ghas-jira-integration

What's Changed

• Update github actions for PRs opened against main in https://github.com/github/ghas-jira-integration/pull/29
• Use intermediate variables in action.yml by @zbazztian in https://github.com/github/ghas-jira-integration/pull/39
• Update deprecated version of CodeQL by @zkoppert in https://github.com/github/ghas-jira-integration/pull/56
• Update flask to 2.3 by @aibaars in https://github.com/github/ghas-jira-integration/pull/58

New Contributors

• @aibaars made their first contribution in https://github.com/github/ghas-jira-integration/pull/58

Full Changelog: https://github.com/github/ghas-jira-integration/compare/v1.2.3...v1.2.4

Updated documentation to reflect proper permissions needed to sync secret scanning alerts. Kudos to @sennap for improving the README.md! 🎉

This release fixes the CLI call in the action.yml, in which the state parameter is removed. More refactoring will be done in another release. Please make sure that an access token is defined with the security-events scope in order to sync secret scanning alerts properly.

Note: This is a re-release of v1.2.1; previous version tag was wrong.

This release fixes a log injection. Kudos to @haby0 for taking the time to submit a PR to resolve the issue.

In addition to syncing code scanning alerts, this version of the integration syncs a repository's secret scanning alerts.

The Action now runs faster without the need of a Docker container. The Linux GitHub hosted runner has pip3, so this is utilized without having to install pip3 and/or pipenv onto a ubuntu Docker image to run the sync.

This first release contains all the of previous work being done to sync GitHub Code Scanning alerts to Jira. It also contains open custom options to add labels and defining end and reopen states of Jira issues.