Skip to content

Add repository-level vulnerability summary to vulnerabilities command #282

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
colinmoynes wants to merge 21 commits into from
Closed

Add repository-level vulnerability summary to vulnerabilities command #282

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
f7e348a
initial commit
colinmoynes Mar 13, 2026
2be21be
Repo summary of package vulnerabilities. Single table. Better error h…
colinmoynes Mar 27, 2026
2045f3b
better handling of -A flag for repo summary
colinmoynes Mar 27, 2026
338e374
add org and repo to repo summary json output
colinmoynes Mar 27, 2026
4ed5460
processing bar added for better ux
colinmoynes Mar 27, 2026
77279dd
added slug_perm to package data in repo summary json
colinmoynes Mar 27, 2026
a26ff7c
improvied table colour rendering for severities. Shows total as well …
colinmoynes Mar 27, 2026
1e2f53b
changelog ready for next release. potentially 1.17.0
colinmoynes Mar 27, 2026
0f5ee19
moved changes to unreleased
colinmoynes Mar 27, 2026
5cf5a09
fix pagination for get_packages_in_repo
colinmoynes Mar 27, 2026
b6ef8cd
fix: download command in the saml context (#283)
cloudsmith-iduffy Mar 31, 2026
9318618
Merge branch 'master' into ceng-747-cloudsmith-cli-repo-level-vulnera…
colinmoynes Apr 1, 2026
6262176
All packages now show and not just vulnerable packages, with accurate…
colinmoynes Apr 1, 2026
e4011b0
Added "Identifier" column to results table. Improved severity flag ha…
colinmoynes Apr 1, 2026
ac1d701
Updated testcases for vulnerabilities
colinmoynes Apr 1, 2026
e2cf6f6
Removed references to slugs for single package mode
colinmoynes Apr 1, 2026
6fa1a96
Updated changelog
colinmoynes Apr 1, 2026
f558754
Added readme update to vulnerabilities command
colinmoynes Apr 3, 2026
a67f4de
remove unused echo
colinmoynes Apr 7, 2026
a20fe3e
Removed get_package_in_repo() and replaced with paginate_results() fr…
colinmoynes Apr 7, 2026
2e96ca0
Improved _collect_repo_scan_data() performance. 8-10x improvement.
colinmoynes Apr 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,13 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.

## [Unreleased]

### Added

- Added repository-level vulnerability summary (`cloudsmith vulnerabilities OWNER/REPO`)
- Aggregates scan results across all packages into a single color-coded table
- Packages sorted by total vulnerability count (descending)
- Supports `--severity` and `--fixable/--non-fixable` filters

## [1.16.0] - 2026-03-24

### Added
Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,7 @@ The CLI currently supports the following commands (and sub-commands):
- `rpm`: Manage rpm upstreams for a repository.
- `ruby`: Manage ruby upstreams for a repository.
- `swift`: Manage swift upstreams for a repository.
- `vulnerabilities`: Retrieve vulnerability results for a package.
- `vulnerabilities`: Retrieve vulnerability results for a repository (summary) or an individual package.
- `whoami`: Retrieve your current authentication status.

## Installation
Expand Down
Loading
Loading