jfrog · attiasas · Dec 23, 2025 · Dec 25, 2025 · Dec 25, 2025 · Dec 25, 2025
diff --git a/git_test.go b/git_test.go
@@ -204,6 +204,7 @@ func TestGitAuditViolationsWithIgnoreRule(t *testing.T) {
 }
 
 func TestGitAuditJasViolationsProjectKeySimpleJson(t *testing.T) {
+
 	xrayVersion, xscVersion, testCleanUp := integration.InitGitTest(t, services.MinXrayVersionGitRepoKey)
 	defer testCleanUp()
 
@@ -220,10 +221,12 @@ func TestGitAuditJasViolationsProjectKeySimpleJson(t *testing.T) {
 	// Run the audit command with git repo and verify violations are reported to the platform.
 	createTestProjectRunGitAuditAndValidate(t,
 		filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), "git", "projects", "issues"),
-		gitAuditCommandTestParams{auditCommandTestParams: auditCommandTestParams{Format: format.SimpleJson, ProjectKey: *securityTests.JfrogTestProjectKey}},
+		gitAuditCommandTestParams{auditCommandTestParams: auditCommandTestParams{Format: format.SimpleJson, ProjectKey: *securityTests.JfrogTestProjectKey, WithVuln: true}},
 		xrayVersion, xscVersion, policy.NewFailBuildError().Error(),
 		validations.ValidationParams{
-			Total: &validations.TotalCount{Violations: 12},
+			Total: &validations.TotalCount{Vulnerabilities: 12, Violations: 12},
+			// Validate we have vulnerabilities for each scan type (to make sure if violations are issue when fail or not related and issue from other places before)
+			Vulnerabilities: &validations.VulnerabilityCount{ValidateScan: &validations.ScanCount{Sca: 1, Sast: 1, Secrets: 1}},
 			// Check that we have at least one violation for each scan type. (IAC is not supported yet)
 			Violations: &validations.ViolationCount{ValidateScan: &validations.ScanCount{Sca: 1, Sast: 1, Secrets: 1}},
 		},

diff --git a/jas/analyzermanager.go b/jas/analyzermanager.go
@@ -23,7 +23,7 @@ import (
 const (
 	ApplicabilityFeatureId                    = "contextual_analysis"
 	AnalyzerManagerZipName                    = "analyzerManager.zip"
-	defaultAnalyzerManagerVersion             = "1.27.0"
+	defaultAnalyzerManagerVersion             = "1.29.0"
 	analyzerManagerDownloadPath               = "xsc-gen-exe-analyzer-manager-local/v1"
 	analyzerManagerDirName                    = "analyzerManager"
 	analyzerManagerExecutableName             = "analyzerManager"

diff --git a/utils/results/common.go b/utils/results/common.go
@@ -62,6 +62,11 @@ func ForEachJasIssue(runs []*sarif.Run, entitledForJas bool, handler ParseJasIss
 	}
 	for _, run := range runs {
 		for _, result := range run.Results {
+			if result.Kind == "informational" {
+				// The specified rule was evaluated and produced a purely informational result that does not indicate the presence of a problem
+				log.Verbose(fmt.Sprintf("Skipping informational result with rule id: %s", sarifutils.GetResultRuleId(result)))
+				continue
+			}
 			severity, err := severityutils.ParseSeverity(result.Level, true)
 			if err != nil {
 				return err