ci: export sarif report for all level of severity (#32)

lhoupert · web-flow · commit a3301a2f7241 · 2026-03-28T02:03:34.000+01:00
diff --git a/action.yml b/action.yml
@@ -63,7 +63,6 @@ runs:
       uses: lhoupert/bandit-action@18022d5292d04b21fae1bfa44597b94402ba7365
       with:
         targets: ${{ steps.resolve-targets.outputs.targets }}
-        severity: ${{ inputs.bandit_severity_threshold }}
 
     - name: Set up uv
       uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0
diff --git a/tests/test_report.py b/tests/test_report.py
@@ -173,6 +173,15 @@ def test_markdown_bandit_table(bandit_issues: dict[str, Any], pip_clean: list[An
     assert "src/app.py" in md
 
 
+def test_markdown_below_threshold_summary(
+    bandit_issues: dict[str, Any], pip_clean: list[Any]
+) -> None:
+    """With threshold=HIGH, MEDIUM findings appear as below-threshold note."""
+    s = Settings()
+    md = build_markdown(bandit_issues, pip_clean, s)
+    assert "1 medium issue(s) below threshold not shown in table." in md
+
+
 def test_markdown_pip_table(bandit_clean: dict[str, Any], pip_fixable: list[Any]) -> None:
     s = Settings()
     md = build_markdown(bandit_clean, pip_fixable, s)
diff --git a/uv.lock b/uv.lock
