The bundle persistence directory is currently hardcoded to be $WORKDIR/.opa/bundles/<bundle-name>. While users could control the directory by setting the working directory of the OPA process, it would be useful to have a configuration setting for the persistence directory. For the initial implementation, the directory doesn't need to support reconfiguration.

Describe the problem

when executing an inspec profile from a remote repository with a default branch not named master the following error is returned.

inspec exec https://github.com/org/profile.git

Profile git dependency failed - unable to resolve ma

Describe the bug
This resource causes the error WARNING: skipped AWS017 check due to error(s): value is null

And it happens even if I try to explicit skip AWS017 from cli:

tfsec --exclude AWS017
WARNING: skipped AWS017 check due to error(s): value is null

tfs

Do not allow action “*” or resources “*” in an IOT Policy

Example policies are here: https://docs.aws.amazon.com/iot/latest/developerguide/example-iot-policies.html

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-iot-policy.html
https://www.terraform.io/docs/providers/aws/r/iot_policy.html

There are about ~240 URLs and licenses listed at https://directory.fsf.org/wiki?title=Category:License
We should:

1. ensure that we can detect all of them
2. ensure that we can detect their URL
   We should also add as an "other_urls" ech URL to the corresponding license YAML

fsf-license-urls.txt

We should make it easier to install this plugin.

Overview:

Developers may run mage commands against multiple different versions of panther.

The mage logs do not specify the version of panther.

If we have the git commit we can be sure of the command context.

Example:

Specifically I am running integration tests for release testing. I pulled the repo and achieved successful integration test results. Pull resulted in updates to

Description

If an upload created by other user is copied into folder of other user, REST API can not list the upload as it filters the result by user id as well.

How to reproduce

1. From User 1, upload a package in a folder.
2. From Admin user, copy the upload to another folder accessible by User 2.
3. From User 2, query for uploads, query for copied upload, the result will not

The code at

https://github.com/oss-review-toolkit/ort/blob/fd1b62a799523b55871cd04001ddfe1e6262da0f/analyzer/src/main/kotlin/managers/Stack.kt#L113-L140

can be simplified now that Stack 2.3.1 supports ls dependencies json.

Description

Currently add_failure takes the values required to create a failure, creates it then adds it to the Result object's failed_rules
On the other hand add_warning takes a Failure object directly.

Proposed solution

The methods should be updated so that they both have the same behavior (or maybe even just add an add_finding method which takes a type that can be either Failure o