From 9481d74c4042d72db297411beef960e2b3761631 Mon Sep 17 00:00:00 2001
From: seqradev <seqradev@gmail.com>
Date: Thu, 15 Jan 2026 08:54:23 +0000
Subject: [PATCH 1/2] feat: Update options with latest enhancements

---
 CHANGELOG.md        | 2 ++
 README.md           | 2 +-
 seqra.gitlab-ci.yml | 2 +-
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f11f7ce..71ead97 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,5 @@
+## v2.1.0
+### feat: Update options with latest enhancements
 ## v2.0.2
 ### fix: Bump version
 ## v2.0.1
diff --git a/README.md b/README.md
index 65c4df6..df48365 100644
--- a/README.md
+++ b/README.md
@@ -41,7 +41,7 @@ seqra-job:
     # Relative path to the root of the analyzed project
     PROJECT_ROOT: "."
     # Tag of seqra release
-    SEQRA_VERSION: "v2.0.2"
+    SEQRA_VERSION: "v2.1.0"
     # Relative path to rules. If set RULES_REPOSITORY not used
     RULES_PATH: ""
     # Scan timeout
diff --git a/seqra.gitlab-ci.yml b/seqra.gitlab-ci.yml
index 124897a..840b2ca 100644
--- a/seqra.gitlab-ci.yml
+++ b/seqra.gitlab-ci.yml
@@ -10,7 +10,7 @@
     # Relative path to the root of the analyzed project
     PROJECT_ROOT: "."
     # Tag of seqra release
-    SEQRA_VERSION: "v2.0.2"
+    SEQRA_VERSION: "v2.1.0"
     # Relative path to rules. If set RULES_REPOSITORY not used
     RULES_PATH: ""
     # Scan timeout

From ea918aa17221030396f289e74e3d31046687926e Mon Sep 17 00:00:00 2001
From: seqradev <seqradev@gmail.com>
Date: Thu, 15 Jan 2026 16:03:25 +0300
Subject: [PATCH 2/2] feat: Add severity and update rules path

---
 README.md           |  6 ++++--
 seqra.gitlab-ci.yml | 18 +++++++++++++-----
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/README.md b/README.md
index df48365..664109e 100644
--- a/README.md
+++ b/README.md
@@ -42,8 +42,10 @@ seqra-job:
     PROJECT_ROOT: "."
     # Tag of seqra release
     SEQRA_VERSION: "v2.1.0"
-    # Relative path to rules. If set RULES_REPOSITORY not used
-    RULES_PATH: ""
+    # Comma-separated paths to rule files or directories (e.g., "rules/custom.yml,rules/extra")
+    RULES_PATH: "builtin"
+    # Comma-separated severity levels to report: note, warning, error
+    SEVERITY: "warning,error"
     # Scan timeout
     TIMEOUT: "15m"
 ```
diff --git a/seqra.gitlab-ci.yml b/seqra.gitlab-ci.yml
index 840b2ca..167018b 100644
--- a/seqra.gitlab-ci.yml
+++ b/seqra.gitlab-ci.yml
@@ -11,8 +11,10 @@
     PROJECT_ROOT: "."
     # Tag of seqra release
     SEQRA_VERSION: "v2.1.0"
-    # Relative path to rules. If set RULES_REPOSITORY not used
-    RULES_PATH: ""
+    # Comma-separated paths to rule files or directories (e.g., "rules/custom.yml,rules/extra")
+    RULES_PATH: "builtin"
+    # Comma-separated severity levels to report: note, warning, error
+    SEVERITY: "warning,error"
     # Scan timeout
     TIMEOUT: "15m"
   script:
@@ -41,9 +43,15 @@
     - |
       cmd="$SEQRA_ARTIFACTS/seqra scan --quiet"
 
-      if [ -n "$RULES_PATH" ]; then
-        cmd="$cmd --ruleset $RULES_PATH"
-      fi
+      IFS=',' read -ra rulesets <<< "$RULES_PATH"
+      for ruleset in "${rulesets[@]}"; do
+        cmd="$cmd --ruleset $ruleset"
+      done
+
+      IFS=',' read -ra severities <<< "$SEVERITY"
+      for severity in "${severities[@]}"; do
+        cmd="$cmd --severity $severity"
+      done
 
       cmd="$cmd --timeout $TIMEOUT"
       cmd="$cmd --output analysis_results/seqra.sarif $SEQRA_ARTIFACTS/project"