snyk
diff --git a/‎internal/presenters/testdata/ufm/expected_normalized.json‎
Lines changed: 68 additions & 0 deletions b/‎internal/presenters/testdata/ufm/expected_normalized.json‎
Lines changed: 68 additions & 0 deletions
diff --git a/‎internal/presenters/testdata/ufm/testresult_cli_secrets.json‎
Lines changed: 116 additions & 0 deletions b/‎internal/presenters/testdata/ufm/testresult_cli_secrets.json‎
Lines changed: 116 additions & 0 deletions
diff --git a/‎internal/presenters/testdata/ufm/testresult_cli_secrets_1.json‎
Lines changed: 92 additions & 0 deletions b/‎internal/presenters/testdata/ufm/testresult_cli_secrets_1.json‎
Lines changed: 92 additions & 0 deletions
diff --git a/‎pkg/local_workflows/code_workflow/native_workflow.go‎
Lines changed: 2 additions & 2 deletions b/‎pkg/local_workflows/code_workflow/native_workflow.go‎
Lines changed: 2 additions & 2 deletions
@@ -0,0 +1,68 @@
+{
+  "$schema": "https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/schemas/sarif-schema-2.1.0.json",
+  "runs": [
+    {
+      "automationDetails": {
+        "id": "Snyk/Open Source/*"
+      },
+      "results": [
+        {
+          "level": "unmapped",
+          "locations": [
+            {
+              "logicalLocations": [
+                {
+                  "fullyQualifiedName": "@*"
+                }
+              ],
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "package.json"
+                },
+                "region": {
+                  "startLine": 1
+                }
+              }
+            }
+          ],
+          "message": {
+            "text": "This file introduces a vulnerable  package with a  severity vulnerability."
+          },
+          "ruleId": "00000000-0000-0000-0000-000000000001"
+        }
+      ],
+      "tool": {
+        "driver": {
+          "informationUri": "https://docs.snyk.io/",
+          "name": "Snyk Open Source",
+          "rules": [
+            {
+              "fullDescription": {
+                "text": "@"
+              },
+              "help": {
+                "markdown": "some description",
+                "text": ""
+              },
+              "id": "00000000-0000-0000-0000-000000000001",
+              "properties": {
+                "cvssv3_baseScore": 0,
+                "security-severity": "0.0",
+                "tags": [
+                  "security",
+                  "CWE-798"
+                ]
+              },
+              "shortDescription": {
+                "text": " severity - AWS Access Key vulnerability in "
+              }
+            }
+          ],
+          "semanticVersion": "1.1301.0",
+          "version": "1.1301.0"
+        }
+      }
+    }
+  ],
+  "version": "2.1.0"
+}
@@ -0,0 +1,116 @@
+[
+  {
+    "testId": "f216306e-842c-429b-aa94-57893e516cdd",
+    "testConfiguration": {
+      "local_policy": {
+        "fail_on_upgradable": false,
+        "ignores": [],
+        "severity_threshold": "none",
+        "suppress_pending_ignores": false
+      },
+      "timeout": {
+        "outcome": "fail",
+        "seconds": 1200
+      }
+    },
+    "createdAt": "2025-10-28T15:42:29.689452Z",
+    "testSubject": {
+      "locator": {
+        "paths": [
+          "package-lock.json"
+        ],
+        "type": "local_path"
+      },
+      "type": "dep_graph"
+    },
+    "executionState": "finished",
+    "passFail": "fail",
+    "outcomeReason": "policy_breach",
+    "effectiveSummary": {
+      "count": 13,
+      "count_by": {
+        "result_type": {
+          "dast": 0,
+          "other": 0,
+          "sast": 0,
+          "sca": 13
+        },
+        "severity": {
+          "critical": 0,
+          "high": 2,
+          "low": 1,
+          "medium": 10,
+          "none": 0,
+          "other": 0
+        }
+      }
+    },
+    "rawSummary": {
+      "count": 13,
+      "count_by": {
+        "result_type": {
+          "dast": 0,
+          "other": 0,
+          "sast": 0,
+          "sca": 13
+        },
+        "severity": {
+          "critical": 0,
+          "high": 2,
+          "low": 1,
+          "medium": 10,
+          "none": 0,
+          "other": 0
+        }
+      }
+    },
+    "findings": [
+      {
+        "attributes": {
+          "cause_of_failure": false,
+          "description": "some description",
+          "finding_type": "secrets",
+          "key": "00000000-0000-0000-0000-000000000001",
+          "locations": [
+            {
+              "region": {
+                "filePath": "test.tf",
+                "fromLine": 20,
+                "fromColumn": 20,
+                "toLine": 20,
+                "toColumn": 20
+              },
+              "type": "source"
+            },
+            {
+              "region": {
+                "filePath": "test.tf",
+                "fromLine": 30,
+                "fromColumn": 30,
+                "toLine": 30,
+                "toColumn": 30
+              },
+              "type": "source"
+            }
+          ],
+          "policy_modifications": [],
+          "problems": [
+            {
+              "id": "aws-access-token",
+              "source": "snyk"
+            },
+            {
+              "id": "CWE-798",
+              "source": "cwe"
+            }
+          ],
+          "title": "AWS Access Key"
+        },
+        "links": {},
+        "relationships": {},
+        "type": "findings"
+      }
+    ],
+    "findingsComplete": true
+  }
+]
@@ -0,0 +1,92 @@
+[
+  {
+    "testId": "c7da999e-131a-4490-ab3a-23f74c185d2d",
+    "testConfiguration": {
+      "local_policy": {}, // same
+      "timeout": { "outcome": "fail", "seconds": 1200 }
+    },
+    "metadata": {}, //??? probably similar to OS or empty
+    "createdAt": "2025-11-06T14:45:12.489805Z",
+    "resources": [
+      {
+        "contentType": "source",
+        "repositoryURL": "github.com/test",
+        "revisionID": "some-uuid",
+        "type": "upload"
+      }
+    ], // this is new, we wont work with subjects at all
+    "executionState": "finished",
+    "passFail": "fail",
+    "outcomeReason": "policy_breach",
+    "effectiveSummary": {
+      "count": 1,
+      "count_by": {
+        "result_type": { "dast": 0, "other": 0, "sast": 0, "sca": 0, "secrets": 0 },
+        "severity": {
+          "critical": 1,
+          "high": 0,
+          "low": 0,
+          "medium": 0,
+          "none": 0,
+          "other": 0
+        }
+      }
+    },
+    "rawSummary": {
+      "count": 1,
+      "count_by": {
+        "result_type": { "dast": 0, "other": 0, "sast": 0, "sca": 0, "secrets": 0 },
+        "severity": {
+          "critical": 1,
+          "high": 0,
+          "low": 0,
+          "medium": 0,
+          "none": 0,
+          "other": 0
+        }
+      }
+    },
+    "findings": [
+      {
+        "attributes": {
+          "cause_of_failure": false,
+          "description": "Leaked AWS secret",
+          "evidence": [], // no evidence for secrets atm
+          "finding_type": "secrets",
+          "key": "00000000-0000-0000-0000-000000000001",
+          "locations": [
+            {
+              "filePath": "config.json",
+              "fromColumn": 1,
+              "toColumn": 10,
+              "fromLine": 1,
+              "toLine": 1,
+              "type": "source"
+            },
+            {
+              "filePath": "config.json",
+              "fromColumn": 1,
+              "toColumn": 10,
+              "fromLine": 3,
+              "toLine": 3,
+              "type": "source"
+            }
+          ],
+          "policy_modifications": [],
+          "problems": [
+            { "id": "aws-key-id", "source": "snyk" },
+            { "id": "CWE-502", "source": "cwe" }
+          ],
+          "rating": { "severity": "critical" },
+          "risk": {},
+          "title": "Leaked AWS secret"
+        },
+        "id": "085fd753-c0ff-43b2-b354-27ef7ef0ceb9",
+        "links": {},
+        "relationships": {}, // no relationships for secrets atm, we don't have fix suggestions
+        "type": "findings"
+      }
+    ],
+    "findingsComplete": true
+  }
+]
@@ -4,6 +4,7 @@ import (
 	"context"
 	"encoding/json"
 	"errors"
+	"github.com/snyk/go-application-framework/pkg/utils/file_filter"
 	"net/http"
 	"os"
 	"path"
@@ -25,7 +26,6 @@ import (
 	"github.com/snyk/go-application-framework/pkg/local_workflows/local_models"
 	"github.com/snyk/go-application-framework/pkg/networking"
 	"github.com/snyk/go-application-framework/pkg/ui"
-	"github.com/snyk/go-application-framework/pkg/utils"
 	sarif2 "github.com/snyk/go-application-framework/pkg/utils/sarif"
 	"github.com/snyk/go-application-framework/pkg/workflow"
 )
@@ -305,7 +305,7 @@ func determineAnalyzeInput(path string, config configuration.Configuration, logg
 
 // Return a channel that notifies each file in the path that doesn't match the filter rules
 func getFilesForPath(path string, logger *zerolog.Logger, max_threads int) (<-chan string, error) {
-	filter := utils.NewFileFilter(path, logger, utils.WithThreadNumber(max_threads))
+	filter := file_filter.NewFileFilter(path, logger, file_filter.WithThreadNumber(max_threads))
 	rules, err := filter.GetRules([]string{".gitignore", ".dcignore", ".snyk"})
 	if err != nil {
 		return nil, err