Viewing GitHub Action Checkmarx One Scan Results
There are several ways to view GitHub Action scan results.
Viewing the Scan Results Summary in GitHub
You can view a summary of your scan results in GitHub.
Navigate back to your GitHub repository Actions tab and click on your workflow run to see the build.
Scroll down to the build summary section to view aggregated data about the vulenrabilities identified by the scan.
You can click on the More details link to open the complete scan results in the Checkmarx One web platform.
Viewing Alerts in GitHub
If in your workflow you included the code to import your Checkmarx scan results into GitHub, you can view the results in the Security tab, under Code scanning alerts.
Navigate to your GitHub repository Security tab.
Click on Code scanning alerts to view the vulnerabilities identified by Checkmarx One.
Click on the name of an alert (vulnerability) to see more detailed information.
The vulnerability details are shown.
Viewing Pull Request Decoration
For scans that were triggered by a pull request in GitHub, the pull request is decorated with a comment showing a list of new vulnerabilities that were introduced by the code change as well as a list of vulnerabilities that were fixed by the code change.
For more information about Checkmarx One pull request decorations, see Code Repository Integration Usage & Results.
Viewing your results in the Checkmarx One UI
You can view detailed information about your scan results in the Checkmarx UI. For more information about viewing scan results, see Viewing the Project Page.