From 8a68327516ea59cd09d7e4edd854e887764e0575 Mon Sep 17 00:00:00 2001
From: Shahar Shaki <shaharsh@monday.com>
Date: Wed, 10 Dec 2025 11:20:40 +0200
Subject: [PATCH 1/2] make security scanning findings schema nullable

---
 package.json                                 |  2 +-
 src/services/schemas/push-service-schemas.ts | 20 ++++++++++----------
 src/types/services/push-service.ts           | 20 ++++++++++----------
 3 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/package.json b/package.json
index 9bdfd42..b3348f4 100755
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@mondaycom/apps-cli",
-  "version": "4.10.2",
+  "version": "4.10.3",
   "description": "A cli tool to manage apps (and monday-code projects) in monday.com",
   "author": "monday.com Apps Team",
   "type": "module",
diff --git a/src/services/schemas/push-service-schemas.ts b/src/services/schemas/push-service-schemas.ts
index 73f5902..4afff7c 100644
--- a/src/services/schemas/push-service-schemas.ts
+++ b/src/services/schemas/push-service-schemas.ts
@@ -47,17 +47,17 @@ export const deploymentStatusTypesArray = [
 export const deploymentStatusTypesSchema = z.enum(deploymentStatusTypesArray);
 
 export const securityScanFindingSchema = z.object({
-  tool: z.string(),
-  ruleId: z.string(),
-  severity: z.string(),
-  file: z.string(),
+  tool: z.string().nullable(),
+  ruleId: z.string().nullable(),
+  severity: z.string().nullable(),
+  file: z.string().nullable(),
   line: z.number().nullable(),
-  message: z.string(),
-  shortDescription: z.string(),
-  fullDescription: z.string(),
-  helpUri: z.string(),
-  help: z.string(),
-  precision: z.string(),
+  message: z.string().nullable(),
+  shortDescription: z.string().nullable(),
+  fullDescription: z.string().nullable(),
+  helpUri: z.string().nullable(),
+  help: z.string().nullable(),
+  precision: z.string().nullable(),
 });
 
 export const securityScanSchema = z.object({
diff --git a/src/types/services/push-service.ts b/src/types/services/push-service.ts
index 36a3994..e30d7e4 100644
--- a/src/types/services/push-service.ts
+++ b/src/types/services/push-service.ts
@@ -19,17 +19,17 @@ export type AppVersionDeploymentStatus = z.infer<typeof appVersionDeploymentStat
 export const DeploymentStatusTypesSchema = deploymentStatusTypesSchema.enum;
 
 export type SecurityScanFinding = {
-  tool: string;
-  ruleId: string;
-  severity: string;
-  file: string;
+  tool: string | null;
+  ruleId: string | null;
+  severity: string | null;
+  file: string | null;
   line: number | null;
-  message: string;
-  shortDescription: string;
-  fullDescription: string;
-  helpUri: string;
-  help: string;
-  precision: string;
+  message: string | null;
+  shortDescription: string | null;
+  fullDescription: string | null;
+  helpUri: string | null;
+  help: string | null;
+  precision: string | null;
 };
 
 export type SecurityScanResult = {

From 7803553115b308124ae4d407f451cc917618bef0 Mon Sep 17 00:00:00 2001
From: Shahar Shaki <shaharsh@monday.com>
Date: Wed, 10 Dec 2025 11:43:44 +0200
Subject: [PATCH 2/2] fix comment

---
 src/commands/code/report.ts        |  6 +++---
 src/types/services/push-service.ts | 30 ++----------------------------
 2 files changed, 5 insertions(+), 31 deletions(-)

diff --git a/src/commands/code/report.ts b/src/commands/code/report.ts
index 28ff5cd..b397586 100644
--- a/src/commands/code/report.ts
+++ b/src/commands/code/report.ts
@@ -10,13 +10,13 @@ import { APP_VERSION_ID_TO_ENTER, VAR_UNKNOWN } from 'consts/messages';
 import { DynamicChoicesService } from 'services/dynamic-choices-service';
 import { getDeploymentSecurityScan } from 'services/push-service';
 import { HttpError } from 'types/errors';
-import { SecurityScanResponse, SecurityScanResultType } from 'types/services/push-service';
+import { SecurityScanResponse, SecurityScanResult } from 'types/services/push-service';
 import logger from 'utils/logger';
 import { addRegionToFlags, chooseRegionIfNeeded, getRegionFromString } from 'utils/region';
 
 const DEBUG_TAG = 'code_report';
 
-const printSecurityScanSummary = (securityScanResults: SecurityScanResultType) => {
+const printSecurityScanSummary = (securityScanResults: SecurityScanResult) => {
   const { summary, timestamp, version } = securityScanResults;
 
   logger.log(`\nSecurity Scan Report (v${version})`);
@@ -31,7 +31,7 @@ const printSecurityScanSummary = (securityScanResults: SecurityScanResultType) =
 };
 
 const writeResultsToFile = (
-  securityScanResults: SecurityScanResultType,
+  securityScanResults: SecurityScanResult,
   appVersionId: number,
   outputDir?: string,
 ): string => {
diff --git a/src/types/services/push-service.ts b/src/types/services/push-service.ts
index e30d7e4..33e7469 100644
--- a/src/types/services/push-service.ts
+++ b/src/types/services/push-service.ts
@@ -18,32 +18,6 @@ export type AppVersionDeploymentStatus = z.infer<typeof appVersionDeploymentStat
 
 export const DeploymentStatusTypesSchema = deploymentStatusTypesSchema.enum;
 
-export type SecurityScanFinding = {
-  tool: string | null;
-  ruleId: string | null;
-  severity: string | null;
-  file: string | null;
-  line: number | null;
-  message: string | null;
-  shortDescription: string | null;
-  fullDescription: string | null;
-  helpUri: string | null;
-  help: string | null;
-  precision: string | null;
-};
-
-export type SecurityScanResult = {
-  version: string;
-  timestamp: string;
-  summary: {
-    total: number;
-    error: number;
-    warning: number;
-    note: number;
-  };
-  findings: SecurityScanFinding[];
-};
-
-export type SecurityScanFindingType = z.infer<typeof securityScanFindingSchema>;
-export type SecurityScanResultType = z.infer<typeof securityScanSchema>;
+export type SecurityScanFinding = z.infer<typeof securityScanFindingSchema>;
+export type SecurityScanResult = z.infer<typeof securityScanSchema>;
 export type SecurityScanResponse = z.infer<typeof securityScanResponseSchema>;