Skip to content

Updates to fod sast-scan setup to keep existing settings #887

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rsenden merged 3 commits into from
Dec 9, 2025
Merged

Updates to fod sast-scan setup to keep existing settings #887

rsenden merged 3 commits into from
Dec 9, 2025

Conversation

@kadraman
Copy link
Collaborator

@kadraman kadraman commented Dec 9, 2025
edited
Loading

Minor updates the fod sast-scan setup command so that "aviator" and "oss" settings are not overwritten when they are not supplied. In order to remain backwards compatible existing -use-aviator and --oss have been kept and been made "negatable" so that --no-use-aviator and --no-oss are also available.

Tidied up and hardened technology stack/language level based on Copilot suggestions.

Copilot AI review requested due to automatic review settings December 9, 2025 12:29
Copilot AI reviewed Dec 9, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the FoD SAST scan setup command to preserve existing OSS (Open Source Analysis) and Aviator settings when not explicitly specified, improving the command's behavior to avoid overwriting previously configured settings.

Key changes:

  • Made --oss and --use-aviator options negatable (auto-generating --no-oss and --no-aviator flags)
  • Added logic to fallback to existing setup values when these options are not provided
  • Added @JsonInclude(NON_NULL) to the request class to exclude null fields from API calls

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 6 comments.

File Description
FoDScanConfigSastSetupRequest.java Added @JsonInclude(NON_NULL) annotation to prevent null values from being sent in API requests
FoDScanConfigSastDescriptor.java Added includeFortifyAviator field to capture existing Aviator setting from API responses
FoDSastScanSetupCommand.java Updated option declarations to be negatable; added fallback logic to preserve existing OSS and Aviator settings; improved technology stack ID parsing with better error handling

@kadraman kadraman requested a review from Copilot December 9, 2025 15:28
Copilot AI reviewed Dec 9, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 3 out of 3 changed files in this pull request and generated 3 comments.

Comments suppressed due to low confidence (1)

fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanSetupCommand.java:169

  • Potential uncaught 'java.lang.NumberFormatException'.
                    return Integer.valueOf(lookupDescriptor.getValue());

@rsenden rsenden merged commit 649cd88 into fortify:dev/v3.x Dec 9, 2025
6 of 7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kadraman @rsenden