Other security scanning tools (e.g. checkov and tfsec) have a --soft-fail flag or equivalent option that allows you to always exit with 0 status.
Extremely useful when running the tool without halting a pipeline for example.
I currently use a workaround, but something more concrete would be very desira
We currently refactoring unit test in every package of horusec, and we have a lot of code to cover. I'm opening this issue as a report and invite to community to contribute and improve our application. Currently i'm in start package refactor and we have some cases to cover and you can base on #701 to write your code
Update: Since #731 we moved flags constants to package [testutil](https://githu
Seeing the below error while installing rush.js. Probably might need a package in the base image. Any help would be appreciated.
#21 516.9 > keytar@7.6.0 install /usr/local/lib/node_modules/@microsoft/rush/node_modules/keytar
#21 516.9 > prebuild-install || npm run build
#21 516.9
#21 521.6 prebuild-install WARN install No prebuilt binaries found (target=14.16.0 runtime=node arch=arm64
Scan the docker network for open ports and vulnerable services.
Add a description, image, and links to the sast topic page so that developers can more easily learn about it.
To associate your repository with the sast topic, visit your repo's landing page and select "manage topics."
The below is from a conversation on #4754 regarding language values. Created a ticket per @wu-s-john 's suggestion:
What do we think of pretty printing this more like a bulleted list or zshrc autocomplete columns? I suspect it adds too much complexity for the sake of this PR, and I am largely just brainstorming how to make the UX of this CLI feel modern and be easy to read/navigate.
E