File tree Expand file tree Collapse file tree 1 file changed +17
-5
lines changed Expand file tree Collapse file tree 1 file changed +17
-5
lines changed Original file line number Diff line number Diff line change @@ -45,10 +45,21 @@ jobs:
4545 run : |
4646 echo "## 🔍 Dependency Vulnerability Report" > report.md
4747 echo "" >> report.md
48- jq -r '
49- .advisories[] |
50- "| \(.module_name) | \(.id) | \(.severity) | \(.title) | \(.recommendation) |"
51- ' audit.json >> report.md || echo "No vulnerabilities found." >> report.md
48+
49+ # Dump full vulnerability objects if any
50+ vulns=$(jq '.Results[].Vulnerabilities | length' trivy-results.json | awk '{s+=$1} END {print s}')
51+ if [ "$vulns" -gt 0 ]; then
52+ jq -r '
53+ .Results[].Vulnerabilities[] |
54+ "| \(.PkgName) | \(.VulnerabilityID) | \(.Severity) | \(.Title // "No title") | Fixed: \(.FixedVersion // "N/A") |"
55+ ' trivy-results.json >> report.md
56+ else
57+ echo "No vulnerabilities found." >> report.md
58+ fi
59+
60+ echo "--- RAW JSON (for debugging) ---" >> report.md
61+ cat trivy-results.json >> report.md
62+
5263name : Read vulnerability report
5364 id : vuln_report
5465 run : |
6475 id : ai_explain
6576 run : |
6677 content=$(cat report.md || echo "No vulnerabilities found.")
67- prompt="Explain these vulnerabilities in simple terms, their risk, and how to fix: $content"
78+
79+ prompt="Explain these dependency scan results in plain English:\n\n$(cat report.md)"
6880 response=$(curl https://api.openai.com/v1/chat/completions \
6981 -H "Content-Type: application/json" \
7082 -H "Authorization: Bearer ${{ secrets.OPENAI_API_KEY }}" \
You can’t perform that action at this time.
0 commit comments