflow debug artifacts to github.com artifact storage (same as top-level fortify/github-action) (15c59a7)
  • Add fortify/github-action/without-artifacts sub-action that doesn't upload CI workflow debug artifacts, allowing users to upload debug artifacts to a custom storage provider (15c59a7)
  • Add ability to run and import Debricked scans into SSC (closes #41) (6ee342d)
  • Add support for Debricked CLI on fortify/github-action/setup (2c7c1e7)
  • Add support for fcli 2.1.0 (7aafc0e)
  • Add support for updateable/customizable tool definitions (2c7c1e7)
  • Any custom fcli actions referenced in *_ACTION inputs will need to be migrated to fcli 3.x action syntax (63455f2)
  • FoD: Add support for creating application through DO_SETUP (2d91e3c)
  • FoD: Automatically set --app-owner if FOD_USER is configured (345ddda)
  • FoD: Improve handling of --copy-from option in SETUP_EXTRA_OPTS (2d91e3c)
  • Major documentation usability improvements (22ea8e9)
  • Removed SC_SAST_LOGIN_EXTRA_OPTS (63455f2)
  • SC-SAST: Add support for passing scan arguments through SC_SAST_SCAN_EXTRA_OPTS (1bb5d5b)
  • Simplify setup of Debricked scans on FoD (7c25788)
  • Update Debricked CLI 2.5.1->2.6.4 (222ec90)
  • Update fcli 2.11.1->2.12.2 (222ec90)
  • Update fcli to 2.9.0 (2d91e3c)
  • Update fcli to 3.13.1 (603d05a)
  • Update fcli to 3.6.0 (4822149)
  • Update ScanCentral Client to 24.4.0 (f3246ac)
  • Update ScanCentral Client to 25.2.0 (4822149)
  • Update ScanCentral Client to 25.4.0 (603d05a)
  • Upgrade fcli to v3.4.1 (63455f2)
  • Use fcli instead of FortifyVulnerabilityExporter for vulnerability export (closes #37) (6ee342d)

Bug Fixes

  • DO_PR_COMMENT: Use GITHUB_API_URL environment variable instead of hardcoded api.github.com to avoid failure on GitHub Enterprise (a804808)
  • fcli ssc action run appversion-summary: Add note about removed issue count (4a8f3f3)
  • fcli ssc action run appversion-summary: Fix exception if application version has artifacts with 0 issues (4a8f3f3)
  • Add DO_PACKAGE_DEBUG setting to enable debug logging and publish package.zip & logs as job artifacts (29b093c)
  • Allow tool artifacts to be extracted on older PowerShell versions (work-around for tc.extractZip() failure due to tc.downloadTool() not adding .zip extension actions/toolkit#1179) (6375519)
  • Configure static scan on DO_SETUP if needed (9d54346)
  • Deprecate EXTRA_*_OPTS variables; these are replaced by *_EXTRA_OPTS variables for consistency (6ee342d)
  • Documentation: Add DO_WAIT to applicable FoD sample snippets (74febec)
  • Documentation: Update action references to v2 (4822149)
  • Fix default values for app/version/release (4ccc5d9)
  • Fix documentation on ScanCentral SAST inputs (fixes #23) (3a20c7c)
  • Fix failed 1.5.0 release (59a2d07)
  • Fix potential source file path inconsistencies in SAST security report (see SAST report actions: Issue paths don't match repository paths fortify/fcli#749) (cc61a88)
  • Fix ScanCentral SAST documentation link to point to right version (3b5cd8b)
  • FoD: Use Development as default value for --sdlc-status in SETUP_EXTRA_OPTS (1bb5d5b)
  • FoD: Wait for new release to leave suspended state before attempting to start a scan (1bb5d5b)
  • Improve FoD SETUP_EXTRA_OPTS documentation (9d54346)
  • Improve parsing of boolean flags in *_EXTRA_OPTS (2d91e3c)
  • Install Java version as required by ScanCentral Client (closes #10) (6ee342d)
  • Minor documentation fix (434e78d)
  • Partial fix to use proper sub-action versions (7272d0d)
  • Properly handle app/release/version names containing spaces (c04ac28)
  • Update FOD_RELEASE/SSC_APPVERSION documentation with correct default values (fixes #43) (6ee342d)
  • Update Debricked CLI to 2.1.7 (2d91e3c)
  • Update Debricked CLI to 2.4.0 (9d54346)
  • Update dependencies (8499a16)
  • Update fcli to 2.1.0 (9d54346)
  • Update fcli to 2.9.1 (4a8f3f3)
  • Update internal fcli version to honor GitHub proxy settings (3b5cd8b)
  • Update references from fortify-ps/github-action to fortify/github-action (19d7892)
  • Update ScanCentral Client 24.4.0->24.4.1 (222ec90)
  • Update setup action to Node.js 24 (7afe7f3)
  • Update to fcli 2.7.1 to fix FoD job summary exception (6e269a5)
  • Upgrade Debricked CLI to v2.6.7 (63455f2)
  • Use github/codeql-action/upload-sarif@v3 to remove deprecation warning (15bc159)
  • Use proper branch names / versions for sub-action invocations (d4eb955)

Miscellaneous Chores

This PR was generated with Release Please. See documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

autorelease: pending

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants