scan-io-git · japroc · Aug 21, 2025 · Aug 22, 2025 · Aug 22, 2025 · Sep 1, 2025
diff --git a/.cursorrules b/.cursorrules
@@ -0,0 +1,25 @@
+# Scan-io Cursor Rules
+
+## Development workflow
+- When implementing new features or making changes to the codebase, always check the `docs/engineering/` directory first for established patterns and guidelines:
+- When in doubt about implementation details, always refer to the engineering documentation first, then examine similar existing implementations in the codebase.
+- Try to reuse internal packages if relevant. Extend if required functionality does not exist.
+- Don't use `data` folder in tests, it will not be available in other environment. But feel free to read content to make proper mocks.
+- Try to use `make build-cli` or `make build-plugins` or `make build` instead of `go build ...`
+
+## Commands
+- Build cli with: `make build-cli`
+- Build plugins with: `make build-plugins`
+- Build everything with: `make build`
+- Test with: `make test`
+- Use `go fmt` for formatting
+
+## Code style
+- Use early returns when handling errors or special cases to reduce nesting and improve readability.
+
+## Planning
+- When generating a plan for new features, refactoring and so on, make an analysis of codebase, then write a plan in phases.
+- The plan may contain one or more phases. Each phase contains tasks. Write inputs and deliverables for each phase, task or group of tasks.
+- Ensure that new functionality has tasks related to having tests for that functionality.
+- Default plan file is `PLAN.md` in the root.
+- Add documentation and help message update when necessary.
diff --git a/.gitignore b/.gitignore
@@ -67,3 +67,5 @@ __debug_bin*
 *.json
 *report.html
 *results.html
+
+data/
diff --git a/Dockerfile b/Dockerfile
@@ -46,7 +46,7 @@ RUN set -euxo pipefail && \
     echo "Building dependencies for '$TARGETOS/$TARGETARCH'" && \
     apk update && \
     apk upgrade && \
-    apk add --no-cache bash python3 py3-pip openssh && \
+    apk add --no-cache bash python3 py3-pip openssh git && \
     apk add --no-cache --virtual .build-deps \
         jq \
         libc6-compat \

diff --git a/cmd/root.go b/cmd/root.go
@@ -9,8 +9,9 @@ import (
 
 	"github.com/scan-io-git/scan-io/cmd/analyse"
 	"github.com/scan-io-git/scan-io/cmd/fetch"
-	"github.com/scan-io-git/scan-io/cmd/integration-vcs"
+	integrationvcs "github.com/scan-io-git/scan-io/cmd/integration-vcs"
 	"github.com/scan-io-git/scan-io/cmd/list"
+	sarifissues "github.com/scan-io-git/scan-io/cmd/sarif-issues"
 	"github.com/scan-io-git/scan-io/cmd/upload"
 	"github.com/scan-io-git/scan-io/cmd/version"
 	"github.com/scan-io-git/scan-io/pkg/shared"
@@ -87,6 +88,7 @@ func initConfig() {
 	fetch.Init(AppConfig, Logger.Named("fetch"))
 	analyse.Init(AppConfig, Logger.Named("analyse"))
 	integrationvcs.Init(AppConfig, Logger.Named("integration-vcs"))
+	sarifissues.Init(AppConfig, Logger.Named("sarif-issues"))
 	version.Init(AppConfig, Logger.Named("version"))
 	tohtml.Init(AppConfig, Logger.Named("to-html"))
 	upload.Init(AppConfig, Logger.Named("upload"))
@@ -100,6 +102,7 @@ func init() {
 	rootCmd.AddCommand(fetch.FetchCmd)
 	rootCmd.AddCommand(analyse.AnalyseCmd)
 	rootCmd.AddCommand(integrationvcs.IntegrationVCSCmd)
+	rootCmd.AddCommand(sarifissues.SarifIssuesCmd)
 	rootCmd.AddCommand(version.NewVersionCmd())
 	rootCmd.AddCommand(tohtml.ToHtmlCmd)
 	rootCmd.AddCommand(upload.UploadCmd)
-Original file line number
+Diff line change
@@ Expand Up / @@ -67,3 +67,5 @@ __debug_bin* @@
     *.json
     *report.html
     *results.html
+    data/