Skip to content

Issue with Scan Type Validation in Checkmarx Plugin #579

Description

@john24rel

The Checkmarx plugin version 2.0.38 has an issue with validating the --scan-types parameter as per the documentation. When using the argument --scan-types sast, sca in the pipeline, the plugin incorrectly parses the parameters, adding extra commas between the scan types.

Steps to Reproduce:
Configure a pipeline with the following additional parameters: --scan-types sast, sca.

Run the pipeline.
Observed Behavior: The pipeline logs show additional commas in the parsed parameters:
Additional parameters refined: --scan-types, sast,sca

Expected Behavior: The plugin should correctly parse the parameters without adding extra commas.

Documentation Reference: The documentation states that the argument --scan-types should accept values like sast, sca, iac-security, or api-security. For more details, see the official documentation here

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions