Hello,

Do you plan to support Terraform scans with OpenStack in the future ?

Regards

Safety parser relly on a DB of vulnerabilities with CVE infos. This databases is upgraded/modified every month.
This pb is that our unit tests relly on this changing file.

We need to do one of these options:

1. fix the DB file for unit tests
2. remove completely this feature and wait that the CVE info come from the report (I pushed a pull request upstream to have CVE directly in the JSON rep

Current Behavior:

When viewing vulns in the Audit Vulnerabilities tab. the Analysis column appears to contain code (enum?) names, e.g. NOT_SET, FALSE_POSITIVE. This problem also occurs in Policy Violations tab.

Steps to Reproduce:

Open the Audit Vulnerabilities tab.

Expected Behavior:

The Analysis column contains language specific analysis values, e.g. Not Set, False Positive

https://github.com/HXSecurity/DongTai-agent-java/blob/95e0f01f2b0141e1d3671bc005c2b0786e0d5e05/iast-agent/src/main/java/com/secnium/iast/agent/manager/EngineManager.java#L78

I noticed that scanners and hooks use a different approach in their directory structure.
For the scanners there are subdirectories for parser and scanner (if existing) while the source code for the hook resides directly in its root directory.

I think we should introduce a hook directory inside each hook containing its source code to make their structure more clean.

Seeing the below error while installing rush.js. Probably might need a package in the base image. Any help would be appreciated.

#21 516.9 > keytar@7.6.0 install /usr/local/lib/node_modules/@microsoft/rush/node_modules/keytar
#21 516.9 > prebuild-install || npm run build
#21 516.9 
#21 521.6 prebuild-install WARN install No prebuilt binaries found (target=14.16.0 runtime=node arch=arm64